# Caddy frontend configuration for Feersum
# Usage: caddy run --config /path/to/Caddyfile
#
# =============================================================================
# BACKEND OPTIONS
# =============================================================================
#
# 1. PSGI with Plack::Handler::Feersum (simple)
#    TCP:  plackup -s Feersum -p 5000 --keepalive app.psgi
#    Unix: plackup -s Feersum -l /tmp/feersum.sock --keepalive app.psgi
#
# 2. PSGI with Server::Starter + Plack::Handler::Feersum::SS (hot restart)
#    TCP:  start_server --port 5000 -- \
#            plackup -s Feersum::SS -E production \
#            --keepalive --header-timeout 30 app.psgi
#    Unix: start_server --path /tmp/feersum.sock -- \
#            plackup -s Feersum::SS -E production \
#            --keepalive --header-timeout 30 app.psgi
#
#    Hot restart without downtime: kill -HUP $(cat /path/to/start_server.pid)
#
# 3. Native interface (maximum performance, ~1.5x faster than PSGI)
#    See eg/native.pl for full example:
#    perl eg/native.pl 5000
#
#    Or inline:
#    perl -MFeersum -MIO::Socket::INET -e '
#        my $sock = IO::Socket::INET->new(
#            LocalAddr => "127.0.0.1:5000", ReuseAddr => 1, Listen => 1024
#        ) or die $!;
#        my $f = Feersum->endjinn;
#        $f->use_socket($sock);
#        $f->set_keepalive(1);
#        $f->header_timeout(30);
#        $f->request_handler(sub {
#            my $r = shift;
#            $r->send_response(200, ["Content-Type","text/plain"], "Hello");
#        });
#        EV::run;'
#
# 4. Native with Server::Starter (hot restart + native performance)
#    start_server --port 5000 --backlog 4096 -- \
#      perl -MFeersum -MServer::Starter=server_ports -e '
#        my ($port, $fd) = each %{server_ports()};
#        open(my $sock, "<&=", $fd) or die $!;
#        my $f = Feersum->endjinn;
#        $f->use_socket($sock);
#        $f->set_keepalive(1);
#        $f->header_timeout(30);
#        $f->request_handler(sub { shift->send_response(200, [], "OK") });
#        EV::run;'
#
# BACKLOG TUNING:
#   Feersum uses SOMAXCONN (typically 128) as listen backlog.
#   For high-traffic servers, increase at OS level:
#     Linux:   sysctl -w net.core.somaxconn=4096
#     FreeBSD: sysctl kern.ipc.somaxconn=4096
#   With Server::Starter, use --backlog option as shown above.
#
# =============================================================================

# Global options
{
    # Disable automatic HTTPS for local development
    # Remove this block for production with automatic Let's Encrypt
    auto_https off

    # Admin API (optional)
    admin off

    # Logging
    log {
        output stdout
        format console
        level INFO
    }
}

#=============================================================================
# HTTP server with TCP backend
#=============================================================================
:80 {
    # Reverse proxy to Feersum TCP backend
    reverse_proxy 127.0.0.1:5000 {
        # Keepalive to backend
        transport http {
            keepalive 60s
            keepalive_idle_conns 64
        }

        # Health check (optional)
        health_uri /health
        health_interval 10s
        health_timeout 5s

        # Headers
        header_up Host {host}
        header_up X-Real-IP {remote_host}
        header_up X-Forwarded-For {remote_host}
        header_up X-Forwarded-Proto {scheme}
    }

    # Request timeouts (Slowloris protection)
    request_body {
        max_size 100MB
    }

    # Compression
    encode gzip

    # Logging
    log {
        output stdout
    }
}

#=============================================================================
# HTTP server with Unix socket backend (faster)
#=============================================================================
:8080 {
    reverse_proxy unix//tmp/feersum.sock {
        transport http {
            keepalive 60s
            keepalive_idle_conns 64
        }

        header_up Host {host}
        header_up X-Real-IP {remote_host}
        header_up X-Forwarded-For {remote_host}
        header_up X-Forwarded-Proto {scheme}
    }

    encode gzip
}

#=============================================================================
# HTTPS server with automatic certificates (production)
#=============================================================================
# example.com {
#     reverse_proxy 127.0.0.1:5000 {
#         transport http {
#             keepalive 60s
#             keepalive_idle_conns 64
#         }
#
#         header_up Host {host}
#         header_up X-Real-IP {remote_host}
#         header_up X-Forwarded-For {remote_host}
#         header_up X-Forwarded-Proto https
#     }
#
#     encode gzip
#
#     # Automatic HTTPS with Let's Encrypt
#     tls {
#         protocols tls1.2 tls1.3
#     }
# }

#=============================================================================
# WebSocket support
#=============================================================================
:8081 {
    # WebSocket reverse proxy (auto-detected by Caddy)
    reverse_proxy /ws* 127.0.0.1:5000 {
        transport http {
            keepalive 60s
        }

        header_up Host {host}
        header_up X-Real-IP {remote_host}
    }

    # Regular HTTP for other paths
    reverse_proxy 127.0.0.1:5000 {
        transport http {
            keepalive 60s
            keepalive_idle_conns 64
        }
    }
}

#=============================================================================
# Load balancing multiple Feersum workers
#=============================================================================
:8082 {
    reverse_proxy 127.0.0.1:5000 127.0.0.1:5001 127.0.0.1:5002 {
        # Load balancing policy
        lb_policy round_robin

        # Keepalive
        transport http {
            keepalive 60s
            keepalive_idle_conns 64
        }

        # Health checks
        health_uri /health
        health_interval 10s

        # Retry failed requests
        lb_try_duration 5s
        lb_try_interval 250ms
    }
}
