daemon off; # run in the foreground so supervisord can look after it

worker_processes 4;
pid $${nginx-configuration:pid-file};

events {
  worker_connections 768;
  # multi_accept on;
}

error_log $${nginx-configuration:error-log};

http {

  ##
  # Basic Settings
  ##

  sendfile on;
  tcp_nopush on;
  tcp_nodelay on;
  keepalive_timeout 65;
  types_hash_max_size 2048;
  server_tokens off;

  # server_names_hash_bucket_size 64;
  # server_name_in_redirect off;

  default_type application/octet-stream;
  include ${nginx-push-stream-output:mime};

  ##
  # Logging Settings
  ##

  access_log $${nginx-configuration:access-log};
  error_log $${nginx-configuration:error-log};

  ##
  # Gzip Settings
  ##

  gzip on;
  gzip_disable "msie6";

  gzip_vary on;
  gzip_proxied any;
  gzip_comp_level 6;
  gzip_buffers 16 8k;
  gzip_http_version 1.1;
  gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
  ##
  # Push stream Settings
  ##
  push_stream_shared_memory_size                32m;


server {
  listen [$${nginx-configuration:ip}]:$${nginx-configuration:port} ssl http2;
  listen $${nginx-configuration:local-ip}:$${nginx-configuration:port} ssl http2;

  # generated 2021-08-02, Mozilla Guideline v5.6, nginx 1.19.2, OpenSSL 1.1.1k, modern configuration, no HSTS, no OCSP
  # https://ssl-config.mozilla.org/#server=nginx&version=1.19.2&config=modern&openssl=1.1.1k&hsts=false&ocsp=false&guideline=5.6
  ssl_certificate $${nginx-certificate:cert-file};
  ssl_certificate_key $${nginx-certificate:key-file};
  ssl_session_timeout 1d;
  ssl_session_cache shared:MozSSL:10m;
  ssl_session_tickets off;
  ssl_protocols TLSv1.3;
  ssl_prefer_server_ciphers off;


  fastcgi_temp_path  $${directory:varnginx} 1 2;
  uwsgi_temp_path  $${directory:varnginx} 1 2;
  scgi_temp_path  $${directory:varnginx} 1 2;

  client_body_temp_path $${directory:varnginx} 1 2;
  proxy_temp_path $${directory:varnginx} 1 2;

  ## Serve an error 204 (No Content) for favicon.ico
  location = /favicon.ico {
    return 204;
  }

  location = /status {
    default_type "text/plain";
    return 200 'OK';
  }

  location /pub {
    push_stream_publisher;

    push_stream_channels_path               $arg_id;
    # store messages in memory
    push_stream_store_messages              off;

    # Message size limit
    client_max_body_size                    16k;
    client_body_buffer_size                 16k;
    
  }

  location ~ /sub/(.*) {
    # activate subscriber mode for this location
    add_header "Access-Control-Allow-Origin" '*';
    add_header 'Access-Control-Allow-Credentials' 'false';
    add_header 'Access-Control-Allow-Methods' 'GET, HEAD, OPTIONS';
    add_header 'Access-Control-Allow-Headers' 'Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since';

    push_stream_subscriber eventsource;
    # positional channel path
    push_stream_channels_path                   $1;

    # content-type
    default_type                                "text/event-stream; charset=utf-8";
  }

  location / {
      root $${directory:www};
  }
}
}