# DO NOT EDIT THIS FILE -- OPNsense auto-generated file

{% set generalSettings = helpers.getNodeByTag('Pischem.caddy.general') %}

# Global Options
{
    log {
        {% if generalSettings.LogAccessPlain|default("0") == "0" %}
        {% for reverse in helpers.toList('Pischem.caddy.reverseproxy.reverse') %}
        {% if reverse.enabled|default("0") == "1" and reverse.AccessLog|default("0") == "1" %}
        include http.log.access.{{ reverse['@uuid'] }}
        {% endif %}
        {% endfor %}
        {% endif %}
        output net unixgram//var/caddy/var/run/log {
        }
        format json {
            time_format rfc3339
        }
    }

    {% set accessListUuid = generalSettings.accesslist %}
    {% set logCredentials = generalSettings.LogCredentials %}

    {% set hasAccessList = false %}
    {% set hasLogCredentials = false %}

    {% if accessListUuid %}
        {% set accessList = helpers.toList('Pischem.caddy.reverseproxy.accesslist') | selectattr('@uuid', 'equalto', accessListUuid) | first %}
        {% if accessList %}
            {% set hasAccessList = true %}
        {% endif %}
    {% endif %}

    {% if logCredentials == '1' %}
        {% set hasLogCredentials = true %}
    {% endif %}

    {% if hasAccessList or hasLogCredentials %}
    servers {
        {% if hasAccessList %}
        trusted_proxies static {{ accessList.clientIps.split(',') | join(' ') }}
        {% endif %}
        {% if hasLogCredentials %}
        log_credentials
        {% endif %}
    }
    {% endif %}

    {% set dnsProvider = helpers.toList('Pischem.caddy.general.TlsDnsProvider') | first %}
    {% set dnsApiKey = generalSettings.TlsDnsApiKey %}
    {% set dnsSecretApiKey = generalSettings.TlsDnsSecretApiKey %}
    {% set dnsOptionalField1 = generalSettings.TlsDnsOptionalField1 %}
    {% set dnsOptionalField2 = generalSettings.TlsDnsOptionalField2 %}
    {% set dnsOptionalField3 = generalSettings.TlsDnsOptionalField3 %}
    {% set dnsOptionalField4 = generalSettings.TlsDnsOptionalField4 %}
    {% set dynDnsSimpleHttp = generalSettings.DynDnsSimpleHttp %}
    {% set dynDnsInterface = generalSettings.DynDnsInterface %}
    {% set dynDnsCheckInterval = generalSettings.DynDnsCheckInterval %}
    {% set dynDnsIpVersions = generalSettings.DynDnsIpVersions %}
    {% set dynDnsTTL = generalSettings.DynDnsTTL %}
    {% set dynDnsDomains = [] %}

    {% for reverse in helpers.toList('Pischem.caddy.reverseproxy.reverse') %}
        {% if reverse.enabled|default("0") == "1" and reverse.DynDns|default("0") == "1" %}
            {% set cleanedDomain = reverse.FromDomain | replace("*.","") %}
            {% do dynDnsDomains.append(cleanedDomain + " @") %}
        {% endif %}

        {% for subdomain in helpers.toList('Pischem.caddy.reverseproxy.subdomain') %}
            {% if subdomain.enabled|default("0") == "1" and subdomain.DynDns|default("0") == "1" and subdomain.reverse == reverse['@uuid'] %}
                {% set fullSubdomain = subdomain.FromDomain %}
                {% set baseDomain = fullSubdomain.split('.')[1:] | join('.') %}
                {% set subDomainPart = fullSubdomain.split('.')[0] %}
                {% set subdomainEntry = baseDomain + " " + subDomainPart %}
                {% do dynDnsDomains.append(subdomainEntry) %}
            {% endif %}
        {% endfor %}
    {% endfor %}

