# Global options
{
	# Debug mode - uncomment to activate.
	#debug

	# Use local-only certs.
	local_certs
}

# For freepbx.
:443 {
	handle_errors {
		respond "{http.error.status_text}." {
			close
		}
	}
	root * /var/www/localhost/htdocs/
	# https://community.freepbx.org/t/using-caddy-instead-of-apache-in-freepbx/80200
	handle /admin/* {
		@blocked_admin {
			path */.*
			path */i18n/*
			path */helpers/*
			path */libraries/*
			path */node/*
			path */views/*php
		}
		respond @blocked_admin 403
		php_fastcgi unix//run/php/localhost.sock
		file_server
	}
	handle {
		@blocked_main {
			path */.*
		}
		respond @blocked_main 403
		php_fastcgi unix//run/php/localhost.sock
		file_server
	}
	error 404
}

# Local only service (original).
localhost.orig:443 {
	# Strip www from host header.
	@host_header header_regexp host Host (www\.)?([^\.\\\/].{1,})

	handle_errors {
		respond "{http.error.status_text}." {
			close
		}
	}

	handle @host_header {
		root * /var/www/{re.host.2}/htdocs/
		file_server {
			hide .* ~*
		}

		@has_reverse_proxy {
			file /run/{re.host.2}.sock
			path !*.php
		}

		handle @has_reverse_proxy {
			reverse_proxy unix//run/{re.host.2}.sock {
				header_up Host {upstream_hostport}
				header_up X-Forwarded-Host {host}
			}
		}

		php_fastcgi unix//run/php/{re.host.2}.sock {
			# This only works with Caddy versions >= 2.4.6
			try_files {path} {path}/ {path}/index.php =404
		}
	}
	error 404
}