{
  email neale@woozle.org

  # Uncomment to use testing CA
  #acme_ca https://acme-staging-v02.api.letsencrypt.org/directory
}

(restricted-access) {
  forward_auth simpleauth:8080 {
    uri /
    copy_headers X-Simpleauth-Token
  }
}

git.woozle.org {
  reverse_proxy gitea:3000
}

drive.woozle.org {
  import restricted-access

  # XXX: browsing says method not allowed
  @nondav {
    method HEAD GET
  }
  # route overrides built-in ordering
  route {
    file_server @nondav {
      root /srv/ext/
      browse /www/browse.html
    }
    reverse_proxy webdav:8000
  }
}

# XXX: have this use caddy auth
ancestry.woozle.org {
  reverse_proxy geneweb:2317
}

deergrove.woozle.org, sweetums.woozle.org {
  handle /transmission/* {
    import restricted-access
    reverse_proxy host.docker.internal:9091
  }
  handle_path /sucker/* {
    import restricted-access
    reverse_proxy host.docker.internal:5880
  }
  handle_path /public/* {
    file_server {
      root /srv/ext/storage/public
    }
  }
  handle_path /octoprint/* {
    import restricted-access
    reverse_proxy {
      to 192.168.86.36:80
      header_up X-Script-Name "/octoprint"
    }
  }
  handle /webcam/* {
    # Octoprint doesn't properly prefix webcam URLs
    import restricted-access
    reverse_proxy {
      to 192.168.86.36:80
    }
  }
  handle {
    import restricted-access
    file_server {
      root /www
    }
  }
}