    {% if dnsProvider and dnsProvider != "none" and dnsProvider != "acmedns" and dynDnsDomains|length > 0 %}
        dynamic_dns {
            {% if dnsProvider in ['porkbun', 'desec', 'route53', 'googleclouddns', 'azure', 'ovh', 'namecheap', 'powerdns', 'ddnss', 'linode', 'tencentcloud', 'dinahosting', 'hexonet', 'mailinabox'] %}
                provider {{ dnsProvider }} {
                    {% if dnsProvider == 'porkbun' %}
                        {% if dnsApiKey %}api_key {{ dnsApiKey }}
                        {% endif %}
                        {% if dnsSecretApiKey %}api_secret_key {{ dnsSecretApiKey }}
                        {% endif %}
                    {% elif dnsProvider == 'desec' %}
                        {% if dnsApiKey %}token {{ dnsApiKey }}
                        {% endif %}
                    {% elif dnsProvider == 'route53' %}
                        {% if dnsApiKey %}access_key_id {{ dnsApiKey }}
                        {% endif %}
                        {% if dnsSecretApiKey %}secret_access_key {{ dnsSecretApiKey }}
                        {% endif %}
                        {% if dnsOptionalField1 %}max_retries {{ dnsOptionalField1 }}
                        {% endif %}
                        {% if dnsOptionalField2 %}aws_profile {{ dnsOptionalField2 }}
                        {% endif %}
                        {% if dnsOptionalField3 %}region {{ dnsOptionalField3 }}
                        {% endif %}
                        {% if dnsOptionalField4 %}token {{ dnsOptionalField4 }}
                        {% endif %}
                    {% elif dnsProvider == 'googleclouddns' %}
                        {% if dnsApiKey %}gcp_project {{ dnsApiKey }}
                        {% endif %}
                    {% elif dnsProvider == 'azure' %}
                        {% if dnsApiKey %}tenant_id {{ dnsApiKey }}
                        {% endif %}
                        {% if dnsSecretApiKey %}client_id {{ dnsSecretApiKey }}
                        {% endif %}
                        {% if dnsOptionalField1 %}client_secret {{ dnsOptionalField1 }}
                        {% endif %}
                        {% if dnsOptionalField2 %}subscription_id {{ dnsOptionalField2 }}
                        {% endif %}
                        {% if dnsOptionalField3 %}resource_group_name {{ dnsOptionalField3 }}
                        {% endif %}
                    {% elif dnsProvider == 'ovh' %}
                        {% if dnsApiKey %}endpoint {{ dnsApiKey }}
                        {% endif %}
                        {% if dnsSecretApiKey %}application_key {{ dnsSecretApiKey }}
                        {% endif %}
                        {% if dnsOptionalField1 %}application_secret {{ dnsOptionalField1 }}
                        {% endif %}
                        {% if dnsOptionalField2 %}consumer_key {{ dnsOptionalField2 }}
                        {% endif %}
                    {% elif dnsProvider == 'namecheap' %}
                        {% if dnsApiKey %}api_key {{ dnsApiKey }}
                        {% endif %}
                        {% if dnsSecretApiKey %}user {{ dnsSecretApiKey }}
                        {% endif %}
                        {% if dnsOptionalField1 %}api_endpoint {{ dnsOptionalField1 }}
                        {% endif %}
                        {% if dnsOptionalField2 %}client_ip {{ dnsOptionalField2 }}
                        {% endif %}
                    {% elif dnsProvider == 'powerdns' %}
                        {% if dnsApiKey %}server_url {{ dnsApiKey }}
                        {% endif %}
                        {% if dnsSecretApiKey %}api_token {{ dnsSecretApiKey }}
                        {% endif %}
                    {% elif dnsProvider == 'ddnss' %}
                        {% if dnsApiKey %}api_token {{ dnsApiKey }}
                        {% endif %}
                        {% if dnsSecretApiKey %}username {{ dnsSecretApiKey }}
                        {% endif %}
                        password {{ dnsOptionalField1 }}
                    {% elif dnsProvider == 'linode' %}
                        {% if dnsApiKey %}api_token {{ dnsApiKey }}
                        {% endif %}
                        {% if dnsSecretApiKey %}api_url {{ dnsSecretApiKey }}
                        {% endif %}
                        {% if dnsOptionalField1 %}api_version {{ dnsOptionalField1 }}
                        {% endif %}
                    {% elif dnsProvider == 'tencentcloud' %}
                        {% if dnsApiKey %}secret_id {{ dnsApiKey }}
                        {% endif %}
                        {% if dnsSecretApiKey %}secret_key {{ dnsSecretApiKey }}
                        {% endif %}
                    {% elif dnsProvider == 'dinahosting' %}
                        {% if dnsApiKey %}username {{ dnsApiKey }}
                        {% endif %}
                        {% if dnsSecretApiKey %}password {{ dnsSecretApiKey }}
                        {% endif %}
                    {% elif dnsProvider == 'hexonet' %}
                        {% if dnsApiKey %}username {{ dnsApiKey }}
                        {% endif %}
                        {% if dnsSecretApiKey %}password {{ dnsSecretApiKey }}
                        {% endif %}
                    {% elif dnsProvider == 'mailinabox' %}
                        {% if dnsApiKey %}api_url {{ dnsApiKey }}
                        {% endif %}
                        {% if dnsSecretApiKey %}email_address {{ dnsSecretApiKey }}
                        {% endif %}
                        {% if dnsOptionalField1 %}password {{ dnsOptionalField1 }}
                        {% endif %}
                    {% endif %}
                }
            {% else %}
                provider {{ dnsProvider }} {{ dnsApiKey }}
            {% endif %}
            domains {
                {% for domain in dynDnsDomains %}
                {{ domain }}
                {% endfor %}
            }
        {% if dynDnsSimpleHttp %}
        ip_source simple_http {{ dynDnsSimpleHttp }}
        {% endif %}
        {% if dynDnsInterface %}
            {% set physicalInterfaceNames = [] %}
            {% for intfName in dynDnsInterface.split(',') %}
                {% do physicalInterfaceNames.append(helpers.physical_interface(intfName)) %}
            {% endfor %}
            ip_source interface {{ physicalInterfaceNames | join(',') }}
        {% endif %}
        {% if dynDnsCheckInterval %}
        check_interval {{ dynDnsCheckInterval }}m
        {% endif %}
        {% if dynDnsIpVersions %}
        versions {{ dynDnsIpVersions }}
        {% endif %}
        {% if dynDnsTTL %}
        ttl {{ dynDnsTTL }}h
        {% endif %}
    }
    {% endif %}

