events {
    worker_connections  1024;
}


http {
    server_tokens off;
    charset utf-8;

    upstream minioUI {
        least_conn;
        server minio:9001;
    }

    upstream minioAPI {
        least_conn;
        server minio:9000;
    }

    # always redirect to https
    server {
        listen 80 default_server;

        server_name _;

        return 301 https://$host$request_uri;
    }

    server {
        listen 443 ssl;
        http2 on;
        # use the certificates
        ssl_certificate     /etc/letsencrypt/live/mzansi-innovation-hub.co.za/fullchain.pem;
        ssl_certificate_key /etc/letsencrypt/live/mzansi-innovation-hub.co.za/privkey.pem;
        server_name mzansi-innovation-hub.co.za;
        root /var/www/html;
        index index.php index.html index.htm;

        # To allow special characters in headers
        ignore_invalid_headers off;
        # Allow any size file to be uploaded.
        # Set to a value such as 1000m; to restrict file size to a specific value
        client_max_body_size 0;
        # To disable buffering
        proxy_buffering off;
        proxy_request_buffering off;

        # Web App
        location / {
            proxy_pass http://MIH-UX:83/;
        }

        # API Hub
        location /api/ {
            proxy_pass http://MIH-API-Hub:8080/;
        }

        # phpadmin Dashboard
        location /phpmyadmin/ {
            proxy_pass http://MIH-phpmyadmin:8081;
        }
        
        # SuperTokens Dashboard
        location /supertokens/ {
            proxy_pass http://MIH-API-Hub:8080/auth/dashboard/;
        }

        #Minio storage
        location /files/ui/ {
            rewrite ^/minio/ui/(.*) /$1 break;
            proxy_set_header Host $http_host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto $scheme;
            proxy_set_header X-NginX-Proxy true;

            # This is necessary to pass the correct IP to be hashed
            real_ip_header X-Real-IP;

            proxy_connect_timeout 300;

            # To support websockets in MinIO versions released after January 2023
            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection "upgrade";
            # Some environments may encounter CORS errors (Kubernetes + Nginx Ingress)
            # Uncomment the following line to set the Origin request to an empty string
            # proxy_set_header Origin '';

            chunked_transfer_encoding off;

            proxy_pass http://minioUI/;
        }

        #Minio storage API
        location /files/ {
            proxy_set_header Host $http_host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto $scheme;

            proxy_connect_timeout 300;
            # Default is HTTP/1, keepalive is only enabled in HTTP/1.1
            proxy_http_version 1.1;
            proxy_set_header Connection "";
            chunked_transfer_encoding off;

            proxy_pass http://minioAPI/;
        }

        # location /phpmyadmin/ {
        #     proxy_pass http://192.168.1.69:8081/;
        # }

        location ~ /.well-known/acme-challenge/ {
            root /var/www/certbot;
        }
    }
}

# events {
#     worker_connections  1024;
# }

# http {
#     server_tokens off;
#     charset utf-8;

#     # always redirect to https
#     server {
#         listen 80 default_server;

#         server_name mzansi-innovation-hub.co.za www.mzansi-innovation-hub.co.za;

#         location / {
#             proxy_pass http://MIH-UX:83/;
#         }
#         location ~ /.well-known/acme-challenge/ {
#             root /var/www/certbot;
#         }

#         # return 301 https://$host$request_uri;
#     }
# }
