commit cc43cd67df8232516dc006f195630c6a8a821ad3
Author: Andreas Knuth <andreas.knuth@gmail.com>
Date:   Wed Apr 8 17:40:01 2026 -0500

    init

diff --git a/Caddyfile b/Caddyfile
new file mode 100644
index 0000000..7c8980a
--- /dev/null
+++ b/Caddyfile
@@ -0,0 +1,276 @@
+{
+    email {env.CLOUDFLARE_EMAIL}
+    acme_dns cloudflare {env.CLOUDFLARE_API_TOKEN}
+    acme_ca https://acme-v02.api.letsencrypt.org/directory
+    debug
+}
+##############
+##### BIZMATCH
+##############
+www.bizmatch.net {
+  handle /pictures/* {
+    root * /home/aknuth/git/bizmatch-project/bizmatch-server  # Prod-Ordner
+    file_server
+  }
+  # Statische Dateien (CSS, JS, Bilder) – lange cachen, da sich der Name bei Änderungen ändert
+  header /assets/* Cache-Control "public, max-age=31536000, immutable"
+  header /*.css Cache-Control "public, max-age=31536000, immutable"
+  header /*.js Cache-Control "public, max-age=31536000, immutable"
+
+  # Die index.html und API-Antworten – NIEMALS cachen
+  header /index.html Cache-Control "no-cache, no-store, must-revalidate"  
+  
+  #handle {
+  #  root * /home/aknuth/git/bizmatch-project-prod/bizmatch/dist/bizmatch/browser  # Neuer Prod-Dist-Ordner
+  #  try_files {path} {path}/ /index.html
+  #  file_server
+  #}
+  handle {
+    reverse_proxy host.docker.internal:4200
+  }
+  log {
+    output file /var/log/caddy/access.prod.log  # Separate Logs
+  }
+  encode gzip zstd
+}
+bizmatch.net {
+  redir https://www.bizmatch.net{uri} permanent
+  import email_settings
+}
+auth.bizmatch.net {
+        reverse_proxy https://bizmatch-net.firebaseapp.com {
+            header_up Host bizmatch-net.firebaseapp.com
+            header_up X-Forwarded-For {remote_host}
+            header_up X-Forwarded-Proto {scheme}
+            header_up X-Real-IP {remote_host}
+        }
+}
+gitea.bizmatch.net {
+    reverse_proxy gitea:3500
+}
+
+dev.bizmatch.net {
+  handle /pictures/* {
+    root * /home/aknuth/git/bizmatch-project/bizmatch-server
+    file_server
+  }
+
+  handle {
+    root * /home/aknuth/git/bizmatch-project/bizmatch/dist/bizmatch/browser
+    try_files {path} {path}/ /index.html
+    file_server
+  }
+  
+  log {
+    output file /var/log/caddy/access.log {
+      roll_size 10MB
+      roll_keep 5
+      roll_keep_for 48h
+    }
+  }
+
+  encode gzip 
+
+}
+
+
+api.bizmatch.net {
+  reverse_proxy host.docker.internal:3001 {  # Neu: Proxy auf Prod-Port 3001
+    header_up X-Real-IP {http.request.header.CF-Connecting-IP}
+    header_up X-Forwarded-For {http.request.header.CF-Connecting-IP}
+    header_up X-Forwarded-Proto {http.request.header.X-Forwarded-Proto}
+    header_up CF-IPCountry {http.request.header.CF-IPCountry}
+  }
+}
+mailsync.bizmatch.net {
+  reverse_proxy host.docker.internal:5000 {
+    header_up X-Real-IP {http.request.header.CF-Connecting-IP}
+    header_up X-Forwarded-For {http.request.header.CF-Connecting-IP}
+    header_up X-Forwarded-Proto {http.request.header.X-Forwarded-Proto}
+    header_up CF-IPCountry {http.request.header.CF-IPCountry}
+  }
+}
+##############
+##### QRMASTER
+##############
+www.qrmaster.net {
+    handle {
+        reverse_proxy host.docker.internal:3050
+    }
+    log {
+        output file /var/log/caddy/qrmaster.log
+        format console
+    }
+    encode gzip
+}
+qrmaster.net {
+  redir https://www.qrmaster.net{uri} permanent
+}
+##############
+##### INNUNGSAPP
+##############
+www.innungsapp.com {
+    handle {
+        reverse_proxy host.docker.internal:3010
+    }
+    log {
+        output file /var/log/caddy/innungsapp.log
+        format console
+    }
+    encode gzip
+}
+innungsapp.com {
+  redir https://www.innungsapp.com{uri} permanent
+}
+##############
+##### BAYAREA
+##############
+bayarea-cc.com {
+    # TLS-Direktive entfernen, falls Cloudflare die Verbindung terminiert
+    # tls {
+    #    dns cloudflare {env.CLOUDFLARE_API_TOKEN}
+    # }
+    
+    handle /api {
+        reverse_proxy host.docker.internal:3001
+    }
+    handle {
+        root * /app
+        try_files {path} /index.html
+        file_server
+    }
+    log {
+        output stderr
+        format console
+    }
+    encode gzip
+    import email_settings
+}
+www.bayarea-cc.com {
+    redir https://bayarea-cc.com{uri} permanent
+}
+setup.bayarea-cc.com {
+    # Wir setzen das Root-Verzeichnis auf den neuen Pfad im Container
+    root * /var/www/email-setup
+
+    # Webserver-Standardverhalten
+    file_server
+
+    # Wenn jemand nur die Domain aufruft, zeige setup.html
+    try_files {path} /setup.html
+}
+##############
+##### ANNAVILLE
+##############
+annavillesda.org {
+  # API requests to backend
