{
    email {env.CLOUDFLARE_EMAIL}
    acme_dns cloudflare {env.CLOUDFLARE_API_TOKEN}
    acme_ca https://acme-v02.api.letsencrypt.org/directory
    debug
}
import email_autodiscover
# ---------------------------------------------------------
# Block A: Die dedizierten Autodiscover Domains
# ---------------------------------------------------------
autodiscover.bayarea-cc.com, autodiscover.bizmatch.net,
autodiscover.ruehrgedoens.de, autoconfig.ruehrgedoens.de,
autoconfig.bayarea-cc.com, autoconfig.bizmatch.net {
    
    # Hier rufen wir das Snippet auf
    import email_settings
    
    # Fallback für Aufrufe auf Root dieser Subdomains
    respond "Autodiscover Service Online" 200
}

# Prod: Neue Domains
www.bizmatch.net {
  handle /pictures/* {
    root * /home/aknuth/git/bizmatch-project/bizmatch-server  # Prod-Ordner
    file_server
  }
  # Statische Dateien (CSS, JS, Bilder) – lange cachen, da sich der Name bei Änderungen ändert
  header /assets/* Cache-Control "public, max-age=31536000, immutable"
  header /*.css Cache-Control "public, max-age=31536000, immutable"
  header /*.js Cache-Control "public, max-age=31536000, immutable"

  # Die index.html und API-Antworten – NIEMALS cachen
  header /index.html Cache-Control "no-cache, no-store, must-revalidate"  
  
  #handle {
  #  root * /home/aknuth/git/bizmatch-project-prod/bizmatch/dist/bizmatch/browser  # Neuer Prod-Dist-Ordner
  #  try_files {path} {path}/ /index.html
  #  file_server
  #}
  handle {
    reverse_proxy host.docker.internal:4200
  }
  log {
    output file /var/log/caddy/access.prod.log  # Separate Logs
  }
  encode gzip zstd
}
bizmatch.net {
  redir https://www.bizmatch.net{uri} permanent
  import email_settings
}
www.qrmaster.net {
    handle {
        reverse_proxy host.docker.internal:3050
    }
    log {
        output file /var/log/caddy/qrmaster.log
        format console
    }
    encode gzip
}
qrmaster.net {
  redir https://www.qrmaster.net{uri} permanent
}
www.innungsapp.com {
    handle {
        reverse_proxy host.docker.internal:3010
    }
    log {
        output file /var/log/caddy/innungsapp.log
        format console
    }
    encode gzip
}
innungsapp.net {
  redir https://www.innungsapp.com{uri} permanent
}
bayarea-cc.com {
    # TLS-Direktive entfernen, falls Cloudflare die Verbindung terminiert
    # tls {
    #    dns cloudflare {env.CLOUDFLARE_API_TOKEN}
    # }
    
    handle /api {
        reverse_proxy host.docker.internal:3001
    }
    handle {
        root * /app
        try_files {path} /index.html
        file_server
    }
    log {
        output stderr
        format console
    }
    encode gzip
    import email_settings
}
www.bayarea-cc.com {
    redir https://bayarea-cc.com{uri} permanent
}
setup.bayarea-cc.com {
    # Wir setzen das Root-Verzeichnis auf den neuen Pfad im Container
    root * /var/www/email-setup