    {% set emailValue = helpers.toList('Pischem.caddy.general.TlsEmail') | first %}
    {% if emailValue %}
    email {{ emailValue }}
    {% endif %}
    {% set autoHttpsValue = helpers.toList('Pischem.caddy.general.TlsAutoHttps') | first %}
    {% if autoHttpsValue != "on" %}
    auto_https {{ autoHttpsValue }}
    {% endif %}
    import /usr/local/etc/caddy/caddy.d/*.global
}

# Reverse Proxy Configuration

{% for reverse in helpers.toList('Pischem.caddy.reverseproxy.reverse') %}
    {% if reverse.enabled|default("0") == "1" and reverse.AcmePassthrough %}
        # HTTP-01 challenge redirection for domain: "{{ reverse['@uuid'] }}"
        http://{{ reverse.FromDomain|default("") }} {
            handle /.well-known/acme-challenge/* {
                reverse_proxy {{ reverse.AcmePassthrough }}
            }
            handle {
                redir https://{host}{uri} 308
            }
        }
    {% endif %}
{% endfor %}

{% macro tls_configuration(dnsProvider, dnsApiKey, customCert, dnsChallenge, dnsSecretApiKey, TlsDnsOptionalField1, TlsDnsOptionalField2, TlsDnsOptionalField3, TlsDnsOptionalField4) %}
    {% if dnsChallenge == "1" and dnsProvider and dnsProvider != "none" %}
        {% if dnsProvider in ['duckdns', 'porkbun', 'desec', 'route53', 'acmedns', 'googleclouddns', 'azure', 'ovh', 'namecheap', 'powerdns', 'ddnss', 'linode', 'tencentcloud', 'dinahosting', 'hexonet', 'mailinabox'] %}
            tls {
                dns {{ dnsProvider }} {
                    {% if dnsProvider == 'duckdns' %}
                        {% if dnsApiKey %}api_token {{ dnsApiKey }}
                        {% endif %}
                        {% if dnsSecretApiKey %}override_domain {{ dnsSecretApiKey }}
                        {% endif %}
                    {% elif dnsProvider == 'porkbun' %}
                        {% if dnsApiKey %}api_key {{ dnsApiKey }}
                        {% endif %}
                        {% if dnsSecretApiKey %}api_secret_key {{ dnsSecretApiKey }}
                        {% endif %}
                    {% elif dnsProvider == 'desec' %}
                        {% if dnsApiKey %}token {{ dnsApiKey }}
                        {% endif %}
                    {% elif dnsProvider == 'route53' %}
                        {% if dnsApiKey %}access_key_id {{ dnsApiKey }}
                        {% endif %}
                        {% if dnsSecretApiKey %}secret_access_key {{ dnsSecretApiKey }}
                        {% endif %}
                        {% if dnsOptionalField1 %}max_retries {{ dnsOptionalField1 }}
                        {% endif %}
                        {% if dnsOptionalField2 %}aws_profile {{ dnsOptionalField2 }}
                        {% endif %}
                        {% if dnsOptionalField3 %}region {{ dnsOptionalField3 }}
                        {% endif %}
                        {% if dnsOptionalField4 %}token {{ dnsOptionalField4 }}
                        {% endif %}
                    {% elif dnsProvider == 'acmedns' %}
                        {% if dnsApiKey %}username {{ dnsApiKey }}
                        {% endif %}
                        {% if dnsSecretApiKey %}password {{ dnsSecretApiKey }}
                        {% endif %}
                        {% if dnsOptionalField1 %}subdomain {{ dnsOptionalField1 }}
                        {% endif %}
                        {% if dnsOptionalField2 %}server_url {{ dnsOptionalField2 }}
                        {% endif %}
                    {% elif dnsProvider == 'googleclouddns' %}
                        {% if dnsApiKey %}gcp_project {{ dnsApiKey }}
                        {% endif %}
                    {% elif dnsProvider == 'azure' %}
                        {% if dnsApiKey %}tenant_id {{ dnsApiKey }}
                        {% endif %}
                        {% if dnsSecretApiKey %}client_id {{ dnsSecretApiKey }}
                        {% endif %}
                        {% if dnsOptionalField1 %}client_secret {{ dnsOptionalField1 }}
