Skip to content

Commit b9c46d2

Browse files
QuLogicQuLogic
committed
Split webhook into a separate domain
And thus drop the mirroring of the main site to the webhook domain and vice versa. Fixes #10
1 parent 5a5fbd8 commit b9c46d2

File tree

2 files changed

+33
-24
lines changed

2 files changed

+33
-24
lines changed

matplotlib.org.yml

+3-1
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,9 @@
22
- hosts: website
33
vars:
44
caddy:
5-
address: "https://do.matplotlib.org, https://matplotlib.org"
5+
addresses:
6+
main: "https://matplotlib.org"
7+
webhook: "https://do.matplotlib.org"
68
site_dir: "/usr/share/caddy"
79
tls_config: "tls /etc/caddy/tls/cert.pem /etc/caddy/tls/privkey.pem"
810
repos:

templates/Caddyfile.j2

+30-23
Original file line numberDiff line numberDiff line change
@@ -12,40 +12,47 @@
1212
}
1313
}
1414

15-
{{ caddy.address }} {
15+
# Setup webhooks
16+
{{ caddy.addresses.webhook }} {
1617
{% if caddy.tls_config is defined %}
1718
{{ caddy.tls_config }}
1819
{% endif %}
1920

2021
root * {{ caddy.site_dir }}
2122

22-
# Setup a webhook
23-
handle /gh/* {
24-
# https://docs.github.com/en/developers/webhooks-and-events/webhooks/webhook-events-and-payloads#delivery-headers
25-
@valid_webhook {
26-
method POST
27-
header Content-Type application/json
28-
header User-Agent GitHub-Hookshot/*
29-
header X-GitHub-Event ping
30-
header X-GitHub-Event push
31-
header X-GitHub-Delivery *
32-
header X-Hub-Signature-256 *
33-
}
23+
# https://docs.github.com/en/developers/webhooks-and-events/webhooks/webhook-events-and-payloads#delivery-headers
24+
@valid_webhook {
25+
path /gh/*
26+
method POST
27+
header Content-Type application/json
28+
header User-Agent GitHub-Hookshot/*
29+
header X-GitHub-Event ping
30+
header X-GitHub-Event push
31+
header X-GitHub-Delivery *
32+
header X-Hub-Signature-256 *
33+
}
3434

35-
handle @valid_webhook {
36-
reverse_proxy * localhost:1234 {
37-
# Don't leak out internal problems.
38-
@error status 4xx 5xx
39-
handle_response @error {
40-
error 400
41-
}
35+
handle @valid_webhook {
36+
reverse_proxy * localhost:1234 {
37+
# Don't leak out internal problems.
38+
@error status 4xx 5xx
39+
handle_response @error {
40+
error 400
4241
}
4342
}
43+
}
4444

45-
handle {
46-
error 400
47-
}
45+
handle {
46+
error 404
4847
}
48+
}
49+
50+
{{ caddy.addresses.main }} {
51+
{% if caddy.tls_config is defined %}
52+
{{ caddy.tls_config }}
53+
{% endif %}
54+
55+
root * {{ caddy.site_dir }}
4956

5057
{% for site in repos %}
5158
import subproject {{ site }}

0 commit comments

Comments
 (0)