map $http_upgrade $connection_upgrade {
    default upgrade;
    '' close;
}

client_max_body_size {{ env "FILE_UPLOAD_MAX_SIZE" }};

server { 
    listen 80;
    server_name {{ env "DOMAIN" }};

    root /usr/share/nginx/html;

    location / {
        try_files $uri /index.html;
        if_modified_since off;
        expires off;
        etag off;
        # TODO: csp headers
    }

    location /css {
      expires max;
    }

    location /js {
      expires max;
    }

    location /img {
      expires max;
    }

    location /fonts {
      expires max;
    }

    # /app/uploads

    location /media/ {
        alias /app/uploads/;
        expires max;
    }

    location /community_proxy/ {
        proxy_pass https://community.karrot.world/;
    }
    
    location ~ ^\/(api(\-auth)?|docs|silk)\/ {
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $remote_addr;
        proxy_set_header X-Forwarded-Proto $scheme;
        # this port is whatever port 80 is mapped to outside the container
        proxy_set_header Host $host:80;

        # resolver + backend as a variable means can run when backend is not up yet
        resolver 127.0.0.11 valid=3s;
        set $backend app:8000;
        proxy_pass http://$backend$request_uri;

        proxy_redirect off;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection $connection_upgrade;
        proxy_set_header Sec-WebSocket-Extensions $http_sec_websocket_extensions;
        proxy_set_header Sec-WebSocket-Key $http_sec_websocket_key;
        proxy_set_header Sec-WebSocket-Protocol $http_sec_websocket_protocol;
        proxy_set_header Sec-WebSocket-Version $http_sec_websocket_version;
    }

}