bxb100 · April 13, 2024 15:22
diff --git a/Caddyfile b/Caddyfile
 {$dify_host_name} {

 	header {
        # Enable HTTP Strict Transport Security (HSTS) to force clients to always connect via HTTPS
        Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"

        # Prevent some browsers from MIME-sniffing a response away from the declared Content-Type
        X-Content-Type-Options "nosniff"

        # X-Robots-Tag
        X-Robots-Tag "noindex, noarchive, nofollow"

        # Remove Server header
        -Server
  }
 	
 	@api {
 		path /console/api
 		path /api
 		path /v1
 		path /files
 	}

 	handle @api {
 		reverse_proxy :5001 {
 				header_up X-Forwarded-Port {http.request.port}
 				header_up X-Forwarded-Proto {http.request.scheme}
 				header_up X-Real-IP {remote_host}
 		}
 	}

 	handle {
 		# proxy_pass http://web:3000;
 		reverse_proxy :3000 {
 			  header_up X-Forwarded-Port {http.request.port}
 				header_up X-Forwarded-Proto {http.request.scheme}
 				header_up X-Real-IP {remote_host}
 		}
 	}

 }
	{$dify_host_name} {

	header {
	# Enable HTTP Strict Transport Security (HSTS) to force clients to always connect via HTTPS
	Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"

	# Prevent some browsers from MIME-sniffing a response away from the declared Content-Type
	X-Content-Type-Options "nosniff"

	# X-Robots-Tag
	X-Robots-Tag "noindex, noarchive, nofollow"

	# Remove Server header
	-Server
	}

	@api {
	path /console/api
	path /api
	path /v1
	path /files
	}

	handle @api {
	reverse_proxy :5001 {
	header_up X-Forwarded-Port {http.request.port}
	header_up X-Forwarded-Proto {http.request.scheme}
	header_up X-Real-IP {remote_host}
	}
	}

	handle {
	# proxy_pass http://web:3000;
	reverse_proxy :3000 {
	header_up X-Forwarded-Port {http.request.port}
	header_up X-Forwarded-Proto {http.request.scheme}
	header_up X-Real-IP {remote_host}
	}
	}

	}