netmaker/docker/Caddyfile

# Dashboard
https://dashboard.{$NM_DOMAIN} {
	# Apply basic security headers
	header {
		# Enable cross origin access to *.{$NM_DOMAIN}
		Access-Control-Allow-Origin *.{$NM_DOMAIN}
		# Enable HTTP Strict Transport Security (HSTS)
		Strict-Transport-Security "max-age=31536000;"
		# Enable cross-site filter (XSS) and tell browser to block detected attacks
		X-XSS-Protection "1; mode=block"
		# Disallow the site to be rendered within a frame on a foreign domain (clickjacking protection)
		X-Frame-Options "SAMEORIGIN"
		# Prevent search engines from indexing
		X-Robots-Tag "none"
		# Remove the server name
		-Server
	}

	reverse_proxy http://netmaker-ui
}

# API
https://api.{$NM_DOMAIN} {
	reverse_proxy http://netmaker:8081
}

# MQ
broker.{$NM_DOMAIN} {
	@ws {
			header Connection *Upgrade*
			header Upgrade websocket
		}
	reverse_proxy @ws mq:8883   # For EMQX websockets use `reverse_proxy @ws mq:8083`
}