# Copyright 2020 Huawei Technologies Co., Ltd.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

daemon off;

#pid /run/nginx.pid;

events {
    worker_connections 500;
    # multi_accept on;
}
http {

    ##
    # Basic Settings
    ##

    sendfile on;
    tcp_nopush on;
    tcp_nodelay on;
    keepalive_timeout 65;
    types_hash_max_size 2048;

        #Comment or disable the access_log once tested to avoid runtime logs
#        access_log            /var/log/nginx/access.log format gzip;
        access_log            off;
        error_log            /var/log/nginx/error.log;

    server {
         listen *:8703 ssl;
        server_name
        ssl on;
        ssl_certificate           {{ .Values.certInitializer.credsPath }}/certs/cert.pem;
        ssl_certificate_key       {{ .Values.certInitializer.credsPath }}/certs/cert.key;
        ssl_session_cache  builtin:1000  shared:SSL:80m;
        ssl_protocols  TLSv1 TLSv1.1 TLSv1.2;
        ssl_ciphers ECDH+AESGCM:ECDH+AES256:ECDH+AES128:DH+3DES:!ADH:!AECDH:!MD5;
        ssl_prefer_server_ciphers on;
        ssl_session_timeout 10m;
        keepalive_timeout   70;

        location / {
            proxy_set_header        Host $host;
            proxy_set_header        X-Real-IP $remote_addr;
            proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header        X-Forwarded-Proto $scheme;
            proxy_pass          http://localhost:8702;
            proxy_read_timeout  90;
            proxy_redirect      off;
        }
    }
}