                        {% endif %}
                        {% if dnsOptionalField2 %}subscription_id {{ dnsOptionalField2 }}
                        {% endif %}
                        {% if dnsOptionalField3 %}resource_group_name {{ dnsOptionalField3 }}
                        {% endif %}
                    {% elif dnsProvider == 'ovh' %}
                        {% if dnsApiKey %}endpoint {{ dnsApiKey }}
                        {% endif %}
                        {% if dnsSecretApiKey %}application_key {{ dnsSecretApiKey }}
                        {% endif %}
                        {% if dnsOptionalField1 %}application_secret {{ dnsOptionalField1 }}
                        {% endif %}
                        {% if dnsOptionalField2 %}consumer_key {{ dnsOptionalField2 }}
                        {% endif %}
                    {% elif dnsProvider == 'namecheap' %}
                        {% if dnsApiKey %}api_key {{ dnsApiKey }}
                        {% endif %}
                        {% if dnsSecretApiKey %}user {{ dnsSecretApiKey }}
                        {% endif %}
                        {% if dnsOptionalField1 %}api_endpoint {{ dnsOptionalField1 }}
                        {% endif %}
                        {% if dnsOptionalField2 %}client_ip {{ dnsOptionalField2 }}
                        {% endif %}
                    {% elif dnsProvider == 'powerdns' %}
                        {% if dnsApiKey %}server_url {{ dnsApiKey }}
                        {% endif %}
                        {% if dnsSecretApiKey %}api_token {{ dnsSecretApiKey }}
                        {% endif %}
                    {% elif dnsProvider == 'ddnss' %}
                        {% if dnsApiKey %}api_token {{ dnsApiKey }}
                        {% endif %}
                        {% if dnsSecretApiKey %}username {{ dnsSecretApiKey }}
                        {% endif %}
                        password {{ dnsOptionalField1 }}
                    {% elif dnsProvider == 'linode' %}
                        {% if dnsApiKey %}api_token {{ dnsApiKey }}
                        {% endif %}
                        {% if dnsSecretApiKey %}api_url {{ dnsSecretApiKey }}
                        {% endif %}
                        {% if dnsOptionalField1 %}api_version {{ dnsOptionalField1 }}
                        {% endif %}
                    {% elif dnsProvider == 'tencentcloud' %}
                        {% if dnsApiKey %}secret_id {{ dnsApiKey }}
                        {% endif %}
                        {% if dnsSecretApiKey %}secret_key {{ dnsSecretApiKey }}
                        {% endif %}
                    {% elif dnsProvider == 'dinahosting' %}
                        {% if dnsApiKey %}username {{ dnsApiKey }}
                        {% endif %}
                        {% if dnsSecretApiKey %}password {{ dnsSecretApiKey }}
                        {% endif %}
                    {% elif dnsProvider == 'hexonet' %}
                        {% if dnsApiKey %}username {{ dnsApiKey }}
                        {% endif %}
                        {% if dnsSecretApiKey %}password {{ dnsSecretApiKey }}
                        {% endif %}
                    {% elif dnsProvider == 'mailinabox' %}
                        {% if dnsApiKey %}api_url {{ dnsApiKey }}
                        {% endif %}
                        {% if dnsSecretApiKey %}email_address {{ dnsSecretApiKey }}
                        {% endif %}
                        {% if dnsOptionalField1 %}password {{ dnsOptionalField1 }}
                        {% endif %}
                    {% endif %}
                }
            }
        {% else %}
            tls {
                dns {{ dnsProvider }} {{ dnsApiKey }}
            }
        {% endif %}
    {% endif %}
    {% if customCert %}
        tls /var/db/caddy/data/caddy/certificates/temp/{{ customCert }}.pem /var/db/caddy/data/caddy/certificates/temp/{{ customCert }}.key
    {% endif %}
{% endmacro %}

