# Multi-domain reverse proxy (TLS terminate on host) # Backend today: container nginx TLS on 8081 { # no global auto-HTTPS email yet; per-site manual certs auto_https disable_redirects } taler.hacktivism.ch { tls /etc/caddy/certs/taler.hacktivism.ch/fullchain.pem /etc/caddy/certs/taler.hacktivism.ch/privkey.pem reverse_proxy https://127.0.0.1:8081 { transport http { tls_insecure_skip_verify } header_up Host {host} header_up X-Forwarded-Host {host} header_up X-Forwarded-Proto {scheme} } }