From d96294d88a3d7db85f9bd695e32e07b4f45b0262 Mon Sep 17 00:00:00 2001 From: blockchainluffy Date: Thu, 12 Feb 2026 11:19:22 +0530 Subject: [PATCH 1/2] chore: new compose for redirect rules --- docker-compose.rate_limit.yaml | 37 ------------------------ docker-compose.redirect.yaml | 52 ++++++++++++++++++++++++++++++++++ 2 files changed, 52 insertions(+), 37 deletions(-) create mode 100644 docker-compose.redirect.yaml diff --git a/docker-compose.rate_limit.yaml b/docker-compose.rate_limit.yaml index 1acb935..625e62e 100644 --- a/docker-compose.rate_limit.yaml +++ b/docker-compose.rate_limit.yaml @@ -36,43 +36,6 @@ services: caddy.handle.handle_1: "@noApiKey" caddy.handle.handle_1.respond: "`{\"result\": \"unauthenticated\"}`" - ## Redirects from old endpoints to new ones (308 Permanent Redirect - preserves HTTP method and request body): - # /api/register_event_identity -> /api/event/register_identity - caddy.@redirect_register_event_identity.path: "/api/register_event_identity*" - caddy.@redirect_register_event_identity.method: POST - caddy.redir_0: "@redirect_register_event_identity /api/event/register_identity 308" - - # /api/register_identity -> /api/time/register_identity - caddy.@redirect_register_identity.path: "/api/register_identity*" - caddy.@redirect_register_identity.method: POST - caddy.redir_1: "@redirect_register_identity /api/time/register_identity 308" - - # /api/get_data_for_encryption -> /api/time/get_data_for_encryption - # Note: This redirects to time-based by default. - caddy.@redirect_get_data_for_encryption.path: "/api/get_data_for_encryption*" - caddy.@redirect_get_data_for_encryption.method: GET - caddy.redir_2: "@redirect_get_data_for_encryption /api/time/get_data_for_encryption?{query} 308" - - # /api/compile_event_trigger_definition -> /api/event/compile_trigger_definition - caddy.@redirect_compile_event_trigger_definition.path: "/api/compile_event_trigger_definition*" - caddy.@redirect_compile_event_trigger_definition.method: POST - caddy.redir_3: "@redirect_compile_event_trigger_definition /api/event/compile_trigger_definition 308" - - # /api/get_decryption_key -> /api/time/get_decryption_key - caddy.@redirect_get_decryption_key.path: "/api/get_decryption_key*" - caddy.@redirect_get_decryption_key.method: GET - caddy.redir_4: "@redirect_get_decryption_key /api/time/get_decryption_key?{query} 308" - - # /api/get_event_trigger_expiration_block -> /api/event/get_trigger_expiration_block - caddy.@redirect_get_event_trigger_expiration_block.path: "/api/get_event_trigger_expiration_block*" - caddy.@redirect_get_event_trigger_expiration_block.method: GET - caddy.redir_5: "@redirect_get_event_trigger_expiration_block /api/event/get_trigger_expiration_block?{query} 308" - - # /api/get_event_decryption_key -> /api/event/get_decryption_key - caddy.@redirect_get_event_decryption_key.path: "/api/get_event_decryption_key*" - caddy.@redirect_get_event_decryption_key.method: GET - caddy.redir_6: "@redirect_get_event_decryption_key /api/event/get_decryption_key?{query} 308" - ## Rate limiting: # Make sure to mount compiled 'apikeys' file to this path in caddy container: caddy.import: /etc/caddy/apikeys diff --git a/docker-compose.redirect.yaml b/docker-compose.redirect.yaml new file mode 100644 index 0000000..fb999fd --- /dev/null +++ b/docker-compose.redirect.yaml @@ -0,0 +1,52 @@ +### Docker Compose overrides for redirects (old API endpoints → new ones) +# +# Usage: +# Add the override via `-f docker-compose.redirect.yaml`, e.g.: +# ``` +# docker compose -f docker-compose.yml -f docker-compose.redirect.yaml up -d +# ``` +# +# Use together with rate limiting if needed: +# ``` +# docker compose -f docker-compose.yml -f docker-compose.redirect.yaml -f docker-compose.rate_limit.yaml up -d +# ``` + +services: + shutter-api: + labels: + ## Redirects from old endpoints to new ones (308 Permanent Redirect - preserves HTTP method and request body): + # /api/register_event_identity -> /api/event/register_identity + caddy.