{% macro reverse_proxy_configuration(handle) %}
    {{ handle.HandleType }} {{ handle.HandlePath|default("") }} {
        {% if handle.ToPath|default("") != "" %}
        rewrite * {{ handle.ToPath }}{uri}
        {% endif %}
        reverse_proxy {{ handle.ToDomain }}{% if handle.ToPort %}:{{ handle.ToPort }}{% endif %} {
            {% if handle.HttpTls|default("0") == "1" or handle.HttpTlsInsecureSkipVerify|default("0") == "1" %}
                {% if handle.HttpNtlm|default("0") == "1" %}
                transport http_ntlm {
                    {% if handle.HttpTlsInsecureSkipVerify|default("0") == "1" %}
                    tls_insecure_skip_verify
                    {% else %}
                    tls
                    {% if handle.HttpTlsTrustedCaCerts %}
                    tls_trusted_ca_certs /var/db/caddy/data/caddy/certificates/temp/{{ handle.HttpTlsTrustedCaCerts }}.pem
                    {% endif %}
                    {% if handle.HttpTlsServerName %}
                    tls_server_name {{ handle.HttpTlsServerName }}
                    {% endif %}
                    {% endif %}
                }
                {% else %}
                transport http {
                    {% if handle.HttpTlsInsecureSkipVerify|default("0") == "1" %}
                    tls_insecure_skip_verify
                    {% else %}
                    tls
                    {% if handle.HttpTlsTrustedCaCerts %}
                    tls_trusted_ca_certs /var/db/caddy/data/caddy/certificates/temp/{{ handle.HttpTlsTrustedCaCerts }}.pem
                    {% endif %}
                    {% if handle.HttpTlsServerName %}
                    tls_server_name {{ handle.HttpTlsServerName }}
                    {% endif %}
                    {% endif %}
                }
                {% endif %}
            {% endif %}
        }
    }
{% endmacro %}

