From 5b8cb4ba1139c2eada0119c0e46c76bff9bbab50 Mon Sep 17 00:00:00 2001
From: Catherine <whitequark@whitequark.org>
Date: Thu, 9 Oct 2025 14:42:22 +0000
Subject: [PATCH] Clean up Caddyfile, removing Fly.io-isms.

The grebedoc.dev infrastructure is no longer directly tied to
the container built from this repository, so we don't have to
pollute the configuration with Fly.io-isms.
---
 Dockerfile     |  2 +-
 conf/Caddyfile | 76 ++++----------------------------------------------
 2 files changed, 6 insertions(+), 72 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index df15ce6..4077108 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -38,7 +38,7 @@ COPY conf/Caddyfile /app/Caddyfile
 COPY conf/config.example.toml /app/config.toml
 
 # Caddy ports:
-EXPOSE 80/tcp 443/tcp 443/udp 2019/tcp
+EXPOSE 80/tcp 443/tcp 443/udp
 # git-pages ports:
 EXPOSE 3000/tcp 3001/tcp 3002/tcp
 
diff --git a/conf/Caddyfile b/conf/Caddyfile
index 4f94eff..eb72323 100644
--- a/conf/Caddyfile
+++ b/conf/Caddyfile
@@ -1,13 +1,3 @@
-(proxy) {
-	listener_wrappers {
-		proxy_protocol {
-			timeout 1s
-			allow {$ALLOW_PROXY}
-		}
-		tls
-	}
-}
-
 {
 	storage s3 {
 		host "{env.PAGES_STORAGE_S3_ENDPOINT}"
@@ -21,17 +11,6 @@
 
 	persist_config off
 
-	log {
-		output stderr
-		level WARN
-		exclude admin http.auto_https
-		format console {
-			time_key ""
-		}
-	}
-
-	metrics
-
 	email {env.ACME_EMAIL}
 
 	auto_https disable_redirects
@@ -39,63 +18,18 @@
 	on_demand_tls {
 		permission http http://localhost:3001
 	}
-
-	servers :80 {
-		name http
-		protocols h1 h2c
-		import proxy
-	}
-
-	servers :443 {
-		name https
-		protocols h1 h2
-		import proxy
-	}
-
-	servers {$UDP_BIND_TO:0.0.0.0}:443 {
-		name http3
-		protocols h3
-	}
-
-	servers :2019 {
-		name metrics
-		protocols h1
-	}
 }
 
-(backend) {
+https://, http:// {
 	tls {
 		on_demand
 	}
 
-	@h2c `{env.PAGES_FEATURES}.matches(r"\bserve-h2c\b")`
-	reverse_proxy @h2c h2c://{$GIT_PAGES_ADDRESS:localhost}:3000
-	reverse_proxy http://{$GIT_PAGES_ADDRESS:localhost}:3000
+	# initial PUT/POST for a new domain has to happen over HTTP
+	@upgrade `method('GET') && protocol('http')`
+	redir @upgrade https://{host}{uri} 301
 
+	reverse_proxy http://localhost:3000
 	header Alt-Svc `h3=":443"; persist=1, h2=":443"; persist=1`
 	encode
 }
-
-http:// {
-	# initial PUT/POST for a new domain has to happen over HTTP;
-	# health check also has to reach the backend over HTTP
-	@upgrade `method('GET') && !header({'Health-Check': '*'})`
-	redir @upgrade https://{host}{uri} 301
-
-	import backend
-}
-
-https:// {
-	import backend
-}
-
-https:// {
-	# Fly.io requires UDP sockets to be bound to a different IP
-	bind {$UDP_BIND_TO:0.0.0.0}
-
-	import backend
-}
-
-http://:2019 {
-	metrics
-}