@redirect_register_event_identity.path: "/api/register_event_identity*" + caddy.@redirect_register_event_identity.method: POST + caddy.redir_0: "@redirect_register_event_identity /api/event/register_identity 308" + + # /api/register_identity -> /api/time/register_identity + caddy.@redirect_register_identity.path: "/api/register_identity*" + caddy.@redirect_register_identity.method: POST + caddy.redir_1: "@redirect_register_identity /api/time/register_identity 308" + + # /api/get_data_for_encryption -> /api/time/get_data_for_encryption + # Note: This redirects to time-based by default. + caddy.@redirect_get_data_for_encryption.path: "/api/get_data_for_encryption*" + caddy.@redirect_get_data_for_encryption.method: GET + caddy.redir_2: "@redirect_get_data_for_encryption /api/time/get_data_for_encryption?{query} 308" + + # /api/compile_event_trigger_definition -> /api/event/compile_trigger_definition + caddy.@redirect_compile_event_trigger_definition.path: "/api/compile_event_trigger_definition*" + caddy.@redirect_compile_event_trigger_definition.method: POST + caddy.redir_3: "@redirect_compile_event_trigger_definition /api/event/compile_trigger_definition 308" + + # /api/get_decryption_key -> /api/time/get_decryption_key + caddy.@redirect_get_decryption_key.path: "/api/get_decryption_key*" + caddy.@redirect_get_decryption_key.method: GET + caddy.redir_4: "@redirect_get_decryption_key /api/time/get_decryption_key?{query} 308" + + # /api/get_event_trigger_expiration_block -> /api/event/get_trigger_expiration_block + caddy.@redirect_get_event_trigger_expiration_block.path: "/api/get_event_trigger_expiration_block*" + caddy.@redirect_get_event_trigger_expiration_block.method: GET + caddy.redir_5: "@redirect_get_event_trigger_expiration_block /api/event/get_trigger_expiration_block?{query} 308" + + # /api/get_event_decryption_key -> /api/event/get_decryption_key + caddy.@redirect_get_event_decryption_key.path: "/api/get_event_decryption_key*" + caddy.@redirect_get_event_decryption_key.method: GET + caddy.redir_6: "@redirect_get_event_decryption_key /api/event/get_decryption_key?{query} 308" From ef2e0226da5885551012c798ece5801c82f43bb3 Mon Sep 17 00:00:00 2001 From: blockchainluffy Date: Thu, 12 Feb 2026 11:42:01 +0530 Subject: [PATCH 2/2] chore: update redirect compose file to include caddy server --- docker-compose.redirect.yaml | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/docker-compose.redirect.yaml b/docker-compose.redirect.yaml index fb999fd..5422ee1 100644 --- a/docker-compose.redirect.yaml +++ b/docker-compose.redirect.yaml @@ -50,3 +50,13 @@ services: caddy.@redirect_get_event_decryption_key.path: "/api/get_event_decryption_key*" caddy.@redirect_get_event_decryption_key.method: GET caddy.redir_6: "@redirect_get_event_decryption_key /api/event/get_decryption_key?{query} 308" + + caddy: + build: + context: . + dockerfile: caddy/Dockerfile + image: caddy-docker-proxy-rate-limit + volumes: + - ${DATA_DIR:-./data}/apikeys.caddy:/etc/caddy/apikeys + entrypoint: /usr/bin/caddy + command: docker-proxy run