{
    email admin@donovankelly.xyz
}

# Frontend - serves the built static files
app.todo.donovankelly.xyz {
    root * /srv/web
    encode gzip
    file_server
    
    # SPA fallback for non-file paths
    @spa {
        not file
        not path /.well-known/*
    }
    rewrite @spa /index.html
    
    header {
        X-Content-Type-Options nosniff
        X-Frame-Options DENY
        Referrer-Policy strict-origin-when-cross-origin
    }
}

# API - reverse proxy to the backend
api.todo.donovankelly.xyz {
    reverse_proxy host.docker.internal:3001
    
    header {
        Access-Control-Allow-Origin https://app.todo.donovankelly.xyz
        Access-Control-Allow-Methods "GET, POST, PATCH, DELETE, OPTIONS"
        Access-Control-Allow-Headers "Content-Type, Authorization"
        Access-Control-Allow-Credentials true
    }
}