# Artale 数据同步服务器 - Apache配置文件
# 此文件用于配置URL重写和安全设置

# 启用重写引擎
RewriteEngine On

# API路由重写
# 将 /api/sync/check 重写到 index.php
RewriteRule ^api/sync/check$ index.php [L,QSA]

# 将 /api/sync/status 重写到 index.php
RewriteRule ^api/sync/status$ index.php [L,QSA]

# 安全设置
# 禁止直接访问敏感文件
<Files "setup.php">
    # 可以根据需要注释掉这行来允许访问setup.php
    # Require all denied
</Files>

<Files "*.yaml">
    Require all denied
</Files>

<Files "*.yml">
    Require all denied
</Files>

# 设置CORS头
<IfModule mod_headers.c>
    Header always set Access-Control-Allow-Origin "*"
    Header always set Access-Control-Allow-Methods "GET, POST, OPTIONS"
    Header always set Access-Control-Allow-Headers "Content-Type, Authorization"
    Header always set Access-Control-Max-Age "3600"
</IfModule>

# 处理OPTIONS预检请求
RewriteCond %{REQUEST_METHOD} OPTIONS
RewriteRule ^(.*)$ $1 [R=200,L]

# 设置文件类型
<IfModule mod_mime.c>
    AddType application/json .json
    AddType text/yaml .yaml
    AddType text/yaml .yml
</IfModule>

# 启用压缩
<IfModule mod_deflate.c>
    AddOutputFilterByType DEFLATE text/plain
    AddOutputFilterByType DEFLATE text/html
    AddOutputFilterByType DEFLATE text/xml
    AddOutputFilterByType DEFLATE text/css
    AddOutputFilterByType DEFLATE application/xml
    AddOutputFilterByType DEFLATE application/xhtml+xml
    AddOutputFilterByType DEFLATE application/rss+xml
    AddOutputFilterByType DEFLATE application/javascript
    AddOutputFilterByType DEFLATE application/x-javascript
    AddOutputFilterByType DEFLATE application/json
</IfModule>

# 设置缓存
<IfModule mod_expires.c>
    ExpiresActive On
    ExpiresByType image/png "access plus 1 month"
    ExpiresByType image/jpg "access plus 1 month"
    ExpiresByType image/jpeg "access plus 1 month"
    ExpiresByType application/json "access plus 1 hour"
</IfModule>

# 安全头设置
<IfModule mod_headers.c>
    Header always set X-Content-Type-Options nosniff
    Header always set X-Frame-Options DENY
    Header always set X-XSS-Protection "1; mode=block"
</IfModule>