{% macro access_list_configuration(accesslist, invert) %}
    {% set client_ips = accesslist.clientIps.split(',') %}
    {% set client_ips_space_separated = client_ips | join(' ') %}
    @{{ accesslist['@uuid'] }} {
        {{ 'not' if invert else '' }} client_ip {{ client_ips_space_separated }}
    }
{% endmacro %}

{% macro basicauth_configuration(basicauth_uuids) %}
    {% if basicauth_uuids %}
    basicauth {
        {% for uuid in basicauth_uuids.split(',') %}
            {% set basicauth = helpers.toList('Pischem.caddy.reverseproxy.basicauth') | selectattr('@uuid', 'equalto', uuid) | first %}
            {% if basicauth %}
                {{ basicauth.basicauthuser }} {{ basicauth.basicauthpass }}
            {% endif %}
        {% endfor %}
    }
    {% endif %}
{% endmacro %}

{% for reverse in helpers.toList('Pischem.caddy.reverseproxy.reverse') %}
{% if reverse.enabled|default("0") == "1" %}
# Reverse Proxy Domain: "{{ reverse['@uuid'] }}"
{{ reverse.FromDomain|default("") }}{% if reverse.FromPort %}:{{ reverse.FromPort }}{% endif %} {
    {% if reverse.AccessLog|default("0") == "1" %}
    {% if generalSettings.LogAccessPlain|default("0") == "0" %}
    log {{ reverse['@uuid'] }}
    {% else %}
    log {
        output file /var/log/caddy/access/{{ reverse['@uuid'] }}.log {
            roll_keep_for {{ generalSettings.LogAccessPlainKeep|default("10") }}d
        }
    }
    {% endif %}
    {% endif %}
    {% set customCert = reverse.CustomCertificate|default("") %}
    {% set dnsChallenge = reverse.DnsChallenge|default("0") %}
    {{ tls_configuration(dnsProvider, dnsApiKey, customCert, dnsChallenge, dnsSecretApiKey, TlsDnsOptionalField1, TlsDnsOptionalField2, TlsDnsOptionalField3, TlsDnsOptionalField4) }}

    {% if not reverse.accesslist %}
        {% set basicauth_uuids = reverse.basicauth %}
        {{ basicauth_configuration(basicauth_uuids) }}
    {% endif %}

    {% for subdomain in helpers.toList('Pischem.caddy.reverseproxy.subdomain') %}
    {% if subdomain.enabled|default("0") == "1" and subdomain.reverse == reverse['@uuid'] %}
    @{{ subdomain['@uuid'] }} {
        host {{ subdomain.FromDomain }}{% if subdomain.FromPort %}:{{ subdomain.FromPort }}{% endif %}
    }
    handle @{{ subdomain['@uuid'] }} {

        {% if not subdomain.accesslist %}
            {% set subdomain_basicauth_uuids = subdomain.basicauth %}
            {{ basicauth_configuration(subdomain_basicauth_uuids) }}
        {% endif %}

