{# vim: set ft=jinja : -#}
{{ frigate.caddy.server_name }} {
	forward_auth {{ frigate.caddy.forward_auth.url }} {
		uri {{ frigate.caddy.forward_auth.path }}
		header_up Host {upstream_hostport}

		@unauthorized status 401
		handle_response @unauthorized {
			respond "" 302
			header Location {{ frigate.caddy.forward_auth.url }}?rd=https://{{ frigate.caddy.server_name }}
		}
	}

	reverse_proxy localhost:5000

	tls {{ frigate.caddy.acme.email }} {
		ca {{ caddy.acme.url }}
		ca_root /etc/caddy/acme-ca.crt
	}
}