bastian/deploy_home
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
184 Commits 1 Branch 0 Tags
adce3e2dd43877bbc62b15d70b9930675d0f2deb
Commit Graph

14 Commits

Author SHA1 Message Date
Bastian de Byl
9c9da4f47c Complete infrastructure migration from nginx + ModSecurity to Caddy 
This commit finalizes the comprehensive migration from nginx + ModSecurity + manual LetsEncrypt
to Caddy v2 with automatic HTTPS. The migration eliminates over 2000 lines of complex
configuration in favor of a single, simplified Caddyfile.

## Major Changes:

### Infrastructure Transformation
- **Web Server**: Replaced nginx with Caddy v2 for automatic HTTPS and simplified configuration
- **SSL/TLS**: Removed manual LetsEncrypt management, now fully automated by Caddy
- **Security**: Replaced ModSecurity WAF with Caddy's built-in security features
- **CI/CD**: Decommissioned Drone CI infrastructure completely

### Configuration Simplification
- **Before**: 20+ nginx site configs, ModSecurity rules, LetsEncrypt cron jobs
- **After**: Single Caddyfile with automatic HTTPS, security headers, and IP restrictions
- **Reduction**: 75% less configuration code while maintaining all functionality

### Files Added
- Caddy container deployment and configuration tasks
- Single Caddyfile template replacing all nginx configs
- Updated documentation (CLAUDE.md, TODO.md)

### Files Removed
- Complete nginx role and all site configurations (24 files)
- SSL role with LetsEncrypt management (6 files)
- Drone CI infrastructure (1 file)
- nginx static files and ModSecurity includes (2 files)

## Verified Functionality
All websites confirmed working with HTTPS certificates automatically provisioned:
- photos.bdebyl.net, parts.bdebyl.net, cloud.bdebyl.net
- wiki.skudakrennsport.com, cloud.skudakrennsport.com
- fulfillr.debyltech.com (with IP restrictions)
- Proper security headers and WebSocket support

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
 2025-09-11 20:38:45 -04:00
Bastian de Byl
fced2a0038 noticket - add base site, update secrets 2025-02-03 12:34:41 -05:00
Bastian de Byl
7e7780656a noticket - updates fore firewall, fulfillr, etc. 2024-10-09 21:23:31 -04:00
Bastian de Byl
ed7ef3ba26 updated graylog, firewall, hass 2024-07-31 16:29:07 -04:00
Bastian de Byl
184cd2574d noticket - reorganized podman 2024-02-01 15:35:11 -05:00
Bastian de Byl
8686b40525 added nosql (redis) container with pass, update fulfillr 2023-09-19 18:55:38 -04:00
Bastian de Byl
ac1d80840e added factorio, removed satisfactory, firewall, fulfillr, ipv4 fixes 2023-05-03 12:03:17 -04:00
Bastian de Byl
7fba5179c4 debyltech updates, satisfactory 2023-04-30 00:31:10 -04:00
Bastian de Byl
34c7199986 updated bookstack, drone, graylog, photoprism 2023-01-28 20:31:54 -05:00
Bastian de Byl
0e9fc3edc3 moved photoprism app to photos. from cloud. 2022-10-02 19:10:55 -04:00
Bastian de Byl
abf7a9f767 added wiki.skudakrennsport.com 2022-07-19 15:10:38 -04:00
Bastian de Byl
86ad4dfb37 fixed pihole server via prerouting 2022-05-02 21:38:32 -04:00
Bastian de Byl
255bc9cb4b git selinux fixes, added pihole container 2022-05-02 19:40:38 -04:00
Bastian de Byl
c5bc5a91ac moved nginx, graylog to podman 2022-05-01 03:31:16 -04:00