worker_processes 4;
worker_rlimit_nofile 800000;
worker_shutdown_timeout 10;

events {
	worker_connections 700000; # Default: 1024
}

http {
	log_format no_ip    '$remote_user [$time_local] '
                        '"$request" $status $body_bytes_sent '
                        '"$http_referer" "$http_user_agent" "$gzip_ratio"';

    log_format user_agent '[$time_local] '
                           '"$http_referer" "$http_user_agent" "$gzip_ratio"';

	#limit_req_zone $binary_remote_addr zone=mylimit:10m rate=10r/s;
	#limit_req_log_level warn;
	
	include		/etc/nginx/mime.types;
	include		/etc/nginx/proxy.conf;
	# error_map has to be at http level
	include	  /etc/nginx/error_map.conf;
	# Custom MIME definition
	types {
		text/csv	csv;
	}
	# keepalive settings
	keepalive_requests		10;
	keepalive_timeout		5;
	access_log off;
	#error_log /etc/nginx/logs/error.log warn;
	error_log /dev/null crit;

	upstream backend_GET {
		ip_hash;
		
		keepalive 	5;
		#server		localhost:4441;
		#server		localhost:4442;
		#server		localhost:4443;
		#server		localhost:4444;
		#server		localhost:4445;
		#server		localhost:4446;
		#server		localhost:4447;
		#server		localhost:4448;
		server 		10.0.0.4:4441;

		#server		10.0.0.3:4441;
		server		10.0.0.3:4442;

		server		10.0.0.5:4441;
		server		10.0.0.5:4442;

		server		10.0.0.6:4441;
		server		10.0.0.6:4442;

		server		10.0.0.9:4441;
		server		10.0.0.9:4442;

		#server		134.209.69.251:80	backup;

		#server		116.203.32.253:80	backup;
		#server		116.203.32.253:80;
	}
	upstream backend_POST {
		#server		localhost:4441;
		#server		localhost:4442;
		server		10.0.0.3:4441;
		#server		10.0.0.3:4442;
	}
	upstream backend_db {
		server		10.0.0.4:4441;
		#server		10.0.0.3:4441;
		#server		10.0.0.4; 
	}
	upstream backend_db_dl {
		server		10.0.0.4;
	}

	proxy_cache_path /var/cache/nginx levels=1:2 keys_zone=CACHEZONE:10m inactive=60m max_size=400m;
	proxy_cache_key "$scheme$request_method$host$request_uri";
	add_header X-Cache $upstream_cache_status;

	server {
		server_name sponsor.ajay.app api.sponsor.ajay.app;

		include		  /etc/nginx/error.conf;

		location /news {
			return	301		https://blog.ajay.app/sponsorblock;
		}

		location /viewer {
			return	301		https://sb.ltn.fi;
		}

		location /test/ {
			# return			404 "";
			proxy_pass		http://10.0.0.5:4445/;
			#proxy_pass		https://sbtest.etcinit.com/;
		}

		#access_log /etc/nginx/logs/requests.log no_ip buffer=64k;

		location /api/skipSegments {
			include				/etc/nginx/cors.conf;
			#return 200 "[]";
			proxy_pass		http://backend_$request_method;
			#proxy_cache	CACHEZONE;
			#proxy_cache_valid	30s;
			#limit_req zone=mylimit;

			#access_log /etc/nginx/logs/download.log no_ip;
			gzip on;
			if ($request_method = POST) {
				access_log /etc/nginx/logs/submissions.log user_agent buffer=64k;
			}

			#proxy_read_timeout 6s;
			#proxy_next_upstream error timeout http_500 http_502;
		}

		location /api/getTopUsers {
			include				/etc/nginx/cors.conf;
			proxy_pass		http://backend_GET;
			proxy_cache		CACHEZONE;
			proxy_cache_valid	20m;
		}

		location /api/getTotalStats {
			include		 /etc/nginx/cors.conf;
			proxy_pass http://backend_GET;
			proxy_cache CACHEZONE;
			proxy_cache_valid 20m;
			#return 204;
		}

		location /api/getTopCategoryUsers {
			include				/etc/nginx/cors.conf;
			proxy_pass		http://backend_GET;
			proxy_cache		CACHEZONE;
			proxy_cache_valid	20m;
		}

