# Automatically generated

# The following directives modify normal HTTP response behavior to
# handle known problems with browser implementations.
# TODO-Caddy BrowserMatch "Mozilla/2" nokeepalive
# TODO-Caddy BrowserMatch ".*MSIE.*" nokeepalive ssl-unclean-shutdown \
# TODO-Caddy                         downgrade-1.0 force-response-1.0
# TODO-Caddy BrowserMatch "RealPlayer 4\.0" force-response-1.0
# TODO-Caddy BrowserMatch "Java/1\.0" force-response-1.0
# TODO-Caddy BrowserMatch "JDK/1\.0" force-response-1.0
# The following directive disables redirects on non-GET requests for
# a directory that does not include the trailing slash.  This fixes a
# problem with Microsoft WebFolders which does not appropriately handle
# redirects for folders with DAV methods.
# Same deal with Apple's DAV filesystem and Gnome VFS support for DAV.
# TODO-Caddy BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carefully
# TODO-Caddy BrowserMatch "MS FrontPage" redirect-carefully
# TODO-Caddy BrowserMatch "^WebDrive" redirect-carefully
# TODO-Caddy BrowserMatch "^WebDAVFS/1.[0123]" redirect-carefully
# TODO-Caddy BrowserMatch "^gnome-vfs" redirect-carefully
# TODO-Caddy BrowserMatch "^XML Spy" redirect-carefully
# TODO-Caddy BrowserMatch "^Dreamweaver-WebDAV-SCM1" redirect-carefully


# Deflate
# TODO-Caddy AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/javascript application/x-javascript application/javascript
# TODO-Caddy BrowserMatch ^Mozilla/4 gzip-only-text/html
# TODO-Caddy BrowserMatch ^Mozilla/4\.0[678] no-gzip
# TODO-Caddy BrowserMatch \bMSIE !no-gzip !gzip-only-text/html

# SSL Configuration
# TODO-Caddy {% if slapparameter_dict.get('apache-ca-certificate') %}
# TODO-Caddy SSLCACertificateFile {{ login_ca_crt }}
# TODO-Caddy {% endif %}
# TODO-Caddy SSLProtocol all -SSLv2 -SSLv3
# TODO-Caddy SSLCipherSuite ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:HIGH:!aNULL:!MD5
# TODO-Caddy SSLHonorCipherOrder on
# TODO-Caddy <FilesMatch "\.(cgi|shtml|phtml|php)$">
# TODO-Caddy       SSLOptions +StdEnvVars
# TODO-Caddy </FilesMatch>
# Accept proxy to sites using self-signed SSL certificates
# TODO-Caddy SSLProxyCheckPeerCN off
# TODO-Caddy SSLProxyCheckPeerExpire off

import {{frontend_configuration.get('log-access-configuration')}}
import {{ slave_configuration_directory }}/*.conf
import {{ slave_with_cache_configuration_directory }}/*.conf

:{{ https_port }} {
  tls {{ login_certificate }} {{ login_key }}
  bind {{ local_ipv4 }}
  status 404 /
  log / {{ access_log }} "{remote} {>REMOTE_USER} [{when}] \"{method} {uri} {proto}\" {status} {size} \"{>Referer}\" \"{>User-Agent}\" {latency_ms}"
  errors {{ error_log }} {
    * {{ not_found_file }}
  }
}

https://[{{ global_ipv6 }}]:{{ https_port }}/server-status, https://{{ local_ipv4 }}:{{ https_port }}/server-status {
  tls {{ login_certificate }} {{ login_key }}
  bind {{ local_ipv4 }}
  basicauth "{{ username }}" {{ password }} {
    "Server Status"
    /
  }
  expvar
  pprof
  log / {{ access_log }} "{remote} {>REMOTE_USER} [{when}] \"{method} {uri} {proto}\" {status} {size} \"{>Referer}\" \"{>User-Agent}\" {latency_ms}"
  errors {{ error_log }} {
    * {{ not_found_file }}
  }
}

:{{ http_port }} {
  bind {{ local_ipv4 }}
  status 404 /
  log / {{ access_log }} "{remote} {>REMOTE_USER} [{when}] \"{method} {uri} {proto}\" {status} {size} \"{>Referer}\" \"{>User-Agent}\" {latency_ms}"
  errors {{ error_log }} {
    * {{ not_found_file }}
  }
}