    # Webserver-Standardverhalten
    file_server

    # Wenn jemand nur die Domain aufruft, zeige setup.html
    try_files {path} /setup.html
}
cielectrical.bayarea-cc.com {
    # wenn du API innerhalb von Next bedienst, weiterleiten an den Next Prozess
    handle {
        reverse_proxy host.docker.internal:3000
    }
    log {
        output file /var/log/caddy/cielectrical.log
        format console
    }
    encode gzip
}
hamptonbrown.bayarea-cc.com {
    # wenn du API innerhalb von Next bedienst, weiterleiten an den Next Prozess
    handle {
        reverse_proxy host.docker.internal:3010
    }
    log {
        output file /var/log/caddy/hamptonbrown.log
        format console
    }
    encode gzip
}
nqsltd.bayarea-cc.com {
    # wenn du API innerhalb von Next bedienst, weiterleiten an den Next Prozess
    handle {
        reverse_proxy host.docker.internal:3020
    }
    log {
        output file /var/log/caddy/nqsltd.log
        format console
    }
    encode gzip
}
gregknoppcpa.bayarea-cc.com {
    # wenn du API innerhalb von Next bedienst, weiterleiten an den Next Prozess
    handle {
        reverse_proxy host.docker.internal:3030
    }
    log {
        output file /var/log/caddy/gregknoppcpa.log
        format console
    }
    encode gzip
}
buddelectric.bayarea-cc.com {
    # wenn du API innerhalb von Next bedienst, weiterleiten an den Next Prozess
    handle {
        reverse_proxy host.docker.internal:3040
    }
    log {
        output file /var/log/caddy/buddelectric.log
        format console
    }
    encode gzip zstd
}
iitwelders.bayarea-cc.com {
    # wenn du API innerhalb von Next bedienst, weiterleiten an den Next Prozess
    handle {
        reverse_proxy host.docker.internal:8080
    }
    log {
        output file /var/log/caddy/iitwelders.log
        format console
    }
    encode gzip
}
fancytextstuff.com {
    # wenn du API innerhalb von Next bedienst, weiterleiten an den Next Prozess
    handle {
        reverse_proxy host.docker.internal:3010
    }
    log {
        output file /var/log/caddy/fancytext.log
        format console
    }
    encode gzip
}	
www.fancytextstuff.com {
    redir https://fancytextstuff.com{uri} permanent
}
auth.bizmatch.net {
        reverse_proxy https://bizmatch-net.firebaseapp.com {
            header_up Host bizmatch-net.firebaseapp.com
            header_up X-Forwarded-For {remote_host}
            header_up X-Forwarded-Proto {scheme}
            header_up X-Real-IP {remote_host}
        }
}
gitea.bizmatch.net {
    reverse_proxy gitea:3500
}

dev.bizmatch.net {
  handle /pictures/* {
    root * /home/aknuth/git/bizmatch-project/bizmatch-server
    file_server
  }

  handle {
    root * /home/aknuth/git/bizmatch-project/bizmatch/dist/bizmatch/browser
    try_files {path} {path}/ /index.html
    file_server
  }
  
  log {
    output file /var/log/caddy/access.log {
      roll_size 10MB
      roll_keep 5
      roll_keep_for 48h
    }
  }

  encode gzip 

}


api.bizmatch.net {
  reverse_proxy host.docker.internal:3001 {  # Neu: Proxy auf Prod-Port 3001
    header_up X-Real-IP {http.request.header.CF-Connecting-IP}
    header_up X-Forwarded-For {http.request.header.CF-Connecting-IP}
    header_up X-Forwarded-Proto {http.request.header.X-Forwarded-Proto}
    header_up CF-IPCountry {http.request.header.CF-IPCountry}
  }
}
mailsync.bizmatch.net {
  reverse_proxy host.docker.internal:5000 {
    header_up X-Real-IP {http.request.header.CF-Connecting-IP}
    header_up X-Forwarded-For {http.request.header.CF-Connecting-IP}
    header_up X-Forwarded-Proto {http.request.header.X-Forwarded-Proto}
    header_up CF-IPCountry {http.request.header.CF-IPCountry}
  }
}

# Roundcube für docker-mailserver
app.email-bayarea.com {
    reverse_proxy roundcube:80
    
    log {
        output stderr
        format console
    }
    
    encode gzip
}
# Roundcube für docker-mailserver
config.email-bayarea.com {

    root * /home/aknuth/git/config-email/frontend/dist
    try_files {path} {path}/ /index.html
    file_server

    log {
        output file /var/log/caddy/config-email.log
    }

    encode gzip
}
# Roundcube für docker-mailserver
api.email-bayarea.com {
    reverse_proxy host.docker.internal:3002
    
    log {
        output stderr
        format console
    }
    
    encode gzip
}
annavillesda.org {
  # API requests to backend
  handle /api/* {
    reverse_proxy host.docker.internal:3070
  }
  
  # Frontend static files
  handle {
    root * /home/aknuth/git/annaville-sda-site/dist
    try_files {path} {path}/ /index.html
    file_server
  }
  
  log {
    output file /var/log/caddy/access.prod.log
  }
  
  encode gzip
}
www.annavillesda.org {
    redir https://annavillesda.org{uri} permanent
}
# -----------------
# just for certificate generation
# -----------------
mail.andreasknuth.de {
    reverse_proxy nginx-mailcow:8080
}
web.email-bayarea.com {
    reverse_proxy nginx-mailcow:8080
}
# Dieser Block dient nur dazu, das Zertifikat für den Mailserver zu beschaffen/erneuern.
mail.email-srvr.com {
    respond "Mailserver Certificate Authority is running." 200
}