meldestelle/config/docker/caddy/web-app/Caddyfile

:4000 {
    # Root directory for static files
    root * /usr/share/caddy

    # Enable Gzip/Zstd compression
    encode gzip zstd

    # Serve static files
    file_server

    # Templates for runtime configuration (config.json)
    templates {
        mime application/json
    }

    # SPA Routing: Fallback to index.html for non-existent files
    try_files {path} /index.html

    # Cache Control for static assets (immutable)
    @static {
        file
        path *.js *.css *.png *.jpg *.svg *.wasm
    }
    header @static Cache-Control "public, max-age=31536000, immutable"

    # Security Headers (Future Proofing for Wasm)
    header {
        # Cross-Origin Isolation for SharedArrayBuffer (required for some Wasm features)
        Cross-Origin-Opener-Policy "same-origin"
        Cross-Origin-Embedder-Policy "require-corp"

        # Standard Security Headers
        X-Content-Type-Options "nosniff"
        X-Frame-Options "DENY"
    }

    # Health Check
    handle /health {
        respond "healthy" 200
    }
}