server:
  port: 443
  ssl:
    enabled: true
    certFile: server.crt
    keyFile: server.key
    acme:
      enabled: true
      email: me@pablu.de
      keyFile: userKey.key
      caDirUrl: https://192.168.2.154:14000/dir
      tlsAlpn01Port: 5001 
      http01Port: 5002
      renewTime: 30s


logging:
  level: debug
  # Pretty print for human consumption otherwise json
  pretty: true
  # Log incoming requests
  requests: true
  # Log to file aswell as stderr
  file:
    enabled: false
    maxAge: 14
    maxBackups: 10
    path: ~/logs/router


rateLimit:
  enabled: true
  # How many requests per ip adress are allowed
  bucketSize: 50
  # How many requests per ip address are refilled
  refillSize: 50
  # How often requests per ip address are refilled
  refillTime: 30s
  # How often Ip Addresses get cleaned up (only ip addresses with max allowed requests are cleaned up)
  cleanupTime: 45s


hosts:
    # Remote address to request
  - remotes: 
      - localhost
      - 192.168.2.154
    # Port on which to request
    port: 8181
    # Health check if announce is true
    public: true
    # Domains which get redirected to host
    domains:
      - localhost
      - test.localhost

  - remotes: 
      - localhost
    port: 8282
    public: false
    domains:
      - private.localhost

  # - remotes: 
  #     - www.google.com
  #     - localhost 
  #   port: 443
  #   public: false
  #   # Uses https under the hood to communicate with the remote host
  #   secure: true
  #   domains:
  #     - google.localhost

general:
  # Expose health endpoint, that requests health endpoints from hosts which are public
  announce: true
  # Path to health endpoint on router, is allowed to conflict with hosts, but overwrites specific host endpoint
  healthz: healthz