{
    "$schema": "http://json-schema.org/draft-07/schema#",
    "title": "Site",
    "type": "object",
    "properties": {
        "ca": {
            "description": "The Configured Certificate Authority",
            "type": "string"
        },
        "domains": {
            "description": "The Domains this site is responsible for",
            "type": "array",
            "items": {
                "type": "string"
            }
        },
        "addresses": {
            "description": "IPAddresses for the Certificate",
            "type": "array",
            "items": {
                "type": "string",
                "format": "ip"
            },
            "default": []
        },
        "emails": {
            "description": "EmailAdresses that this Certificate is valid for",
            "type": "array",
            "items": {
                "type": "string",
                "format": "email"
            },
            "default": []
        },
        "reload_services": {
            "description": "The systemd services are reloaded",
            "type": "array",
            "items": {
                "type": "string"
            },
            "default": []
        },
        "restart_services": {
            "description": "The Systemd-Services have to be restarted to get the new certificates",
            "type": "array",
            "items": {
                "type": "string"
            },
            "default": []
        },
        "trigger_commands": {
            "description": "Commands that have to be run after the certificates have been issued if they don't have an systemd service",
            "type": "array",
            "items": {
                "type": "string"
            },
            "default": []
        },
        "algorithm": {
            "description": "The Algorithm for the Private Key",
            "$ref": "#/$defs/Algorithm"
        },
        "strength": {
            "description": "The Strength of the Private key.",
            "$ref": "#/$defs/Strength"
        },
        "owner": {
            "description": "Owner of the Certificate and private key",
            "type": [
                "string",
                "null"
            ],
            "default": null
        },
        "group": {
            "description": "Group of the Certificate and private key",
            "type": [
                "string",
                "null"
            ],
            "default": null
        }
    },
    "additionalProperties": false,
    "required": [
        "ca",
        "domains"
    ],
    "$defs": {
        "Builder": {
            "oneOf": [
                {
                    "type": "object",
                    "properties": {
                        "type": {
                            "type": "string",
                            "const": "powerdns"
                        },
                        "api_key": {
                            "type": "string"
                        },
                        "server": {
                            "type": "string"
                        },
                        "server_id": {
                            "type": "string",
                            "default": "localhost"
                        }
                    },
                    "additionalProperties": false,
                    "required": [
                        "type",
                        "api_key",
                        "server"
                    ]
                },
                {
                    "type": "object",
                    "properties": {
                        "type": {
                            "type": "string",
                            "const": "none"
                        }
                    },
                    "required": [
                        "type"
                    ],
                    "additionalProperties": false
                }
            ]
        },
        "CA": {
            "type": "object",
            "properties": {
                "directory": {
                    "description": "Url for the directory",
                    "type": "string",
                    "format": "uri"
                },
                "email_addresses": {
                    "description": "Email addresses for the CA to contact the user",
                    "type": [
                        "array",
                        "null"
                    ],
                    "items": {
                        "type": "string",
                        "format": "email"
                    }
                },
                "eab_token": {
                    "type": "string"
                },
                "eab_key": {
                    "type": "string"
                },
                "renew_before": {
                    "description": "Amount of days the certificate is renewed before the Certificate is outdated\nTODO: give to processor",
                    "type": "integer",
                    "format": "uint32",
                    "minimum": 1,
                    "maximum": 90,
                    "default": 7
                },
                "tos_accepted": {
                    "type": "boolean",
                    "default": false
                }
            },
            "additionalProperties": false,
            "required": [
                "directory"
            ]
        },
        "Algorithm": {
            "type": "string",
            "enum": [
                "Rsa",
                "Brainpool",
                "Secp",
                "ED25519"
            ]
        },
        "Strength": {
            "type": "string",
            "enum": [
                "Weak",
                "Middle",
                "Strong"
            ]
        }
    }
}