Webserver setup

How to use caddy2 to serve the frontend UI

This section can also be solved using Apache2 or Nginx. I personally like Caddy2 much so I used it to deploy it. Therefore I will show my config as an example here.

You will need to install it yourself, though. It is kinda easy, I guess.

Caddyfile

My caddy file written to /etc/caddy/Caddyfile looks like this:

dascr.org {
	root * /home/patrick/projects/dascr-board/frontend/build
	encode gzip

	handle /api/* {
		reverse_proxy localhost:8000
	}

	handle /images/* {
		reverse_proxy localhost:8000
	}

	handle /uploads/* {
		reverse_proxy localhost:8000
	}

	handle /ws/* {
		reverse_proxy localhost:8000
	}

	handle {
		try_files {path} {file} /index.html
		file_server
	}

	header {
	# enable HSTS
	Strict-Transport-Security max-age=31536000;

	# disable clients from sniffing the media type
	X-Content-Type-Options nosniff

	# clickjacking protection
	X-Frame-Options DENY

	# keep referrer data off of HTTP connections
	Referrer-Policy no-referrer-when-downgrade
	}

	log {
		output file /var/log/caddy/dascr-board.log {
			roll_size 1gb
			roll_keep 5
			roll_keep_for 720h
		}
	}
}

Running this config you should have the frontend up and running at the domain https://dascr.org.

Basic Auth

If you want to protect your page from beeing used publicly you can also apply basic authentication by generating a user:pass combination like so (‘test’ is the password in this example):

caddy hash-password -plaintext test
JDJhJDE0JGw1Ti43eW8ycW5vVTc1TDZVbDZBc09XVnI2YVJmYkM1VlguV0lHL1RsMkNBejkvLlFBUFFx

You can also completely omit -plaintext ... and will be prompted to insert the password without it landing in the history of the server.

Then you add this configuration bit to the Caddyfile:

basicauth * {
		username JDJhJDE0JGw1Ti43eW8ycW5vVTc1TDZVbDZBc09XVnI2YVJmYkM1VlguV0lHL1RsMkNBejkvLlFBUFFx
	}

What’s next?

  • Development: Wanna contribute? Have ideas? Go ahead!
  • API: Wanna use your own recognition software? Read the API specs.