+  handle /api/* {
+    reverse_proxy host.docker.internal:3070
+  }
+  
+  # Frontend static files
+  handle {
+    root * /home/aknuth/git/annaville-sda-site/dist
+    try_files {path} {path}/ /index.html
+    file_server
+  }
+  
+  log {
+    output file /var/log/caddy/access.prod.log
+  }
+  
+  encode gzip
+}
+www.annavillesda.org {
+    redir https://annavillesda.org{uri} permanent
+}
+##############
+##### GREENLENS
+##############
+greenlenspro.com {
+  encode zstd gzip
+
+  @storage path /storage /storage/*
+  handle @storage {
+    uri strip_prefix /storage
+    reverse_proxy minio:9000
+  }
+
+  @api path /api /api/* /auth /auth/* /v1 /v1/* /health /plants /plants/*
+  handle @api {
+    reverse_proxy api:3000
+  }
+
+  handle {
+    reverse_proxy landing:3000
+  }
+}
+##############
+##### POCS
+##############
+cielectrical.bayarea-cc.com {
+    # wenn du API innerhalb von Next bedienst, weiterleiten an den Next Prozess
+    handle {
+        reverse_proxy host.docker.internal:3000
+    }
+    log {
+        output file /var/log/caddy/cielectrical.log
+        format console
+    }
+    encode gzip
+}
+hamptonbrown.bayarea-cc.com {
+    # wenn du API innerhalb von Next bedienst, weiterleiten an den Next Prozess
+    handle {
+        reverse_proxy host.docker.internal:3010
+    }
+    log {
+        output file /var/log/caddy/hamptonbrown.log
+        format console
+    }
+    encode gzip
+}
+nqsltd.bayarea-cc.com {
+    # wenn du API innerhalb von Next bedienst, weiterleiten an den Next Prozess
+    handle {
+        reverse_proxy host.docker.internal:3020
+    }
+    log {
+        output file /var/log/caddy/nqsltd.log
+        format console
+    }
+    encode gzip
+}
+gregknoppcpa.bayarea-cc.com {
+    # wenn du API innerhalb von Next bedienst, weiterleiten an den Next Prozess
+    handle {
+        reverse_proxy host.docker.internal:3030
+    }
+    log {
+        output file /var/log/caddy/gregknoppcpa.log
+        format console
+    }
+    encode gzip
+}
+buddelectric.bayarea-cc.com {
+    # wenn du API innerhalb von Next bedienst, weiterleiten an den Next Prozess
+    handle {
+        reverse_proxy host.docker.internal:3040
+    }
+    log {
+        output file /var/log/caddy/buddelectric.log
+        format console
+    }
+    encode gzip zstd
+}
+iitwelders.bayarea-cc.com {
+    # wenn du API innerhalb von Next bedienst, weiterleiten an den Next Prozess
+    handle {
+        reverse_proxy host.docker.internal:8080
+    }
+    log {
+        output file /var/log/caddy/iitwelders.log
+        format console
+    }
+    encode gzip
+}
\ No newline at end of file
diff --git a/Dockerfile.caddy b/Dockerfile.caddy
new file mode 100644
index 0000000..66d36f1
--- /dev/null
+++ b/Dockerfile.caddy
@@ -0,0 +1,13 @@
+# Dockerfile.caddy
+ARG CADDY_VERSION=2.9.1
+
+FROM caddy:${CADDY_VERSION}-builder AS builder
+# Caddy in exakt dieser Version + Plugins bauen
+RUN xcaddy build ${CADDY_VERSION} \
+  --with github.com/caddy-dns/cloudflare \
+  --with github.com/caddyserver/replace-response
+
+FROM caddy:${CADDY_VERSION}
+COPY --from=builder /usr/bin/caddy /usr/bin/caddy
+RUN mkdir -p /var/log/caddy
+
diff --git a/docker-compose.yml b/docker-compose.yml
new file mode 100644
index 0000000..c74a109
--- /dev/null
+++ b/docker-compose.yml
@@ -0,0 +1,39 @@
+services:
+  caddy:
+    image: custom-caddy:2.9.1-rr1
+    container_name: caddy
+    build:
+      context: .
+      dockerfile: Dockerfile.caddy
+    restart: unless-stopped
+    ports:
+      - "80:80"
+      - "443:443"
+    extra_hosts:
+      - 'host.docker.internal:host-gateway'
+    networks:
+      - bizmatch
+      - gitea
+      - greenlens_net
+    volumes:
+      - $PWD/Caddyfile:/etc/caddy/Caddyfile
+      - ./caddy_data:/data
+      - ./caddy_config:/config
+      - /home/aknuth/git/bizmatch-project/bizmatch/dist/bizmatch/browser:/home/aknuth/git/bizmatch-project/bizmatch/dist/bizmatch/browser
+      - /home/aknuth/git/bizmatch-project/bizmatch-server/pictures:/home/aknuth/git/bizmatch-project/bizmatch-server/pictures
+      - /home/aknuth/git/annaville-sda-site/dist:/home/aknuth/git/annaville-sda-site/dist:ro  # ← DAS FEHLT!
+      - /home/aknuth/git/bay-area-affiliates/dist/bay-area-affiliates/browser:/app
+      - /home/aknuth/log/caddy:/var/log/caddy
+      - /home/aknuth/git/config-email/frontend/dist:/home/aknuth/git/config-email/frontend/dist:ro
+    environment:
+      - CLOUDFLARE_API_TOKEN=${CLOUDFLARE_API_TOKEN}
+      - CLOUDFLARE_EMAIL=${CLOUDFLARE_EMAIL}
+
+networks:
+  bizmatch:
+    external: true
+  gitea:
+    external: true
+  greenlens_net:
+    external: true    
+