{
  email neale@woozle.org
}

(restricted-access) {
  forward_auth simpleauth:8080 {
    uri /
    copy_headers X-Simpleauth-Token
  }
}

git.woozle.org {
  reverse_proxy gitea:3000
}

drive.woozle.org {
  import restricted-access

  # XXX: browsing says method not allowed
  @nondav {
    method HEAD GET
  }
  # route overrides built-in ordering
  route {
    file_server @nondav {
      root /srv/ext/
      browse /www/browse.html
    }
    reverse_proxy webdav:8000
  }
}

# XXX: have this use caddy auth
ancestry.woozle.org {
  reverse_proxy geneweb:2317
}

##
## handle sends original path
## handle_path truncates path
##

deergrove.woozle.org, sweetums.woozle.org {
  handle_path /qbittorrent/* {
    import restricted-access
    reverse_proxy host.docker.internal:6880
  }

  handle /transmission/* {
    import restricted-access
    reverse_proxy host.docker.internal:9091
  }

  handle /nzbget/* {
    import restricted-access
    reverse_proxy nzbget:6789
  }

  handle /sonarr/* {
    import restricted-access
    reverse_proxy sonarr:8989
  }

  handle /jackett/* {
    import restricted-access
    reverse_proxy jackett:9117
  }

  handle_path /sucker/* {
    import restricted-access
    reverse_proxy host.docker.internal:5880
  }

  handle_path /octoprint/* {
    import restricted-access
    reverse_proxy {
      to 192.168.86.36:80
      header_up X-Script-Name "/octoprint"
    }
  }

  handle /webcam/* {
    # Octoprint doesn't properly prefix webcam URLs
    import restricted-access
    reverse_proxy {
      to 192.168.86.36:80
    }
  }

  handle_path /wallart/* {
    reverse_proxy {
      to wallart:8080
    }
  }
  rewrite /public/wallart.bin /wallart/wallart.bin

  handle_path /public/* {
    file_server {
      root /srv/ext/storage/public
    }
  }

  handle {
    import restricted-access
    file_server {
      root /www
    }
  }
}