{
	# Cache module
	order cache before rewrite
	cache {
		ttl 10m
	}
	log {
        output file /data/caddy_global.log
    }
}

jenkins.lucasroyer.fr {
	# Security
	header {
		X-Frame-Options "SAMEORIGIN"
		X-Content-Type-Options "nosniff"
		X-XSS-Protection "1; mode=block"
	}

	# Large files
	request_body {
		max_size 512MB
	}

	# Compression
	encode zstd gzip

	# Log
	log {
        output file /data/jenkins_access.log
    }

	# Redirect
	reverse_proxy jenkins:8080 {
		flush_interval -1
	}
}

portfolio.lucasroyer.fr {
	# Server cache
	cache {
		ttl 24h
		stale 12h
	}
	# Security
	header {
		X-Frame-Options "DENY"
		X-XSS-Protection "1; mode=block"
		X-Content-Type-Options "nosniff"
		Referrer-Policy "strict-origin-when-cross-origin"
		Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
	}

	# Errors
	handle_errors {
		# If error is 502, 503 or 504, show error.html without changing client URL
		@service_out expression {err.status_code} >= 502 && {err.status_code} <= 504

		handle @service_out {
			root * /srv
			rewrite * /error.html
			file_server
		}
	}

	# Compression
	encode zstd gzip

	# Log
	log {
		output file /data/portfolio_access.log
	}

	# Redirect
	reverse_proxy portfolio:80
}