NetBirdMSP-Appliance/templates/Caddyfile.j2

{
	auto_https off
}

:80 {
	# Embedded IdP OAuth2/OIDC endpoints
	handle /oauth2/* {
		reverse_proxy netbird-{{ subdomain }}-management:80
	}

	# NetBird Management API + gRPC
	handle /api/* {
		reverse_proxy netbird-{{ subdomain }}-management:80
	}
	handle /management.ManagementService/* {
		reverse_proxy netbird-{{ subdomain }}-management:80 {
			transport http {
				versions h2c
			}
		}
	}

	# NetBird Signal gRPC
	handle /signalexchange.SignalExchange/* {
		reverse_proxy netbird-{{ subdomain }}-signal:80 {
			transport http {
				versions h2c
			}
		}
	}

	# NetBird Relay WebSocket (rels://)
	handle /relay* {
		reverse_proxy netbird-{{ subdomain }}-relay:80
	}

	# Default: NetBird Dashboard
	handle {
		reverse_proxy netbird-{{ subdomain }}-dashboard:80
	}
}