// NOTE: This is NOT a valid JSON file.
// Comments are added here, which are stripped out by fulgens. This is not standard behavior for JSON and will only work with fulgens.

{
  // Global configuration
  "global": {
    // IP defines the IP address to bind to.
    "ip": "0.0.0.0",
    // httpPort defines the port to bind to for HTTP.
    "httpPort": "8080",
    // httpsPort defines the port to bind to for HTTPS (TLS).
    "httpsPort": "8443",
    // serviceDirectory defines the directory to look for services in.
    "serviceDirectory": "./services",
    // resourceDirectory defines the directory to look for resources in.
    "resourceDirectory": "./resources",
    // compression defines the compression settings on a global level - per-route settings override these.
    "compression": {
      // algorithm defines the compression algorithm to use, possible values are "gzip", "brotli" and "zstd".
      "algorithm": "gzip",
      // level defines the compression level to use, possible values are 1-9 for gzip, 0-11 for brotli and 1-22 for zstd.
      "level": 5
    },
    // logging defines the logging settings.
    "logging": {
      // enabled defines whether logging is enabled.
      "enabled": true,
      // file defines the file to log to, relative to the working directory.
      "file": "fulgens.log"
    },
    // database defines the database settings.
    "database": {
      // type defines the type of database to use, possible values are "sqlite" and "postgres".
      "type": "sqlite",
      // path defines the path to the directory to store database files in (sqlite only).
      "path": "./databases",
      // connectionString defines the connection string to use for the database (postgres only).
      "connectionString": "postgres://user:password@localhost:5432/database"
    }
  },
  // Routes define per-subdomain routing settings.
  "routes": [
    {
      // none is a special subdomain that matches all requests without a subdomain (Host header).
      "subdomain": "none",
      // services defines the services to use for this route. Services must be defined on a per-subdomain basis.
      // Each service may not be used more than once globally. The server will fail to start if this is violated.
      "services": ["authentication"]
    },
    {
      // any subdomain value that isn't "none" will match that specific subdomain.
      "subdomain": "www.localhost",
      // https defines the HTTPS settings for this route.
      "https": {
        // certificate defines the path to the certificate file.
        "certificate": "./certs/localhost.crt",
        // key defines the path to the key file.
        "key": "./certs/localhost.key"
      },
      // paths defines per-path settings (NOT for services, which MUST be defined on a per-subdomain basis).
      "paths": [
        {
          // path defines the path to match. They can contain wildcards.
          "path": "/static/*",
          // static defines the static file serving settings for this path. This conflicts with proxy.
          // If both proxy and static are defined, static will take precedence.
          "static": {
            // root defines the root directory to serve static files from.
            "root": "./static",
            // directoryListing defines whether to show a directory listing when a directory is requested.
            // if it is false or unset, a 403 Forbidden will be returned instead.
            "directoryListing": true
          }
        },
        {
          // path defines the path to match. They can contain wildcards.
          "path": "/proxy/*",
          // proxy defines the proxy settings for this path. This conflicts with static.
          // If both proxy and static are defined, static will take precedence.
          "proxy": {
            // url defines the URL to proxy requests to.
            "url": "http://localhost:8000",
            // stripPrefix defines whether to strip the prefix from the path before proxying.
            "stripPrefix": true
            // TODO: In a future update, passing X-Forwarded-For and X-Forwarded-Proto headers will be supported.
            // TODO: In a future update, forbidding certain headers from being passed will be supported.
            // TODO: In a future update, passing X-Powered-By and Server headers will be supported.
            // TODO: In a future update, passing Host header will be supported.
          }
        }
      ]
    }
  ],

  // Services define the settings for services.
  "services": {
    // authentication defines the settings for the authentication service, which is built-in.
    "authentication": {
      // privacyPolicy defines the URL to the privacy policy.
      "privacyPolicy": "https://git.ailur.dev/Paperwork/nucleus/src/commit/5d191eea87cffae8bdca42017ac26dc19e6cb3de/Privacy.md",
      // url defines the publicly-facing URL of the service, in case of it being behind a reverse proxy.
      "url": "http://localhost:8000",
      // identifier defines the identifier for the service, in the form of [Identifier] Accounts.
      "identifier": "Authenticator",
      // adminKey defines the key to use for administrative operations, such as listing all users.
      "adminKey": "supersecretkey",
      // testAppIsInternalApp defines whether the test app is an internal app, which allows it to bypass the user consent screen.
      "testAppIsInternalApp": true,
      // testAppEnabled defines whether the test app is enabled, which is recommended for testing purposes.
      "testAppEnabled": true
    },
    // storage defines the settings for the storage service, which is built-in.
    "storage": {
      // path defines the path to store blobs in.
      "path": "./blob",
      // defaultQuota defines the default quota for users in bytes.
      "defaultQuota": 50000000
    },
  }
}