events {}

http {
   server {
       listen 80;
       listen [::]:80;
       server_name _;

       root /app/backend/public;

       add_header X-XSS-Protection "1; mode=block";

       index index.html index.htm index.php;
       charset utf-8;

       access_log /dev/stdout;
       error_log /dev/stderr;

        location /storage {
            alias /app/backend/storage/app/public;
            access_log off;
            expires max;
            add_header Cache-Control "public";
        }

        location ^~ /api/ {
            rewrite ^/api(/.*)$ /index.php$1 break;
            include fastcgi_params;
            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
            fastcgi_param REQUEST_URI $1;
            fastcgi_pass localhost:9000;
            client_max_body_size 20M;
        }

       location ~ \.php$ {
           include fastcgi_params;
           fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
           fastcgi_split_path_info ^(.+\.php)(/.+)$;
           fastcgi_pass localhost:9000;
           fastcgi_index index.php;
           fastcgi_param PHP_VALUE "error_log=/dev/stderr";
       }

       location / {
           proxy_pass http://localhost:5678;
           proxy_http_version 1.1;
           proxy_set_header Host $host;
           proxy_set_header X-Real-IP $remote_addr;
           proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
           proxy_set_header X-Forwarded-Proto $scheme;
       }

       location = /favicon.ico { access_log off; log_not_found off; }
       location = /robots.txt  { access_log off; log_not_found off; }

       error_page 404 /index.php;

       location ~ /\.(?!well-known).* {
           deny all;
       }
   }
}