{
  "$schema": "http://json-schema.org/draft-07/schema#",
  "type": "object",
  "additionalProperties": false,
  "properties": {
    "$schema": {
      "type": "string"
    },
    "domains": {
      "type": "array",
      "minItems": 1,
      "items": { "$ref": "#/definitions/domain" }
    },
    "servers": {
      "type": "array",
      "minItems": 1,
      "items": { "$ref": "#/definitions/server" }
    },
    "skip_planet": {
      "type": "boolean",
      "description": "Skip the full planet download, useful for testing"
    }
  },
  "required": ["domains", "servers"],
  "definitions": {
    "cert-upload": {
      "type": "object",
      "description": "Upload your own certificate. Ideal for Cloudflare Origin Certificates with 15 year expiry. Steps: 1) Create an Origin Certificate on Cloudflare at SSL/TLS / Origin Server. 2) Generate private key and CSR with Cloudflare: Private key type: ECC, Certificate Validity: 15 years. 3) Key format: PEM. Save origin certificate as something.cert and private key as something.key in the same directory.",
      "additionalProperties": false,
      "properties": {
        "type": { "const": "upload" },
        "cert_path": {
          "type": "string",
          "minLength": 1,
          "pattern": "^.*\\.cert$",
          "description": "Path to your certificate file (*.cert). Both absolute and relative paths are supported. The corresponding private key (.key) should be in the same directory with the same basename."
        }
      },
      "required": ["type", "cert_path"]
    },
    "cert-letsencrypt": {
      "type": "object",
      "additionalProperties": false,
      "properties": {
        "type": { "const": "letsencrypt" },
        "email": { "type": "string", "format": "email" }
      },
      "required": ["type", "email"]
    },
    "cert-dummy": {
      "type": "object",
      "additionalProperties": false,
      "properties": {
        "type": { "const": "dummy" }
      },
      "required": ["type"]
    },
    "cert": {
      "oneOf": [
        { "$ref": "#/definitions/cert-upload" },
        { "$ref": "#/definitions/cert-letsencrypt" },
        { "$ref": "#/definitions/cert-dummy" }
      ]
    },
    "domain": {
      "type": "object",
      "additionalProperties": false,
      "properties": {
        "domain": { "type": "string", "format": "hostname" },
        "cert": { "$ref": "#/definitions/cert" }
      },
      "required": ["domain", "cert"]
    },
    "server": {
      "type": "object",
      "additionalProperties": false,
      "properties": {
        "hostname": {
          "type": "string",
          "description": "hostname used for ssh to connect. can be an IP address"
        },
        "server_ssh_passwd": {
          "type": "string",
          "description": "Leave this empty if you use SSH keys"
        }
      },
      "required": ["hostname"]
    }
  }
}