{{ test_url }} {

    {% if test_acme %}
header / {
    # Enable HTTP Strict Transport Security (HSTS) to force clients to always
    # connect via HTTPS (do not use if only testing)
    Strict-Transport-Security "max-age=31536000;"
    # Enable cross-site filter (XSS) and tell browser to block detected attacks
    X-XSS-Protection "1; mode=block"
    # Prevent some browsers from MIME-sniffing a response away from the declared Content-Type
    X-Content-Type-Options "nosniff"
    # Disallow the site to be rendered within a frame (clickjacking protection)
    X-Frame-Options "DENY"
}
    {% else %}
tls internal
    {% endif %}

    log  {
        output file {{ caddy_logs }}/{{ test_name }}/vhost.log
    }

    root * {{ test_code }}
    file_server
    encode zstd gzip

}

{% if test_www %}
www.{{ test_url }} {

    redir https://{{ test_url }}

}
{% endif %}