# Caddyfile for Fellowship Tutorial Instances
# Used exclusively by setup_fellowship.sh for classroom/tutorial EC2 instances
# that run the full DevOps Escape Room stack (SUT + Jenkins CI + code-server IDE).
#
# This file is NEVER used by the permanent SUT deployment (bootstrap_spot_instance.sh),
# which uses Caddyfile.prod (SUT only) instead.
#
# setup_fellowship.sh copies this file over caddy/Caddyfile before starting
# docker compose, so that the Caddy container picks it up automatically.
#
# Required environment variables:
#   CADDY_DOMAIN     — SUT domain   (e.g. fellowship-pool-8.fellowship.testingfantasy.com)
#   JENKINS_DOMAIN   — Jenkins domain (jenkins-{CADDY_DOMAIN})
#   IDE_DOMAIN       — IDE domain   (ide-{CADDY_DOMAIN})
#   GITEA_DOMAIN     — Gitea domain  (gitea-{CADDY_DOMAIN})
#
# All four domains must have Route53 A records pointing to the same instance
# public IP as CADDY_DOMAIN. setup_fellowship.sh creates all records.
#
# Routing:
#   CADDY_DOMAIN   → SUT frontend (port 3000) and backend API (port 5000)
#   JENKINS_DOMAIN → Jenkins CI   (port 8080, devops-escape-room compose stack)
#   IDE_DOMAIN     → code-server  (port 8443, devops-escape-room compose stack)
#   GITEA_DOMAIN   → Gitea        (port 3030, devops-escape-room compose stack)
#
# Jenkins and code-server are reached via host.docker.internal (host-gateway),
# because they run in a separate docker-compose project from Caddy.
# docker-compose.yml sets extra_hosts: [host.docker.internal:host-gateway].

# ── Fellowship SUT ────────────────────────────────────────────────────────────
{$CADDY_DOMAIN} {
    # Let Caddy use its default automatic HTTPS issuers.
    # This avoids hard-failing when a single ACME CA is temporarily rate-limited.

    reverse_proxy /api/* backend:5000
    reverse_proxy /* frontend:3000
}

# ── Jenkins CI (DevOps Escape Room) ──────────────────────────────────────────
{$JENKINS_DOMAIN} {
    reverse_proxy /* host.docker.internal:8080
}

# ── code-server IDE (DevOps Escape Room) ─────────────────────────────────────
# Host port 8443 maps to the code-server container's internal port 8080.
{$IDE_DOMAIN} {
    reverse_proxy /* host.docker.internal:8443
}

# ── Gitea (self-hosted Git, DevOps Escape Room) ───────────────────────────────
# Host port 3030 maps to Gitea's internal port 3000.
{$GITEA_DOMAIN} {
    reverse_proxy /* host.docker.internal:3030
}