From 1a7b5adf8484ec0f2b6feb350b578142e186ab26 Mon Sep 17 00:00:00 2001 From: yyamashita Date: Thu, 2 Jul 2026 23:08:58 +0900 Subject: Move forward proxy from Squid to Caddy (port 80/443) Replace standalone Squid container with caddy-forwardproxy plugin so the proxy shares Caddy's existing ports and TLS. HTTP on :80 and HTTPS on :443. Auth is read from the same vpn/users.conf at Caddy startup via entrypoint.sh. DNS: add proxy to setup-route53.py WEB_SUBDOMAINS. Co-Authored-By: Claude Sonnet 4.6 --- proxy/renew-cert.sh | 22 ---------------------- 1 file changed, 22 deletions(-) delete mode 100644 proxy/renew-cert.sh (limited to 'proxy/renew-cert.sh') diff --git a/proxy/renew-cert.sh b/proxy/renew-cert.sh deleted file mode 100644 index 8924d9b..0000000 --- a/proxy/renew-cert.sh +++ /dev/null @@ -1,22 +0,0 @@ -#!/usr/bin/env bash -set -euo pipefail -cd "$(dirname "$0")" - -DOMAIN="proxy.yyamashita.com" -CADDY_DIR="/app/infra/caddy" -CADDY_CERT_BASE="/data/caddy/certificates/acme-v02.api.letsencrypt.org-directory/${DOMAIN}/${DOMAIN}" - -echo "証明書を更新中..." -mkdir -p certs - -if ! docker compose -f "$CADDY_DIR/docker-compose.yml" exec -T caddy \ - cat "${CADDY_CERT_BASE}.crt" > certs/server.crt; then - echo "Error: 証明書の取得に失敗しました。Caddyfile に ${DOMAIN} が設定されているか確認してください。" - exit 1 -fi -docker compose -f "$CADDY_DIR/docker-compose.yml" exec -T caddy \ - cat "${CADDY_CERT_BASE}.key" > certs/server.key -chmod 600 certs/server.key - -echo "証明書を更新しました。" -bash "$(pwd)/deploy.sh" -- cgit v1.2.3