{
  email neale@woozle.org
}

(restricted-access) {
  forward_auth simpleauth:8080 {
    uri /
    copy_headers X-Simpleauth-Token
  }
}

git.woozle.org {
  reverse_proxy gitea:3000
}

drive.woozle.org {
  import restricted-access

  # XXX: browsing says method not allowed
  @nondav {
    method HEAD GET
  }
  # route overrides built-in ordering
  route {
    file_server @nondav {
      root /srv/
      browse /browser.html
    }
    reverse_proxy webdav:8000
  }
}

# XXX: have this use caddy auth
ancestry.woozle.org {
  reverse_proxy geneweb:2317
}

##
## handle sends original path
## handle_path truncates path
##

(deergrove) {
  handle_path /ddns/* {
    import restricted-access
    reverse_proxy ddns:8000
  }

  handle /transmission/* {
    import restricted-access
    reverse_proxy host.docker.internal:9091
  }

  handle /nzbget/* {
    import restricted-access
    reverse_proxy nzbget:6789
  }

  handle /sonarr/* {
    import restricted-access
    reverse_proxy sonarr:8989
  }
  handle /radarr/* {
    import restricted-access
    reverse_proxy radarr:7878
  }
  handle /readarr/* {
    import restricted-access
    reverse_proxy readarr:8787
  }
  handle /lidarr/* {
    import restricted-access
    reverse_proxy lidarr:8686
  }
  handle /prowlarr/* {
    import restricted-access
    reverse_proxy prowlarr:9696
  }

  handle_path /sucker/* {
    import restricted-access
    reverse_proxy host.docker.internal:5880
  }

  handle_path /octoprint/* {
    import restricted-access
    reverse_proxy {
      to 192.168.86.20:80
      header_up X-Script-Name "/octoprint"
    }
  }

  handle /webcam/* {
    # Octoprint doesn't properly prefix webcam URLs
    import restricted-access
    reverse_proxy {
      to 192.168.86.20:80
    }
  }

  handle_path /public/* {
    file_server {
      root /srv/storage/public
    }
  }

  handle {
    import restricted-access
    file_server {
      root /www
    }
  }
}

deergrove.woozle.org {
  import deergrove
}

sweetums.lan {
  tls internal
  import deergrove
}