Add per-site web settings for compression and cache control

Introduce persistent website-level settings and a unified per-site settings modal so users can manage domains and tune gzip/zstd and Cache-Control behavior per website. This wires the new settings through DB, API, and Caddy generation with backward-compatible defaults and validation.

Co-authored-by: Cursor <cursoragent@cursor.com>

Author: rehmatworks

cmd/fastcp/main.go

@@ -122,6 +122,7 @@ func main() {
 			r.Get("/sites", apiHandler.ListSites)
 			r.Post("/sites", apiHandler.CreateSite)
 			r.Get("/sites/{id}", apiHandler.GetSite)
+			r.Put("/sites/{id}/settings", apiHandler.UpdateSiteSettings)
 			r.Delete("/sites/{id}", apiHandler.DeleteSite)
 
 			// Site domains

cmd/fastcp/ui/dist/index.html

@@ -975,21 +975,44 @@ func (s *Server) generateCaddyfile() error {
 		}
 	}
 
-	// Fetch all sites
-	rows, err := db.Query("SELECT id, domain, username, document_root FROM sites")
+	// Fetch all sites (with fallback for older schemas during rolling updates)
+	rows, err := db.Query(`SELECT id, domain, username, document_root,
+		COALESCE(compression_enabled, 1), COALESCE(gzip_enabled, 1), COALESCE(zstd_enabled, 1),
+		COALESCE(cache_control_enabled, 0), COALESCE(cache_control_value, '')
+		FROM sites`)
+	legacySchema := false
 	if err != nil {
-		// If no sites table yet, use default config
-		slog.Warn("no sites table found, using default config", "error", err)
-		return nil
+		rows, err = db.Query("SELECT id, domain, username, document_root FROM sites")
+		if err != nil {
+			// If no sites table yet, use default config
+			slog.Warn("no sites table found, using default config", "error", err)
+			return nil
+		}
+		legacySchema = true
 	}
 	defer rows.Close()
 
 	// Build sites map
 	sitesMap := make(map[string]*siteInfo)
 	for rows.Next() {
 		var site siteInfo
-		if err := rows.Scan(&site.ID, &site.Domain, &site.Username, &site.DocumentRoot); err != nil {
-			continue
+		if legacySchema {
+			if err := rows.Scan(&site.ID, &site.Domain, &site.Username, &site.DocumentRoot); err != nil {
+				continue
+			}
+			site.CompressionEnabled = true
+			site.GzipEnabled = true
+			site.ZstdEnabled = true
+			site.CacheControlEnabled = false
+			site.CacheControlValue = ""
+		} else {
+			if err := rows.Scan(
+				&site.ID, &site.Domain, &site.Username, &site.DocumentRoot,
+				&site.CompressionEnabled, &site.GzipEnabled, &site.ZstdEnabled,
+				&site.CacheControlEnabled, &site.CacheControlValue,
+			); err != nil {
+				continue
+			}
 		}
 		site.SafeDomain = strings.ReplaceAll(site.Domain, ".", "_")
 		site.PrimaryDomain = site.Domain // Default to main domain
@@ -1272,13 +1295,38 @@ func (s *Server) generateUserCaddyfile(username string, sites []siteInfo) error
 
 		matcherName := strings.ReplaceAll(site.SafeDomain, "-", "_")
 		hostList := strings.Join(servingDomains, " ")
+		compressionLine := ""
+		if site.CompressionEnabled {
+			var algos []string
+			if site.ZstdEnabled {
+				algos = append(algos, "zstd")
+			}
+			if site.GzipEnabled {
+				algos = append(algos, "gzip")
+			}
+			if len(algos) > 0 {
+				compressionLine = fmt.Sprintf("        encode %s\n", strings.Join(algos, " "))
+			}
+		}
+
+		cacheControlLine := ""
+		if site.CacheControlEnabled {
+			cacheVal := strings.TrimSpace(site.CacheControlValue)
+			cacheVal = strings.ReplaceAll(cacheVal, "\r", "")
+			cacheVal = strings.ReplaceAll(cacheVal, "\n", "")
+			if cacheVal != "" {
+				cacheControlLine = fmt.Sprintf("        header Cache-Control %q\n", cacheVal)
+			}
+		}
+
 		buf.WriteString(fmt.Sprintf(`    @%s host %s
     handle @%s {
         root * %s
+%s%s
         php_server
     }
 
