From a060b4630e339ffc4734a6d874bef8c07adb59db Mon Sep 17 00:00:00 2001
From: Harsh Shandilya <me@msfjarvis.dev>
Date: Thu, 20 Feb 2020 04:33:04 +0530
Subject: [PATCH] Caddyfile: Disallow non-Cloudflare origins

Signed-off-by: Harsh Shandilya <me@msfjarvis.dev>
---
 Caddyfile | 1 +
 1 file changed, 1 insertion(+)

diff --git a/Caddyfile b/Caddyfile
index b5989f9..19a4a84 100644
--- a/Caddyfile
+++ b/Caddyfile
@@ -5,6 +5,7 @@
 (base_config) {
   tls {
     dns cloudflare
+    clients /etc/ssl/caddy/cloudflare-origin-pull-ca.pem
   }
   header / {
     Content-Security-Policy "