# AZA Reverse Proxy + Static Files
#
# Production: DOMAIN env must point to this machine (DNS A-Record).
# Caddy handles automatic HTTPS via Let's Encrypt.
#
# Local testing: http://localhost:8080

{
    email {$ACME_EMAIL:admin@aza-medwork.ch}
}

{$AZA_DOMAIN:localhost} {
    encode gzip zstd

    # Static web assets (landing, download, styles)
    handle /web/* {
        root * /app
        file_server
    }

    # Release artifacts (version.json, installer)
    handle /release/* {
        root * /app
        file_server
    }

    # Download shortcut: /download/filename -> /release/filename
    handle /download/* {
        root * /app/release
        uri strip_prefix /download
        file_server
    }

    # All other requests -> backend API
    handle {
        reverse_proxy {$BACKEND_UPSTREAM:backend:8000}
    }
}

# Empfang-Subdomain: empfang.aza-medwork.ch
# Root "/" wird transparent auf /empfang/ umgeschrieben (kein sichtbarer Redirect)
{$AZA_EMPFANG_DOMAIN:empfang.aza-medwork.ch} {
    encode gzip zstd

    handle / {
        rewrite * /empfang/
        reverse_proxy {$BACKEND_UPSTREAM:backend:8000}
    }

    handle {
        reverse_proxy {$BACKEND_UPSTREAM:backend:8000}
    }
}

:8080 {
    encode gzip zstd

    handle /web/* {
        root * /app
        file_server
    }

    handle /release/* {
        root * /app
        file_server
    }

    handle /download/* {
        root * /app/release
        uri strip_prefix /download
        file_server
    }

    handle {
        reverse_proxy {$BACKEND_UPSTREAM_LOCAL:localhost:8000}
    }
}