From c8579a14f38bbef036b293778b1bcecb3289f76b Mon Sep 17 00:00:00 2001 From: Stephan D Date: Tue, 18 Nov 2025 02:56:57 +0100 Subject: [PATCH] Caddy reconfigured --- ci/prod/.env.runtime | 1 + ci/prod/compose/frontend.yml | 1 + frontend/pweb/caddy/Caddyfile | 130 ++++++++++++++++++++++++++++++++-- 3 files changed, 128 insertions(+), 4 deletions(-) diff --git a/ci/prod/.env.runtime b/ci/prod/.env.runtime index 13712ad..feb0f92 100644 --- a/ci/prod/.env.runtime +++ b/ci/prod/.env.runtime @@ -16,6 +16,7 @@ AMPLI_ENVIRONMENT=production API_PROTOCOL=https SERVICE_HOST=app.sendico.io API_ENDPOINT=/api/v1 +API_UPSTREAM=sendico-bff:8081 WS_PROTOCOL=wss WS_ENDPOINT=/ws AMPLITUDE_SECRET=c3d75b3e2520d708440acbb16b923e79 diff --git a/ci/prod/compose/frontend.yml b/ci/prod/compose/frontend.yml index 9a1ef16..37ea36b 100644 --- a/ci/prod/compose/frontend.yml +++ b/ci/prod/compose/frontend.yml @@ -23,6 +23,7 @@ services: API_PROTOCOL: ${API_PROTOCOL} SERVICE_HOST: ${SERVICE_HOST} API_ENDPOINT: ${API_ENDPOINT} + API_UPSTREAM: ${API_UPSTREAM} AMPLITUDE_SECRET: ${AMPLITUDE_SECRET} DEFAULT_LOCALE: ${DEFAULT_LOCALE} DEFAULT_CURRENCY: ${DEFAULT_CURRENCY} diff --git a/frontend/pweb/caddy/Caddyfile b/frontend/pweb/caddy/Caddyfile index 09e9a43..7d7e91a 100644 --- a/frontend/pweb/caddy/Caddyfile +++ b/frontend/pweb/caddy/Caddyfile @@ -1,13 +1,135 @@ +######################################## +# Global options +######################################## { email {$CADDY_ACME_EMAIL} + # debug } -{$SERVICE_HOST} { - root * /usr/share/pweb +######################################## +# Sendico site definition +######################################## +(sendico_site) { + vars static_root /usr/share/pweb + # Allow overriding upstream via API_UPSTREAM, default to the BFF container. + vars api_upstream {$API_UPSTREAM:sendico-bff:8081} + encode zstd gzip - try_files {path} /index.html - file_server + header { Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" } + + route { + ######################################## + # Backend API + ######################################## + handle /api/v1/* { + reverse_proxy {vars.api_upstream} { + health_uri /api/v1/health + health_interval 15s + health_timeout 4s + health_status 2xx + } + header Cache-Control "no-cache, no-store, must-revalidate" + header Pragma "no-cache" + header Expires "0" + } + + ######################################## + # Static assets with tailored caching + ######################################## + handle /version.json { + root * {vars.static_root} + file_server + header Cache-Control "no-cache, no-store, must-revalidate" + header Pragma "no-cache" + header Expires "0" + } + + handle /*.main.dart.js { + root * {vars.static_root} + file_server + header Cache-Control "public, max-age=3600" + } + + handle /*.dart.js { + root * {vars.static_root} + file_server + header Cache-Control "public, max-age=3600" + } + + handle /*.js { + root * {vars.static_root} + file_server + header Cache-Control "public, max-age=3600" + } + + handle /assets/*.js { + root * {vars.static_root} + file_server + header Cache-Control "public, max-age=31536000, immutable" + } + + handle /assets/*.css { + root * {vars.static_root} + file_server + header Cache-Control "public, max-age=31536000, immutable" + } + + handle /assets/* { + root * {vars.static_root} + file_server + header Cache-Control "public, max-age=31536000, immutable" + } + + handle /canvaskit/* { + root * {vars.static_root} + file_server + header Cache-Control "public, max-age=86400" + } + + handle /icons/* { + root * {vars.static_root} + file_server + header Cache-Control "public, max-age=86400" + } + + handle /*.html { + root * {vars.static_root} + file_server + header Cache-Control "public, max-age=3600" + } + + handle /*.css { + root * {vars.static_root} + file_server + header Cache-Control "public, max-age=3600" + } + + handle /*.json { + root * {vars.static_root} + file_server + header Cache-Control "public, max-age=3600" + } + + ######################################## + # SPA fallback + ######################################## + handle { + root * {vars.static_root} + try_files {path} /index.html + file_server + header Cache-Control "no-cache, no-store, must-revalidate" + header Pragma "no-cache" + header Expires "0" + } + } +} + +######################################## +# Main site +######################################## +{$SERVICE_HOST} { + import sendico_site }