######################################## # Global options ######################################## { email {$CADDY_ACME_EMAIL} # debug } ######################################## # Sendico site definition ######################################## (sendico_site) { vars static_root /usr/share/pweb encode zstd gzip header { Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" } route { ######################################## # Backend API ######################################## handle /api/v1/* { # Proxy directly to the BFF container on the Docker network. reverse_proxy sendico-bff:8081 { health_uri /api/v1/health health_interval 15s health_timeout 4s health_status 2xx } header Cache-Control "no-cache, no-store, must-revalidate" header Pragma "no-cache" header Expires "0" } # Monetix payout callbacks -> mntx gateway (IP allow-listed) @monetixSuccess { path /gateway/m/success* method POST # remote_ip 88.218.112.16 88.218.112.16/32 88.218.113.16 88.218.113.16/32 93.179.90.141 93.179.90.128/25 93.179.90.161 93.179.91.0/24 178.57.67.47 178.57.66.128/25 178.57.67.154 178.57.67.0/24 178.57.68.244 } handle @monetixSuccess { rewrite * /monetix/callback reverse_proxy sendico_mntx_gateway:8084 header Cache-Control "no-cache, no-store, must-revalidate" } @monetixFail { path /gateway/m/fail* method POST # remote_ip 88.218.112.16 88.218.112.16/32 88.218.113.16 88.218.113.16/32 93.179.90.141 93.179.90.128/25 93.179.90.161 93.179.91.0/24 178.57.67.47 178.57.66.128/25 178.57.67.154 178.57.67.0/24 178.57.68.244 } handle @monetixFail { rewrite * /monetix/callback reverse_proxy sendico_mntx_gateway:8084 header Cache-Control "no-cache, no-store, must-revalidate" } @monetixCallbackPath { path /gateway/m/success* /gateway/m/fail* method POST } handle @monetixCallbackPath { respond "forbidden" 403 } ######################################## # Static assets with tailored caching ######################################## handle /version.json { root * {vars.static_root} file_server header Cache-Control "no-cache, no-store, must-revalidate" header Pragma "no-cache" header Expires "0" } handle /*.main.dart.js { root * {vars.static_root} file_server header Cache-Control "public, max-age=3600" } handle /*.dart.js { root * {vars.static_root} file_server header Cache-Control "public, max-age=3600" } handle /*.js { root * {vars.static_root} file_server header Cache-Control "public, max-age=3600" } handle /assets/*.js { root * {vars.static_root} file_server header Cache-Control "public, max-age=31536000, immutable" } handle /assets/*.css { root * {vars.static_root} file_server header Cache-Control "public, max-age=31536000, immutable" } handle /assets/* { root * {vars.static_root} file_server header Cache-Control "public, max-age=31536000, immutable" } handle /canvaskit/* { root * {vars.static_root} file_server header Cache-Control "public, max-age=86400" } handle /icons/* { root * {vars.static_root} file_server header Cache-Control "public, max-age=86400" } handle /*.html { root * {vars.static_root} file_server header Cache-Control "public, max-age=3600" } handle /*.css { root * {vars.static_root} file_server header Cache-Control "public, max-age=3600" } handle /*.json { root * {vars.static_root} file_server header Cache-Control "public, max-age=3600" } ######################################## # SPA fallback ######################################## handle { root * {vars.static_root} try_files {path} /index.html file_server header Cache-Control "no-cache, no-store, must-revalidate" header Pragma "no-cache" header Expires "0" } } } ######################################## # Main site ######################################## {$SERVICE_HOST} { import sendico_site }