+2 -3

Dockerfile

··· 35 RUN mkdir /app/data 36 COPY conf/supervisord.conf /app/supervisord.conf 37 COPY conf/Caddyfile /app/Caddyfile 38 - RUN caddy adapt -c Caddyfile -p >/app/caddy.json 39 COPY conf/config.toml.example /app/config.toml 40 41 # Caddy ports: 42 - EXPOSE 80 443 2019 43 # git-pages ports: 44 - EXPOSE 3000 3001 3002 45 46 # While the default command is to run git-pages standalone, the intended configuration 47 # is to use it with Caddy and store both site data and credentials to an S3-compatible

··· 35 RUN mkdir /app/data 36 COPY conf/supervisord.conf /app/supervisord.conf 37 COPY conf/Caddyfile /app/Caddyfile 0 38 COPY conf/config.toml.example /app/config.toml 39 40 # Caddy ports: 41 + EXPOSE 80/tcp 443/tcp 443/udp 2019/tcp 42 # git-pages ports: 43 + EXPOSE 3000/tcp 3001/tcp 3002/tcp 44 45 # While the default command is to run git-pages standalone, the intended configuration 46 # is to use it with Caddy and store both site data and credentials to an S3-compatible

+22 -8

conf/Caddyfile

··· 40 protocols h1 h2 41 } 42 0 0 0 0 0 43 servers :2002 { 44 name health 45 protocols h1 46 } 47 } 48 49 - (backend_pages) { 0 0 0 0 50 @h2c `{env.FEATURES}.matches(r"\bh2c\b")` 51 reverse_proxy @h2c h2c://{$GIT_PAGES_ADDRESS:localhost}:3000 52 reverse_proxy http://{$GIT_PAGES_ADDRESS:localhost}:3000 0 0 0 53 } 54 55 http:// { 0 56 @get method GET 57 redir @get https://{host}{uri} 301 58 59 - # initial PUT/POST for a new domain has to happen over HTTP 60 - import backend_pages 61 } 62 63 https:// { 64 - tls { 65 - on_demand 66 - } 0 0 0 67 68 - encode 69 - import backend_pages 70 } 71 72 http://localhost:2002 {

··· 40 protocols h1 h2 41 } 42 43 + servers {$UDP_BIND_TO:0.0.0.0}:443 { 44 + name http3 45 + protocols h3 46 + } 47 + 48 servers :2002 { 49 name health 50 protocols h1 51 } 52 } 53 54 + (backend) { 55 + tls { 56 + on_demand 57 + } 58 + 59 @h2c `{env.FEATURES}.matches(r"\bh2c\b")` 60 reverse_proxy @h2c h2c://{$GIT_PAGES_ADDRESS:localhost}:3000 61 reverse_proxy http://{$GIT_PAGES_ADDRESS:localhost}:3000 62 + 63 + header Alt-Svc `h3=":443"; persist=1, h2=":443"; persist=1` 64 + encode 65 } 66 67 http:// { 68 + # initial PUT/POST for a new domain has to happen over HTTP 69 @get method GET 70 redir @get https://{host}{uri} 301 71 72 + import backend 0 73 } 74 75 https:// { 76 + import backend 77 + } 78 + 79 + https:// { 80 + # Fly.io requires UDP sockets to be bound to a different IP 81 + bind {$UDP_BIND_TO:0.0.0.0} 82 83 + import backend 0 84 } 85 86 http://localhost:2002 {

+1 -1

conf/supervisord.conf

··· 12 command = /bin/git-pages 13 14 [program:caddy] 15 - command = /bin/caddy run -c caddy.json 16 depends_on = pages

··· 12 command = /bin/git-pages 13 14 [program:caddy] 15 + command = /bin/caddy run 16 depends_on = pages

+9

fly.toml

··· 17 memory = 512 18 19 [env] 0 20 AUTOMEMLIMIT = "0.25" 21 22 [[files]] ··· 33 [[services]] 34 internal_port = 443 35 protocol = "tcp" 0 0 0 0 0 0 0 0 36 ports = [{ port = 443 }] 37 auto_stop_machines = "stop" 38 auto_start_machines = true

··· 17 memory = 512 18 19 [env] 20 + UDP_BIND_TO = "fly-global-services" 21 AUTOMEMLIMIT = "0.25" 22 23 [[files]] ··· 34 [[services]] 35 internal_port = 443 36 protocol = "tcp" 37 + ports = [{ port = 443 }] 38 + auto_stop_machines = "stop" 39 + auto_start_machines = true 40 + 41 + # NB: Fly.io does not support UDP on public IPv6 42 + [[services]] 43 + internal_port = 443 44 + protocol = "udp" 45 ports = [{ port = 443 }] 46 auto_stop_machines = "stop" 47 auto_start_machines = true