chore: update .gitignore to include .env.example and enhance deployment documentation with Caddy reverse proxy setup

2025-12-01 15:19:19 +01:00
parent 68c074e9da
commit b120e5df45
7 changed files with 596 additions and 0 deletions
--- a/127
+++ b/127
@@ -0,0 +1,127 @@
+# Caddy-Konfiguration für Hördle
+# Wildcard-Zertifikate für hoerdle.de und hördle.de (xn--hrdle-jua.de)
+
+# DNS-01 Challenge für Wildcard-Zertifikate (GoDaddy)
+# Die DNS-TXT-Records müssen manuell in GoDaddy gesetzt werden (siehe CADDY_SETUP.md)
+
+# Domain 1: hoerdle.de (ASCII)
+*.hoerdle.de, hoerdle.de {
+    # TLS mit DNS-01 Challenge für Wildcard
+    tls {
+        dns godaddy {env.GODADDY_API_KEY} {env.GODADDY_API_SECRET}
+    }
+
+    # Upload-Limit: 50MB (wie in nginx.conf.example)
+    request_body {
+        max_size 50MB
+    }
+
+    # Reverse Proxy zu hoerdle Container
+    reverse_proxy hoerdle:3010 {
+        # HTTP/1.1 für WebSocket Support
+        transport http {
+            versions 1.1
+        }
+
+        # Headers für Audio-Streaming (Range Requests)
+        header_up Range {http.request.header.Range}
+        header_up If-Range {http.request.header.If-Range}
+        
+        # Kein Caching bei Range Requests
+        header_down Cache-Control "no-cache" {
+            when {http.request.header.Range}
+        }
+
+        # Timeouts für große Dateien (300s wie in nginx)
+        timeout 300s
+
+        # WebSocket Support
+        header_up Connection {>Connection}
+        header_up Upgrade {>Upgrade}
+    }
+
+    # Spezielle Behandlung für /uploads/ Route (Audio-Dateien)
+    handle /uploads/* {
+        reverse_proxy hoerdle:3010 {
+            # Range Requests für Audio-Streaming
+            header_up Range {http.request.header.Range}
+            header_up If-Range {http.request.header.If-Range}
+            
+            # Buffering deaktivieren für große Dateien
+            # (Caddy hat kein explizites proxy_buffering, aber Timeouts setzen)
+            timeout 300s
+            
+            # Kein Caching bei Range Requests
+            header_down Cache-Control "no-cache" {
+                when {http.request.header.Range}
+            }
+        }
+    }
+
+    # HTTP zu HTTPS Redirect
+    @http {
+        protocol http
+    }
+    redir @http https://{host}{uri} permanent
+}
+
+# Domain 2: hördle.de (Punycode: xn--hrdle-jua.de)
+*.xn--hrdle-jua.de, xn--hrdle-jua.de {
+    # TLS mit DNS-01 Challenge für Wildcard
+    tls {
+        dns godaddy {env.GODADDY_API_KEY} {env.GODADDY_API_SECRET}
+    }
+
+    # Upload-Limit: 50MB
+    request_body {
+        max_size 50MB
+    }
+
+    # Reverse Proxy zu hoerdle Container
+    reverse_proxy hoerdle:3010 {
+        # HTTP/1.1 für WebSocket Support
+        transport http {
+            versions 1.1
+        }
+
+        # Headers für Audio-Streaming (Range Requests)
+        header_up Range {http.request.header.Range}
+        header_up If-Range {http.request.header.If-Range}
+        
+        # Kein Caching bei Range Requests
+        header_down Cache-Control "no-cache" {
+            when {http.request.header.Range}
+        }
+
+        # Timeouts für große Dateien (300s)
+        timeout 300s
+
+        # WebSocket Support
+        header_up Connection {>Connection}
+        header_up Upgrade {>Upgrade}
+    }
+
+    # Spezielle Behandlung für /uploads/ Route (Audio-Dateien)
+    handle /uploads/* {
+        reverse_proxy hoerdle:3010 {
+            # Range Requests für Audio-Streaming
+            header_up Range {http.request.header.Range}
+            header_up If-Range {http.request.header.If-Range}
+            
+            # Timeouts für große Dateien
+            timeout 300s
+            
+            # Kein Caching bei Range Requests
+            header_down Cache-Control "no-cache" {
+                when {http.request.header.Range}
+            }
+        }
+    }
+
+    # HTTP zu HTTPS Redirect
+    @http {
+        protocol http
+    }
+    redir @http https://{host}{uri} permanent
+}
+