		location /api/getVideoSponsorTimes {
			include		/etc/nginx/cors.conf;
			proxy_pass http://backend_GET;
		}

		location /download/ {
			#access_log /etc/nginx/logs/download.log no_ip buffer=64k;
			gzip on;
			proxy_max_temp_file_size 0;
			#proxy_cache CACHEZONE;
			#proxy_cache_valid 20m;
			#proxy_http_version 1.0;
			#gzip_types	text/csv;
			#gzip_comp_level 1;
			#proxy_buffering off;		
	

			proxy_pass http://backend_db;
      #alias		/home/sbadmin/sponsor/docker/database-export/;
			#return 307 https://rsync.sponsor.ajay.app$request_uri;
		}

		location /database {
			proxy_pass  http://backend_db;
			#return 200 "Disabled for load reasons";
		}

		location = /database.db {
			return	404 "Sqlite database has been replaced with csv exports at https://sponsor.ajay.app/database. Sqlite exports might come back soon, but exported at longer intervals.";
			#alias	/home/sbadmin/sponsor/databases/sponsorTimes.db;
			#alias	/home/sbadmin/test-db/database.db;
		}

		#location = /database/sponsorTimes.csv {
		#	alias /home/sbadmin/sponsorTimes.csv;
		#}

		#location /api/voteOnSponsorTime {
		#	return 200 "Success";
		#}
	
		#location /api/viewedVideoSponsorTime {
		#	return 200 "Success";
		#}

		location /api {
			include			/etc/nginx/cors.conf;
			proxy_pass	http://backend_POST;
		}
		
		location / {
			root	/home/sbadmin/SponsorBlockSite/public-prod;
			error_page 404 /404.html;
		}
		
		listen [::]:443 default_server ssl http2 ipv6only=on backlog=323999;
		listen 443 default_server ssl http2 reuseport backlog=323999; # managed by Certbot
		#listen 443 http3 reuseport;
		#ssl_protocols TLSv1.2 TLSv1.3;
		#listen 80;
    ssl_certificate /etc/letsencrypt/live/sponsor.ajay.app-0001/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/sponsor.ajay.app-0001/privkey.pem; # managed by Certbot
		include				/etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
		ssl_dhparam			/etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
	}

	server {
		server_name cdnsponsor.ajay.app;
		error_page 404 /404.html;

		#location /database/ {
		#	alias /home/sbadmin/sponsor/docker/database-export/;
		#}

		#location /download/ {
		#	alias /home/sbadmin/sponsor/docker/database-export/;
		#}

		location / {
			root /home/sbadmin/SponsorBlockSite/public-prod;
		}


		listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/sponsor.ajay.app-0001/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/sponsor.ajay.app-0001/privkey.pem; # managed by Certbot
		include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
		ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
	}

	server {
		access_log off;

		if ($host = api.sponsor.ajay.app) {
			return 301 https://$host$request_uri;
		} # managed by Certbot

		if ($host = sponsor.ajay.app) {
			return 301 https://$host$request_uri;
		} # managed by Certbot

		listen [::]:80 ipv6only=on;
		listen 80;
		server_name sponsor.ajay.app api.sponsor.ajay.app;
		return 404; # managed by Certbot
	}

	server {
		if ($host = cdnsponsor.ajay.app) {
			return 301 https://$host$request_uri;
		} # managed by Certbot

		server_name cdnsponsor.ajay.app;
		listen 80;
		return 404; # managed by Certbot
	}

	server {
		server_name wiki.sponsor.ajay.app; # managed by Certbot
		
		location ~* ^/index.php/(?<pagename>.*)$ {
			return 301 /w/$pagename;
		}

		location / {
			proxy_pass http://10.0.0.3:8080;
		}

		listen [::]:443 ssl http2; 
		listen 443  ssl http2; # managed by Certbot
		#listen 443 http3 reuseport;
		#ssl_protocols TLSv1.2 TLSv1.3;
		#listen 80;
    ssl_certificate /etc/letsencrypt/live/sponsor.ajay.app-0001/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/sponsor.ajay.app-0001/privkey.pem; # managed by Certbot
		include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
		ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
	}
}