# 2022-10-05 Hyperling

user nginx;
worker_processes auto;

error_log /var/log/nginx/error.log notice;
pid       /var/run/nginx.pid;

events {
    worker_connections 1024;
}

http {
    include /etc/nginx/mime.types;
    default_type application/octet-stream;

    log_format main '$remote_addr - $remote_user [$time_local] "$request" '
                    '$status $body_bytes_sent "$http_referer" '
                    '"$http_user_agent" "$http_x_forwarded_for"';

    access_log /var/log/nginx/access.log main;

    sendfile on;
    #tcp_nopush on;

    keepalive_timeout 65;

    #gzip on;

    ## LetsEncrypt Certbot Setup ##
    # Allow nginx to fulfill LetsEncrypt Certbot challenges.
    server {
        location /.well-known/acme-challenge/ {
            root /etc/nginx/letsencrypt;
        }
    }

    ## Reverse Proxied Website Configurations ##
    include /etc/nginx/conf.d/*;
}

# TBD, going live with HTTP first.
mail {
    ## Reverse Proxied Mail Server Configurations ##
    #include /etc/nginx/mail.conf.d/*;
}

# TBD, going live with HTTP first.
stream {
    ## Service Forwarding and Load Balancing ##
    # If this supports the `listen` and `server_name` directives then this may
    # be a better choice than mail{} since it will not require an auth server.
    # It could also be useful as a frontend for ssh, databases, APIs, etc.
    #include /etc/nginx/load.conf.d/*;
}