-`, matcherName, hostList, matcherName, site.DocumentRoot))
+`, matcherName, hostList, matcherName, site.DocumentRoot, compressionLine, cacheControlLine))
 	}
 
 	// Per-user temp directory paths (directories are created by bootstrapUserEnvironment)
@@ -1359,14 +1407,19 @@ session.cookie_samesite = Strict
 }
 
 type siteInfo struct {
-	ID            string
-	Domain        string
-	Username      string
-	DocumentRoot  string
-	SafeDomain    string
-	Domains       []siteDomainInfo
-	PrimaryDomain string
-	IsSuspended   bool
+	ID                  string
+	Domain              string
+	Username            string
+	DocumentRoot        string
+	SafeDomain          string
+	Domains             []siteDomainInfo
+	PrimaryDomain       string
+	IsSuspended         bool
+	CompressionEnabled  bool
+	GzipEnabled         bool
+	ZstdEnabled         bool
+	CacheControlEnabled bool
+	CacheControlValue   string
 }
 
 type siteDomainInfo struct {

internal/agent/handlers.go

@@ -209,6 +209,25 @@ func (h *Handler) DeleteSite(w http.ResponseWriter, r *http.Request) {
 	w.WriteHeader(http.StatusNoContent)
 }
 
+func (h *Handler) UpdateSiteSettings(w http.ResponseWriter, r *http.Request) {
+	user := h.getUser(r)
+	id := chi.URLParam(r, "id")
+
+	var req UpdateSiteSettingsRequest
+	if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
+		h.error(w, http.StatusBadRequest, "invalid request body")
+		return
+	}
+	req.Username = user.Username
+
+	site, err := h.siteService.UpdateSettings(r.Context(), id, user.Username, &req)
+	if err != nil {
+		h.error(w, http.StatusBadRequest, err.Error())
+		return
+	}
+	h.json(w, http.StatusOK, site)
+}
+
 // Domain handlers
 func (h *Handler) AddDomain(w http.ResponseWriter, r *http.Request) {
 	user := h.getUser(r)

internal/api/handler.go

@@ -40,15 +40,20 @@ func (s *SiteService) List(ctx context.Context, username string) ([]*Site, error
 		// Get domains for this site
 		domains, _ := s.db.GetSiteDomains(ctx, dbSite.ID)
 		sites[i] = &Site{
-			ID:           dbSite.ID,
-			Username:     dbSite.Username,
-			Domain:       dbSite.Domain,
-			Slug:         dbSite.Slug,
-			SiteType:     dbSite.SiteType,
-			DocumentRoot: dbSite.DocumentRoot,
-			SSLEnabled:   dbSite.SSLEnabled,
-			CreatedAt:    dbSite.CreatedAt,
-			Domains:      convertDomains(domains),
+			ID:                  dbSite.ID,
+			Username:            dbSite.Username,
+			Domain:              dbSite.Domain,
+			Slug:                dbSite.Slug,
+			SiteType:            dbSite.SiteType,
+			DocumentRoot:        dbSite.DocumentRoot,
+			SSLEnabled:          dbSite.SSLEnabled,
+			CompressionEnabled:  dbSite.CompressionEnabled,
+			GzipEnabled:         dbSite.GzipEnabled,
+			ZstdEnabled:         dbSite.ZstdEnabled,
+			CacheControlEnabled: dbSite.CacheControlEnabled,
+			CacheControlValue:   dbSite.CacheControlValue,
+			CreatedAt:           dbSite.CreatedAt,
+			Domains:             convertDomains(domains),
 		}
 	}
 	return sites, nil
@@ -65,15 +70,20 @@ func (s *SiteService) ListPaginated(ctx context.Context, username string, page,
 	for i, dbSite := range dbSites {
 		domains, _ := s.db.GetSiteDomains(ctx, dbSite.ID)
 		sites[i] = &Site{
-			ID:           dbSite.ID,
-			Username:     dbSite.Username,
-			Domain:       dbSite.Domain,
-			Slug:         dbSite.Slug,
-			SiteType:     dbSite.SiteType,
-			DocumentRoot: dbSite.DocumentRoot,
-			SSLEnabled:   dbSite.SSLEnabled,
-			CreatedAt:    dbSite.CreatedAt,
-			Domains:      convertDomains(domains),
+			ID:                  dbSite.ID,
+			Username:            dbSite.Username,
+			Domain:              dbSite.Domain,
+			Slug:                dbSite.Slug,
+			SiteType:            dbSite.SiteType,
+			DocumentRoot:        dbSite.DocumentRoot,
+			SSLEnabled:          dbSite.SSLEnabled,
+			CompressionEnabled:  dbSite.CompressionEnabled,
+			GzipEnabled:         dbSite.GzipEnabled,
+			ZstdEnabled:         dbSite.ZstdEnabled,
+			CacheControlEnabled: dbSite.CacheControlEnabled,
+			CacheControlValue:   dbSite.CacheControlValue,
+			CreatedAt:           dbSite.CreatedAt,
+			Domains:             convertDomains(domains),
 		}
 	}
 	return sites, total, nil
@@ -113,15 +123,20 @@ func (s *SiteService) Get(ctx context.Context, id, username string) (*Site, erro
 	domains, _ := s.db.GetSiteDomains(ctx, dbSite.ID)
 
