{
    auto_https off
}

:80 {
    redir https://{host}{uri}
}

{$DOMAIN}:443 {
    tls /etc/caddy/certs/{$DOMAIN}.crt /etc/caddy/certs/{$DOMAIN}.key

    # Disable HSTS
    header Strict-Transport-Security ""

    # Serve static files (HTML, CSS, images, etc.)
    root * /srv/static
    file_server

    # Proxy API endpoints to the attestation server
    reverse_proxy /api/* attestation:8080

    # Proxy Auditor app endpoints
    reverse_proxy /auditor/* attestation:8080

    # Enable logging
    log {
        output stdout
        format json
    }
}