# Proxy
#
# Kamal uses [kamal-proxy](https://github.com/basecamp/kamal-proxy) to provide
# gapless deployments. It runs on ports 80 and 443 and forwards requests to the
# application container.
#
# The proxy is configured in the root configuration under `proxy`. These are
# options that are set when deploying the application, not when booting the proxy.
#
# They are application-specific, so they are not shared when multiple applications
# run on the same proxy.
#
# The proxy is enabled by default on the primary role but can be disabled by
# setting `proxy: false`.
#
# It is disabled by default on all other roles but can be enabled by setting
# `proxy: true` or providing a proxy configuration.
proxy:

  # Hosts
  #
  # The hosts that will be used to serve the app. The proxy will only route requests
  # to this host to your app.
  #
  # If no hosts are set, then all requests will be forwarded, except for matching
  # requests for other apps deployed on that server that do have a host set.
  #
  # Specify one of `host` or `hosts`.
  host: foo.example.com
  hosts:
    - foo.example.com
    - bar.example.com

  # App port
  #
  # The port the application container is exposed on.
  #
  # Defaults to 80:
  app_port: 3000

  # SSL
  #
  # kamal-proxy can provide automatic HTTPS for your application via Let's Encrypt.
  #
  # This requires that we are deploying to one server and the host option is set.
  # The host value must point to the server we are deploying to, and port 443 must be
  # open for the Let's Encrypt challenge to succeed.
  #
  # Defaults to `false`:
  ssl: true

  # TLSOnDemandURL
  #
  # Next big thing after...
  tls_on_demand_url: "http://example.com/check_host"

  # Response timeout
  #
  # How long to wait for requests to complete before timing out, defaults to 30 seconds:
  response_timeout: 10

  # Healthcheck
  #
  # When deploying, the proxy will by default hit `/up` once every second until we hit
  # the deploy timeout, with a 5-second timeout for each request.
  #
  # Once the app is up, the proxy will stop hitting the healthcheck endpoint.
  healthcheck:
    interval: 3
    path: /health
    timeout: 3

  # Buffering
  #
  # Whether to buffer request and response bodies in the proxy.
  #
  # By default, buffering is enabled with a max request body size of 1GB and no limit
  # for response size.
  #
  # You can also set the memory limit for buffering, which defaults to 1MB; anything
  # larger than that is written to disk.
  buffering:
    requests: true
    responses: true
    max_request_body: 40_000_000
    max_response_body: 0
    memory: 2_000_000

  # Logging
  #
  # Configure request logging for the proxy.
  # You can specify request and response headers to log.
  # By default, `Cache-Control`, `Last-Modified`, and `User-Agent` request headers are logged:
  logging:
    request_headers:
      - Cache-Control
      - X-Forwarded-Proto
    response_headers:
      - X-Request-ID
      - X-Request-Start

  # Forward headers
  #
  # Whether to forward the `X-Forwarded-For` and `X-Forwarded-Proto` headers.
  #
  # If you are behind a trusted proxy, you can set this to `true` to forward the headers.
  #
  # By default, kamal-proxy will not forward the headers if the `ssl` option is set to `true`, and
  # will forward them if it is set to `false`.
  forward_headers: true