feat(ingress): public distribution.${BASE_DOMAIN} static vhost
Serve a static site at distribution.${BASE_DOMAIN} whose web root lives in
another repo (DISTRIBUTION_WEB_ROOT, bind-mounted read-only into caddy):
- caddy/conf.d/30-distribution.caddy file_server vhost
- docker-compose.distribution.yml mount snippet + external web root
- issue-letsencrypt.sh / .env.example add distribution to LE_SUBDOMAINS
- ulicraft-caddy.conf.tmpl TLS-front block proxying to caddy
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
@@ -17,7 +17,7 @@
|
||||
# OVH_CK OVH consumer key (obtained on first run — see below)
|
||||
# OVH_END_POINT OVH API endpoint (e.g. ovh-eu)
|
||||
# optional:
|
||||
# LE_SUBDOMAINS space-separated (default: "auth pack")
|
||||
# LE_SUBDOMAINS space-separated (default: "auth pack distribution")
|
||||
# LE_STAGING=1 use the LE staging CA (untrusted, for dry runs)
|
||||
#
|
||||
# First-time OVH consumer key: set OVH_AK/OVH_AS/OVH_END_POINT, leave OVH_CK
|
||||
@@ -53,7 +53,7 @@ ACME="${ACME_SH:-$HOME/.acme.sh/acme.sh}"
|
||||
then re-run (or set ACME_SH=/path/to/acme.sh)."
|
||||
|
||||
CERT_DIR="${CERT_DIR:-certs}"
|
||||
read -r -a SUBDOMAINS <<< "${LE_SUBDOMAINS:-auth pack}"
|
||||
read -r -a SUBDOMAINS <<< "${LE_SUBDOMAINS:-auth pack distribution}"
|
||||
|
||||
if [ "${LE_STAGING:-0}" = "1" ]; then
|
||||
SERVER="letsencrypt_test"; warn "STAGING mode — certs will NOT be trusted by browsers"
|
||||
|
||||
Reference in New Issue
Block a user