user www-data;

worker_processes  1;

pid /run/nginx.pid;

events {
    worker_connections  1024;
}

http {
    include       mime.types;
    default_type  application/octet-stream;

    # the collectd config depends on this log format
    log_format combined2 '$remote_addr - [$time_local] '
        '"$request" $status $body_bytes_sent $request_time '
        '"$http_referer" "$http_user_agent"';

    # required for long host names
    server_names_hash_bucket_size 128;

    access_log access.log combined2;

    sendfile        on;

    # timeout for client to finish sending headers
    client_header_timeout 30s;

    # timeout for reading client request body (successive read timeout and not whole body!)
    client_body_timeout 60s;

    # keep-alive connections timeout in 65s. this is because many browsers timeout in 60 seconds
    keepalive_timeout  65s;

    # HTTP server
    server {
        listen      80;

        # collectd
        location /nginx_status {
            stub_status on;
            access_log off;
            allow 127.0.0.1;
            deny all;
        }

        # acme challenges
        location /.well-known/acme-challenge/ {
            default_type text/plain;
            alias /home/yellowtent/data/acme/;
        }

        location / {
            # redirect everything to HTTPS
            return 301 https://$host$request_uri;
        }
    }

    include applications/*.conf;
}