gitea-migration

privacy-in-design/gitea-migration

Fork 0

Commit Graph

Author	SHA1	Message	Date
S	01f11df417	fix: wire CADDY_DOMAIN into Caddyfile template for wildcard cert CADDY_DOMAIN was required/validated/prompted but never used — the Caddyfile only referenced GITEA_DOMAIN, producing a single-domain cert. Now the template uses *.CADDY_DOMAIN as the site address (wildcard cert) with a host matcher routing GITEA_DOMAIN to Gitea. This means the cert covers all subdomains under the base domain. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-01 12:18:53 -05:00
S	0555c8d8e9	feat: add Caddyfile template for reverse proxy Template uses TLS_BLOCK placeholder that phase8 populates based on TLS_MODE: cloudflare (DNS-01 wildcard via Cloudflare API) or existing (manual cert/key paths). Reverse proxies to Gitea container on its macvlan IP. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-01 10:26:53 -05:00

Author

SHA1

Message

Date

01f11df417

fix: wire CADDY_DOMAIN into Caddyfile template for wildcard cert

CADDY_DOMAIN was required/validated/prompted but never used — the
Caddyfile only referenced GITEA_DOMAIN, producing a single-domain
cert. Now the template uses *.CADDY_DOMAIN as the site address
(wildcard cert) with a host matcher routing GITEA_DOMAIN to Gitea.
This means the cert covers all subdomains under the base domain.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

2026-03-01 12:18:53 -05:00

0555c8d8e9

feat: add Caddyfile template for reverse proxy

Template uses TLS_BLOCK placeholder that phase8 populates based on
TLS_MODE: cloudflare (DNS-01 wildcard via Cloudflare API) or
existing (manual cert/key paths). Reverse proxies to Gitea container
on its macvlan IP.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

2026-03-01 10:26:53 -05:00

2 Commits