projectsegfau.lt www.projectsegfau.lt web.dev.projectsegfau.lt {
        reverse_proxy :1339
        import def
        reverse_proxy /bosh xmpp.projectsegfau.lt:5443 {
                header_up X-Real-IP {remote_host}
                transport http {
                        tls_insecure_skip_verify
                }
        }
        reverse_proxy /ws xmpp.projectsegfau.lt:5443 {
                header_up X-Real-IP {remote_host}
                transport http {
                        tls_insecure_skip_verify
                }
        }
        header /.well-known/matrix/* Content-Type application/json
        header /.well-known/matrix/* Access-Control-Allow-Origin *
        handle_path /.well-known/* {
                root * /var/www/well-known
                file_server
        }
        header /.well-known/host-meta Content-Type application/xrd+xml
        header /.well-known/host-meta Access-Control-Allow-Origin *
        header /.well-known/host-meta.json Content-Type application/json
        header /.well-known/host-meta.json Access-Control-Allow-Origin *
        header /.well-known/xmpp-provider-v2.json Content-Type application/json
        header /.well-known/xmpp-provider-v2.json Access-Control-Allow-Origin *

        import torloc www
}
psf.lt www.psf.lt {
        reverse_proxy :1339
        import def
        import torloc www
        header /.well-known/matrix/* Content-Type application/json
        header /.well-known/matrix/* Access-Control-Allow-Origin *
        handle_path /.well-known/* {
                root * /var/www/psf-well-known
                file_server
        }
}
sl.projectsegfau.lt sl.psf.lt {
	reverse_proxy :7777
	import def
}
nitter.projectsegfau.lt n.psf.lt {
	reverse_proxy :8387
	import def
	route {
		reverse_proxy /outpost.goauthentik.io/* https://in.v.psf.lt:7444 {
			header_up Host {http.reverse_proxy.upstream.hostport}
			transport http {
				tls_insecure_skip_verify
			}
		}
		# Forward authentication requests to Authentik's outpost
		forward_auth https://in.v.psf.lt:7444 {
			transport http {
				tls_insecure_skip_verify
			}
			uri /outpost.goauthentik.io/auth/caddy

			# Ensure these headers are passed, using correct capitalization
			copy_headers X-Authentik-Username X-Authentik-Groups X-Authentik-Email X-Authentik-Name
			trusted_proxies private_ranges
		}
	}
}
libreddit.projectsegfau.lt lr.psf.lt {
	reverse_proxy :6464
	import def
	route {
		reverse_proxy /preview/* :6465
		reverse_proxy /outpost.goauthentik.io/* https://in.v.psf.lt:7444 {
			header_up Host {http.reverse_proxy.upstream.hostport}
			transport http {
				tls_insecure_skip_verify
			}
		}
		# Forward authentication requests to Authentik's outpost
		forward_auth https://in.v.psf.lt:7444 {
			transport http {
				tls_insecure_skip_verify
			}
			uri /outpost.goauthentik.io/auth/caddy

			# Ensure these headers are passed, using correct capitalization
			copy_headers X-Authentik-Username X-Authentik-Groups X-Authentik-Email X-Authentik-Name
			trusted_proxies private_ranges
		}
	}
}

# REDIRECTS/SHUTDOWNS
inv.bp.projectsegfau.lt, i.bp.psf.lt, invidious.projectsegfau.lt, inv.projectsegfau.lt, i.psf.lt {
	respond "Invidious has shutdown"
	import def
	import torloc invbp
}
piped.projectsegfau.lt proxy.piped.projectsegfau.lt api.piped.projectsegfau.lt pi.psf.lt {
	respond "Piped has shutdown"
	import def
}

bb.us.projectsegfau.lt bb.in.projectsegfau.lt bb.eu.projectsegfau.lt bb.projectsegfau.lt {
	import def
	import torloc beatbump
	respond "Beatbump has shutdown"
}
ferrit.projectsegfau.lt snooddit.projectsegfau.lt {
	respond "Ferrit/Snoodit/Libreddit/Redlib has been shutdown"
	import acmedns
}