fix: WireGuard routing, DNS, service access, and UI improvements

- Fix CoreDNS not loading .cell zones (wrong Corefile path, now uses -conf flag) - Fix WireGuard server address conflict (172.20.0.1/16 overlapped with Docker network; changed to 10.0.0.1/24 to eliminate duplicate routes) - Add SERVERMODE=true and sysctls to WireGuard docker-compose for server mode - Fix DNS zone file parser to handle 4-field records (name IN type value) - Add get_dns_records() to NetworkManager; mount data/dns into API container - Fix peer config endpoint: look up IP/key from registry, use real endpoint - Add bulk peer statuses endpoint keyed by public_key - Normalize snake_case API fields to camelCase in WireGuard UI - Add port check endpoint (checks via live handshake, not unreliable TCP probe) - Add Caddy virtual hosts for ui/calendar/files/mail .cell domains (HTTP only) - Fix cell config domain default from cell.local to cell - Fix Routing Network Config tab (was calling hardcoded localhost:3000) - Fix DNS records display (record.value not record.ip) - Move service access guide to top of Dashboard with login hints - Add /api/routing/setup endpoint Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-20 12:43:23 -04:00
parent bd67764bf4
commit e79ee08c63
14 changed files with 422 additions and 306 deletions
@@ -1,92 +1,49 @@
-# Personal Internet Cell - Caddy Configuration
-# This serves as the main reverse proxy and TLS termination point
-
-# Global settings
 {
-    # Auto-generate certificates for .cell domains
-    auto_https disable_redirects
+    auto_https off
 }

-# Main cell domain - replace 'mycell' with your cell name
-mycell.cell {
-    # TLS with internal CA
-    tls internal
-
-    # API endpoints
+# Main cell domain
+http://mycell.cell {
    handle /api/* {
        reverse_proxy cell-api:3000
    }
-
-    # Web UI
-    handle / {
-        reverse_proxy cell-webui:80
-    }
-
-    # Email web interface
-    handle /mail {
-        reverse_proxy cell-mail:80
-    }
-
-    # Calendar and contacts
-    handle /calendar {
+    handle /calendar* {
        reverse_proxy cell-radicale:5232
    }
-
-    # File storage
-    handle /files {
-        reverse_proxy cell-webdav:80
-    }
-
-    # DNS management interface
-    handle /dns {
-        reverse_proxy cell-dns:8080
-    }
-
-    # RainLoop Webmail
-    handle_path /webmail/* {
-        reverse_proxy cell-rainloop:8888
-    }
-
-    # FileGator File Browser
-    handle /files-ui* {
+    handle /files* {
        reverse_proxy cell-filegator:8080
    }
+    handle /webmail* {
+        reverse_proxy cell-rainloop:8888
+    }
+    handle {
+        reverse_proxy cell-webui:80
+    }
 }

-# Peer cell domains (will be dynamically added)
-# Example: bob.cell {
-#     reverse_proxy cell-wireguard:51820
-# }
+# Service aliases
+http://ui.cell {
+    reverse_proxy cell-webui:80
+}

-# Local development
-localhost {
-    # API endpoints
+http://calendar.cell {
+    reverse_proxy cell-radicale:5232
+}
+
+http://files.cell {
+    reverse_proxy cell-filegator:8080
+}
+
+http://mail.cell {
+    reverse_proxy cell-rainloop:8888
+}
+
+# Catch-all for direct IP and localhost access
+:80 {
    handle /api/* {
        reverse_proxy cell-api:3000
    }
-
-    # Web UI
-    handle / {
+    handle {
        reverse_proxy cell-webui:80
    }
-
-    # Email web interface
-    handle /mail {
-        reverse_proxy cell-mail:80
-    }
-
-    # Calendar and contacts
-    handle /calendar {
-        reverse_proxy cell-radicale:5232
-    }
-
-    # File storage
-    handle /files {
-        reverse_proxy cell-webdav:80
-    }
-
-    # DNS management interface
-    handle /dns {
-        reverse_proxy cell-dns:8080
-    }
-} 
+}