 	return &Site{
-		ID:           dbSite.ID,
-		Username:     dbSite.Username,
-		Domain:       dbSite.Domain,
-		Slug:         dbSite.Slug,
-		SiteType:     dbSite.SiteType,
-		DocumentRoot: dbSite.DocumentRoot,
-		SSLEnabled:   dbSite.SSLEnabled,
-		CreatedAt:    dbSite.CreatedAt,
-		Domains:      convertDomains(domains),
+		ID:                  dbSite.ID,
+		Username:            dbSite.Username,
+		Domain:              dbSite.Domain,
+		Slug:                dbSite.Slug,
+		SiteType:            dbSite.SiteType,
+		DocumentRoot:        dbSite.DocumentRoot,
+		SSLEnabled:          dbSite.SSLEnabled,
+		CompressionEnabled:  dbSite.CompressionEnabled,
+		GzipEnabled:         dbSite.GzipEnabled,
+		ZstdEnabled:         dbSite.ZstdEnabled,
+		CacheControlEnabled: dbSite.CacheControlEnabled,
+		CacheControlValue:   dbSite.CacheControlValue,
+		CreatedAt:           dbSite.CreatedAt,
+		Domains:             convertDomains(domains),
 	}, nil
 }
 
@@ -242,13 +257,18 @@ func (s *SiteService) Create(ctx context.Context, req *CreateSiteRequest) (*Site
 
 	// Save to database
 	dbSite := &database.Site{
-		ID:           id,
-		Username:     req.Username,
-		Domain:       domain,
-		Slug:         slug,
-		SiteType:     siteType,
-		DocumentRoot: documentRoot,
-		SSLEnabled:   true,
+		ID:                  id,
+		Username:            req.Username,
+		Domain:              domain,
+		Slug:                slug,
+		SiteType:            siteType,
+		DocumentRoot:        documentRoot,
+		SSLEnabled:          true,
+		CompressionEnabled:  true,
+		GzipEnabled:         true,
+		ZstdEnabled:         true,
+		CacheControlEnabled: false,
+		CacheControlValue:   "",
 	}
 	if err := s.db.CreateSite(ctx, dbSite); err != nil {
 		return nil, fmt.Errorf("failed to save site: %w", err)
@@ -272,13 +292,18 @@ func (s *SiteService) Create(ctx context.Context, req *CreateSiteRequest) (*Site
 	}
 
 	return &Site{
-		ID:           id,
-		Username:     req.Username,
-		Domain:       domain,
-		Slug:         slug,
-		SiteType:     siteType,
-		DocumentRoot: documentRoot,
-		SSLEnabled:   true,
+		ID:                  id,
+		Username:            req.Username,
+		Domain:              domain,
+		Slug:                slug,
+		SiteType:            siteType,
+		DocumentRoot:        documentRoot,
+		SSLEnabled:          true,
+		CompressionEnabled:  true,
+		GzipEnabled:         true,
+		ZstdEnabled:         true,
+		CacheControlEnabled: false,
+		CacheControlValue:   "",
 		Domains: []SiteDomain{{
 			ID:                primaryDomain.ID,
 			SiteID:            id,
@@ -323,6 +348,51 @@ func (s *SiteService) Delete(ctx context.Context, id, username string) error {
 	return nil
 }
 