        {% if subdomain.accesslist %}
        {% set accesslist = helpers.toList('Pischem.caddy.reverseproxy.accesslist') | selectattr('@uuid', 'equalto', subdomain.accesslist) | first %}
        {{ access_list_configuration(accesslist, accesslist.accesslistInvert|default("0") == "1") }}
        handle @{{ accesslist['@uuid'] }} {

            {% set subdomain_basicauth_uuids = subdomain.basicauth %}
            {{ basicauth_configuration(subdomain_basicauth_uuids) }}

            {% set subdomain_handles = helpers.toList('Pischem.caddy.reverseproxy.handle') | selectattr('subdomain', 'equalto', subdomain['@uuid']) | list %}
            {% for handle in subdomain_handles %}
            {% if handle.enabled|default("0") == "1" and handle.HandlePath %}
                {{ reverse_proxy_configuration(handle) }}
            {% endif %}
            {% endfor %}
            {% for handle in subdomain_handles %}
            {% if handle.enabled|default("0") == "1" and not handle.HandlePath %}
                {{ reverse_proxy_configuration(handle) }}
            {% endif %}
            {% endfor %}
        }
        {% else %}
        {% set subdomain_handles = helpers.toList('Pischem.caddy.reverseproxy.handle') | selectattr('subdomain', 'equalto', subdomain['@uuid']) | list %}
        {% for handle in subdomain_handles %}
        {% if handle.enabled|default("0") == "1" and handle.HandlePath %}
            {{ reverse_proxy_configuration(handle) }}
        {% endif %}
        {% endfor %}
        {% for handle in subdomain_handles %}
        {% if handle.enabled|default("0") == "1" and not handle.HandlePath %}
            {{ reverse_proxy_configuration(handle) }}
        {% endif %}
        {% endfor %}
        {% endif %}
        {% if Pischem.caddy.general.abort|default("0") == "1" %}
        abort
        {% endif %}
    }
    {% endif %}
    {% endfor %}

    {% if reverse.accesslist %}
    {% set accesslist = helpers.toList('Pischem.caddy.reverseproxy.accesslist') | selectattr('@uuid', 'equalto', reverse.accesslist) | first %}
    {{ access_list_configuration(accesslist, accesslist.accesslistInvert|default("0") == "1") }}
    handle @{{ accesslist['@uuid'] }} {

        {% set basicauth_uuids = reverse.basicauth %}
        {{ basicauth_configuration(basicauth_uuids) }}

        {% set wildcard_handles = helpers.toList('Pischem.caddy.reverseproxy.handle') | selectattr('reverse', 'equalto', reverse['@uuid']) | selectattr('subdomain', 'undefined') | list %}
        {% for handle in wildcard_handles %}
        {% if handle.enabled|default("0") == "1" and handle.HandlePath %}
            {{ reverse_proxy_configuration(handle) }}
        {% endif %}
        {% endfor %}
        {% for handle in wildcard_handles %}
        {% if handle.enabled|default("0") == "1" and not handle.HandlePath %}
            {{ reverse_proxy_configuration(handle) }}
        {% endif %}
        {% endfor %}
    }
    {% else %}
    {% set wildcard_handles = helpers.toList('Pischem.caddy.reverseproxy.handle') | selectattr('reverse', 'equalto', reverse['@uuid']) | selectattr('subdomain', 'undefined') | list %}
    {% for handle in wildcard_handles %}
    {% if handle.enabled|default("0") == "1" and handle.HandlePath %}
        {{ reverse_proxy_configuration(handle) }}
    {% endif %}
    {% endfor %}
    {% for handle in wildcard_handles %}
    {% if handle.enabled|default("0") == "1" and not handle.HandlePath %}
        {{ reverse_proxy_configuration(handle) }}
    {% endif %}
    {% endfor %}
    {% endif %}
    {% if Pischem.caddy.general.abort|default("0") == "1" %}
    abort
    {% endif %}
}
{% endif %}
{% endfor %}

import /usr/local/etc/caddy/caddy.d/*.conf
