# OpenCRM Caddyfile
# ===================
# Replace {$DOMAIN} with your actual domain or use environment variable
# For local development without SSL, use localhost:80

{$DOMAIN:localhost} {
    # Reverse proxy to OpenCRM app
    reverse_proxy app:3001

    # Logging
    log {
        output stdout
        format console
    }

    # Security headers
    header {
        # Clickjacking protection
        X-Frame-Options "SAMEORIGIN"
        # XSS protection
        X-Content-Type-Options "nosniff"
        X-XSS-Protection "1; mode=block"
        # Referrer policy
        Referrer-Policy "strict-origin-when-cross-origin"
    }

    # Gzip compression
    encode gzip

    # Handle file uploads (increase body limit)
    request_body {
        max_size 50MB
    }
}