+// UpdateSettings updates per-site runtime settings and regenerates Caddy configuration.
+func (s *SiteService) UpdateSettings(ctx context.Context, siteID, username string, req *UpdateSiteSettingsRequest) (*Site, error) {
+	// Verify ownership first
+	dbSite, err := s.db.GetSite(ctx, siteID)
+	if err != nil || dbSite.Username != username {
+		return nil, fmt.Errorf("site not found")
+	}
+
+	cacheControlValue := strings.TrimSpace(req.CacheControlValue)
+	cacheControlValue = strings.ReplaceAll(cacheControlValue, "\r", "")
+	cacheControlValue = strings.ReplaceAll(cacheControlValue, "\n", "")
+	if len(cacheControlValue) > 255 {
+		return nil, fmt.Errorf("cache-control value is too long")
+	}
+
+	if req.CompressionEnabled && !req.GzipEnabled && !req.ZstdEnabled {
+		return nil, fmt.Errorf("enable at least one compression algorithm (gzip or zstd)")
+	}
+	if req.CacheControlEnabled && cacheControlValue == "" {
+		return nil, fmt.Errorf("cache-control value is required when cache-control is enabled")
+	}
+
+	// When compression is disabled, force algorithms off for clarity.
+	gzipEnabled := req.GzipEnabled
+	zstdEnabled := req.ZstdEnabled
+	if !req.CompressionEnabled {
+		gzipEnabled = false
+		zstdEnabled = false
+	}
+
+	if err := s.db.UpdateSiteSettings(ctx, siteID, username, req.CompressionEnabled, gzipEnabled, zstdEnabled, req.CacheControlEnabled, cacheControlValue); err != nil {
+		if err == context.Canceled {
+			return nil, err
+		}
+		return nil, fmt.Errorf("failed to update site settings: %w", err)
+	}
+
+	// Reload Caddy configuration
+	if err := s.agent.ReloadCaddy(ctx); err != nil {
+		fmt.Printf("warning: failed to reload Caddy: %v\n", err)
+	}
+
+	return s.Get(ctx, siteID, username)
+}
+
 const maxDomainsPerSite = 20
 
 // AddDomain adds a domain to a site

internal/api/sites.go

@@ -40,15 +40,30 @@ type CreateSiteRequest struct {
 
 // Site represents a website
 type Site struct {
-	ID           string       `json:"id"`
-	Username     string       `json:"username"`
-	Domain       string       `json:"domain"`
-	Slug         string       `json:"slug"`
-	SiteType     string       `json:"site_type"`
-	DocumentRoot string       `json:"document_root"`
-	SSLEnabled   bool         `json:"ssl_enabled"`
-	CreatedAt    time.Time    `json:"created_at"`
-	Domains      []SiteDomain `json:"domains,omitempty"`
+	ID                  string       `json:"id"`
+	Username            string       `json:"username"`
+	Domain              string       `json:"domain"`
+	Slug                string       `json:"slug"`
+	SiteType            string       `json:"site_type"`
+	DocumentRoot        string       `json:"document_root"`
+	SSLEnabled          bool         `json:"ssl_enabled"`
+	CompressionEnabled  bool         `json:"compression_enabled"`
+	GzipEnabled         bool         `json:"gzip_enabled"`
+	ZstdEnabled         bool         `json:"zstd_enabled"`
+	CacheControlEnabled bool         `json:"cache_control_enabled"`
+	CacheControlValue   string       `json:"cache_control_value"`
+	CreatedAt           time.Time    `json:"created_at"`
+	Domains             []SiteDomain `json:"domains,omitempty"`
+}
+
+// UpdateSiteSettingsRequest is the request body for updating site runtime settings
+type UpdateSiteSettingsRequest struct {
+	Username            string `json:"-"` // Set from auth
+	CompressionEnabled  bool   `json:"compression_enabled"`
+	GzipEnabled         bool   `json:"gzip_enabled"`
+	ZstdEnabled         bool   `json:"zstd_enabled"`
+	CacheControlEnabled bool   `json:"cache_control_enabled"`
+	CacheControlValue   string `json:"cache_control_value"`
 }
 
 // ValidateSlugRequest is the request body for validating a site slug