# Basic: /usr/local/Cellar/nginx/1.17.7/share/nginx/src/configure_args.txt
# Origin /opt/local/etc/nginx/nginx.conf  iMac
# /usr/local/etc/nginx/nginx.conf  iMac Pro
error_log  /Users/Can/Develop/nginx/error.log;
error_log  /Users/Can/Develop/nginx/error.log  info;

log_format  main  '$remote_addr => $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';

# log_format  page  '
# $remote_addr => $host | $request $status | [$time_iso8601] $request_uri
# $http_user_agent';

# access_log  var/log/access.log  main;
access_log  /Users/Can/Develop/nginx/access.log  main;

include       mime.types;		# Load config files~  include /server/lisp.config;

default_type  application/octet-stream;	# Default download it

# load_module modules/ngx_http_image_filter_module.so;
sendfile        on;
#tcp_nopush     on;

#keepalive_timeout  0;
keepalive_timeout  	65;
gzip		on;
gzip_comp_level 	6;
gzip_vary 		on;
gzip_types		text/plain text/css application/json application/x-javascript application/javascript text/javascript image/svg+xml image/png application/octet-stream application/x-font-ttf
charset      	utf-8
proxy_http_version 	1.1;
server_tokens     	off;		# Hide the nginx version

client_max_body_size 120M;

# limit_rate              5m;
# limit_rate_after        5m;
# limit_conn_zone         $binary_remote_addr zone=connections:8m;
# limit_conn              connections 15;	#10 conn most at the same time for 1 $binary_remote_addr
# limit_req_zone 	    $binary_remote_addr zone=requests:10m rate=20r/s;
# limit_req 		    zone=requests burst=40 nodelay;

#    index  		index.htm;

# cd /usr/local/etc/nginx/servers
# tail -n +1 *.conf
# server {
#     server_name	camera.can.com;
#     listen                      443 ssl;
#     ssl_certificate             /Users/Can/celwk/config/localhost.crt;
#     ssl_certificate_key         /Users/Can/celwk/config/localhost.key;
#     # ssl_session_cache           shared:SSL:1m;
#     # ssl_session_timeout         5m;
#     # ssl_protocols               SSLv2 SSLv3 TLSv1.2;
#     ssl_ciphers                 HIGH:!aNULL:!MD5;
#     # ssl_prefer_server_ciphers   on;
# }
map $http_upgrade $connection_upgrade {		# For WebSocket ws/wss !!
    default upgrade;
    '' close;
}

    
server {
    listen		80;	# If no server_name match, go to this
    server_name ~^(?<prefix>.*)\.can.com$ can.com;

    listen                      443 ssl;
    ssl_certificate             /Users/Can/Lisp/config/localhost.crt;	# For WebSocket WSS
    ssl_certificate_key         /Users/Can/Lisp/config/localhost.key;
    root				     	/Users/Can/celwk/static;
    

    add_header Sub-Domain       "$prefix";
    add_header Who-I-Am         " 📬 Savior of 🌏 ";
    add_header Access-Control-Allow-Origin "$http_origin";
    # add_header Access-Control-Allow-Credentials "true";
    # add_header Access-Control-Allow-Methods "GET,POST";
    proxy_pass_header 	    Server;
    # index	$uri/index.html;

    location = / {							# Not works!

        access_log /Users/Can/Develop/nginx/visit.txt page;
        index	index.html;
        try_files 	/$prefix.htm /index.htm /$uri/index.html /main.htm $uri; # /index.htm $uri;

        # Because if add_header exist here will ignore thoses in the default server add_header config
        add_header  Info	" 😎  /$prefix.htm";
        add_header  Index	$uri;
        add_header Access-Control-Allow-Origin "$http_origin";	

        # Another request for log!!
        mirror 		/system-log/apple/boy;
        mirror_request_body off;

        # Available for POST!
        error_page 405 =200 $request_uri;
    }
    # Main usage for REWRITE: change the uri internally to a corresponding proxy server uri
    location ~ /go/to/(?<name>.*)$ {
        if ( $host ~* www.(?<host_without_www>.+)$ ) {
            # set $host_without_www $1;
            rewrite ^.*$ http://$name.$host_without_www permanent;
        }
        rewrite ^.*$ /xx/$name;  # find next matched rewrite role if no break/last/permanent/redirect
        rewrite ^/xx/(\w+)$ http://$1.can.com permanent;
        try_files /main.htm /index.htm;
    }
    location ~ /media/ {
        root	/Users/Can/celwk;
    }
    location ~ ^/canvas/.*(js|htm|css)$ {
        # kill cache
        # add_header Last-Modified $date_gmt;
        # add_header Cache-Control 'no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0';
        # if_modified_since off;

        add_header Cache-Control "max-age=0";
        expires off;
        etag off;
    }
    location /system-log {
        internal;		#Only available from Nginx itself, not from others(browsers)
        proxy_set_header From	"System-Log";
        proxy_method 	 POST;

        proxy_set_body 	 "I need you!!!$query_string $nginx_version $request_uri";
        proxy_set_header Content-Type text/plain;

        # set $request_method "POST" #Error;
        proxy_pass http://weplant/system;
        proxy_pass_request_body off;
        proxy_set_header User-Agent "Chrome!";
        # proxy_set_header Content-Length 20;
        proxy_set_header X-Original-URI $request_uri;
        proxy_set_header Method $request_method;
    }
    location ~ ^/(shared|components|ui)/(?<file>.*)$ {
        root   	     /Users/Can/celwk/$1;
        try_files    /$file 406;
    }
    location / {
        try_files   $uri /$prefix/$uri.htm  /$prefix/index.htm
        /$prefix/$uri
        /$prefix/$uri/index.html /$prefix/$uri/index.htm
        $uri.htm $uri.html
        $uri/index.htm $uri/index.html /index.htm ;
        add_header uri "$prefix $uri $request_filename";
        set $god "Can EriK Lu";  #variable
        # add_header Set-Cookie	"time=January.0006.2020; domain=can.com; expires=Mon, 06 Jan 2021 08:01:15 GMT";
        # add_header Set-Cookie		"love=Uncles-$who; domain=can.com; expires=Mon, 06 Jan 2021 08:01:15 GMT";
        mirror 		/system-log/can/erik;
    }
    location ~ ^/[^/]*\.(jpe?g|png|gif|svg)$ {
        root   	 /Users/Can/celwk/static/img/;
        expires	 30d;
    }
}