# The Caddyfile is an easy way to configure your Caddy web server.
#
# Unless the file starts with a global options block, the first
# uncommented line is always the address of your site.
#
# To use your own domain name (with automatic HTTPS), first make
# sure your domain's A/AAAA DNS records are properly pointed to
# this machine's public IP, then replace ":80" below with your
# domain name.

{
  acme_ca https://acme-v02.api.letsencrypt.org/directory
}

#{
#  local_certs
#}

{$DWEB_DOMAIN}, http://{$DWEB_DOMAIN} {
  handle_path /new_email* {
    rewrite * /{path}
    reverse_proxy http://mailadm:3691
  }
  root * /www
  file_server browse
  header Onion-Location http://{$DWEB_ONION}
}

chat.{$DWEB_DOMAIN}, http://chat.{$DWEB_ONION} {
  reverse_proxy http://element:80
  header Onion-Location http://chat.{$DWEB_ONION}
}

matrix.{$DWEB_DOMAIN}, http://matrix.{$DWEB_ONION} {
  reverse_proxy /_matrix/* http://synapse:8008
  reverse_proxy /_synapse/client/* http://synapse:8008
  # reverse_proxy /_synapse/admin/* http://synapse:8008 # Uncomment this line to use admin tools like Synapse-admin
  reverse_proxy /.well-known/* http://synapse:8008
  header Onion-Location http://matrix.{$DWEB_ONION}
}

matrix.{$DWEB_DOMAIN}:8448 {
  reverse_proxy http://synapse:8008
}

matrixrtc.{$DWEB_DOMAIN}, https://matrixrtc.{$DWEB_DOMAIN}, wss://matrixrtc.{$DWEB_DOMAIN} {
  reverse_proxy /livekit/jwt* auth-service:8080
  reverse_proxy /sfu/get* auth-service:8080
  handle_path /livekit/sfu* {
    reverse_proxy livekit:7880
  }
}

peertube.{$DWEB_DOMAIN}:1935, https://peertube.{$DWEB_DOMAIN}:1935 {
  reverse_proxy http://peertube-back:1935
}

peertube.{$DWEB_DOMAIN}, https://peertube.{$DWEB_DOMAIN} {
  reverse_proxy http://peertube-back:9000
}

social.{$DWEB_DOMAIN}, http://social.{$DWEB_ONION} {

    root * /srv/mastodon/public
    encode gzip
    @static file
    handle @static {
            file_server
    }
    handle /api/v1/streaming* {
            reverse_proxy http://mastodon-streaming:4000
    }
    handle /api/v2/streaming* {
            reverse_proxy http://mastodon-streaming:4000
    }
    handle {
            reverse_proxy http://mastodon-web:3000
    }
    header {
            Strict-Transport-Security "max-age=31536000;"
    }
    header Onion-Location http://mastodon.{$DWEB_ONION}
    header /sw.js  Cache-Control "public, max-age=0";
    header /emoji* Cache-Control "public, max-age=31536000, immutable"
    header /packs* Cache-Control "public, max-age=31536000, immutable"
    header /system/accounts/avatars* Cache-Control "public, max-age=31536000, immutable"
    header /system/media_attachments/files* Cache-Control "public, max-age=31536000, immutable"
    handle_errors {
            @5xx expression `{http.error.status_code} >= 500 && {http.error.status_code} < 600`
            rewrite @5xx /500.html
            file_server
    }
}


# Refer to the Caddy docs for more information:
# https://caddyserver.com/docs/caddyfile