# smr configuration

server tls {
	bind 0.0.0.0 <{get port}>

}

seccomp_tracing yes

privsep worker {
	runas root

	root  <{get worker_chroot }>

}
privsep keymgr {
	runas root

	root <{get kmgr_chroot }>

}

load		<{get bin_path}>/smr.so

workers         1

http_body_max 8388608

tls_dhparam	<{get bin_path}>/dh2048.pem

validator v_any regex [\s\S]*
validator v_storyid regex [a-zA-Z0-9$+!*'(),-]+
validator v_subdomain regex [a-z0-9]{1,30}
validator v_markup regex (plain|imageboard)
validator v_bool regex (0|1)
validator v_checkbox regex (|on)
validator v_hex_128 regex [0-9a-f]{128}
validator v_time regex [0-9]+

domain * {
	attach tls

	certfile	cert/server.pem
	certkey		cert/key.pem

	#I run kore behind a lighttpd reverse proxy, so this is a bit useless to me
	accesslog 	/dev/null

	route / {
		handler home
		methods get
	}

	route /_css/style.css {
		handler asset_serve_style_css
		methods get
	}
	
	route /_css/suggest_tags.css {
		handler asset_serve_style_css
		methods get
	}

	route /_css/milligram.css {
		handler asset_serve_milligram_css
		methods get
	}

	route /_css/milligram.min.css.map {
		handler asset_serve_milligram_min_css_map
		methods get
	}

	route /_faq {
		handler asset_serve_faq_html
		methods get
	}

	route /_js/suggest_tags.js {
		handler asset_serve_suggest_tags_js
		methods get
	}

	route /_js/bookmark.js {
		handler asset_serve_bookmark_js
		methods get
	}

	route /_js/intervine_deletion.js {
		handler asset_serve_intervine_deletion_js
		methods get
	}
	
	route /_js/index_scroll.js {
		handler asset_serve_index_scroll_js
		methods get
	}

	route /favicon.ico {
		handler asset_serve_favicon_ico
		methods get
	}

	route /_paste {
		handler post_story
		methods get post

		validate post title v_any
		validate post text v_any
		validate post pasteas v_subdomain
		validate post markup v_markup
		validate post tags v_any
		validate post unlisted v_checkbox
	}

	route /_edit {
		handler edit_story
		methods get post

		validate qs:get story v_storyid

		validate post title v_any
		validate post story v_storyid
		validate post text v_any
		validate post pasteas v_subdomain
		validate post markup v_markup
		validate post tags v_any
		validate post unlisted v_checkbox
	}

	route /_bio {
		handler edit_bio
		methods get post

		validate post text v_any
		validate post author v_subdomain
	}
	
	route /_login {
		handler login
		methods get post

		validate post user v_subdomain
		validate post pass v_any
	}
	
	route /_logout {
		handler logout
		methods get
	}

	route ^/_claim {
		handler claim
		methods get post

		validate post user v_subdomain
	}

	route /_download {
		handler download
		methods get

		validate qs:get story v_storyid
		validate qs:get pwd v_hex_128
		validate qs:get fmt v_any
	}

	route /_preview {
		handler preview
		methods post

		validate post title v_any
		validate post text v_any
		validate post pasteas v_subdomain
		validate post markup v_markup
		validate post tags v_any
		validate post unlisted v_checkbox
	}

	route /_search {
		handler search
		methods get

		validate qs:get q v_any
	}

	route /_archive {
		handler archive
		methods get

		validate qs:get t v_time
	}

	route /_api {
		handler api
		methods get

		validate qs:get call v_any
		validate qs:get data v_any
	}

	route /_delete {
		handler delete
		methods post

		validate post story v_storyid
	}
	# Leading ^ is needed for dynamic routes, kore says the route is dynamic if it does not start with '/'
	route  ^/[^_].* {
		handler read_story
		methods get post

		validate qs:get comments v_bool
		validate qs:get pwd v_hex_128

		validate post text v_any
		validate post postas v_subdomain
		validate post pwd v_hex_128
	}
}