##
#  File:
#    virtual_hosts
#  Description:
#    This file is meant to deliver a basic understanding of server blocks.
##

##
# You should look at the following URL's in order to grasp a solid understanding
# of Nginx configuration files in order to fully unleash the power of Nginx.
# http://wiki.nginx.org/Pitfalls
# http://wiki.nginx.org/Configuration
##

##
# Every "virtual host" that you serve will need to be in its own server block.
#
# server {
#	...
# }
#
# After reading this file, you should understand the structure of server blocks
# and be able to understand how to modify them to your needs.
##

server {

	# The listen directive is only needed if this server block:
	#   needs to listen for IPv6
	#   needs to listen on another port
	# If you need to listen for IPv6 then both of the following lines can
	# be included.
	# DO NOT listen for both SSL and non-SSL in the same server block.
	#listen 80; ## listen for ipv4; this line is default and implied
	#listen [::]:80 default ipv6only=on; ## listen for ipv6

	# root specifies the document root for the requests
	root /usr/share/nginx/www;

	# index specifies the list of files (in order) to be tried in the event
	# no file is requested in the URI.
	index index.html index.htm;

	# Make site accessible from http://localhost/
	server_name localhost;

	# Unless you run everything as a proxy, you will want to have a root
	# location block. This example controls how files are requested.
	location / {
		# First attempt to serve request as file, then as directory,
		# then fall back to index.html. /index.html would normally be
		# front end controller pattern for handling "clean url's" in
		# a CMS such as Drupal or Wordpress.
		try_files $uri $uri/ /index.html;
	}

	# This location block would server any requests for /doc as well
	# as anything below it.
	location /doc {
		# root changes the root directory for these requests
		root /usr/share;
		# autoindex on allows these request to display directory listings
		# if a directory was requested
		autoindex on;
		# We'll allow these requests for localhost
		allow 127.0.0.1;
		# Anyone outside is forbidden
		deny all;
	}

	# This location block would serve any requests for /images as well
	# as anything below it.
	location /images {
		# This is the same as /doc except we don't allow indexes
		root /usr/share;
		autoindex off;
		allow 127.0.0.1;
		deny all;
	}

	# This will serve the file 404.html in the event the request is not found.
	error_page 404 /404.html;

	# redirect server error pages to the static page /50x.html
	# This will hit if the server generates a 500, 502, 503, or 504 status code
	error_page 500 502 503 504 /50x.html;

	# This location block isn't actually needed because our root for the
	# server block is the same directory. However, this could be used to
	# have a central directory for all error html files.
	location = /50x.html {
		root /usr/share/nginx/www;
	}

	# proxy the PHP scripts to Apache listening on 127.0.0.1:80
	# If you're going to proxy to Apache, then just push the whole
	# request to it. You'll generally have better performance with
	# a dedicated php listener (fastcgi: php-cgi, php-fpm).
	#location ~ \.php$ {
	#	proxy_pass http://127.0.0.1;
	#}

	# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
	# This is used for passing to php-cgi and php-fpm.
	# For more information see /usr/share/doc/nginx/examples/php
	location ~ \.php$ {
		# This is where the php socket is listening.
		fastcgi_pass 127.0.0.1:9000;
		fastcgi_index index.php;
		include fastcgi_params;
	}

	# deny access to .htaccess, .htpasswd, and .htgroup files
	location ~ /\.ht {
		deny all;
	}
}


# another virtual host using mix of IP-, name-, and port-based configuration
server {
	listen 8000;
	listen somename:8080;
	server_name somename alias another.alias;
	root html;
	index index.html index.htm;

	location / {
		try_files $uri $uri/ /index.html;
	}
}


# HTTPS server
server {
	listen 443;
	server_name localhost;

	root html;
	index index.html index.htm;

	ssl on;
	ssl_certificate cert.pem;
	ssl_certificate_key cert.key;

	ssl_session_timeout 5m;

	ssl_protocols SSLv3 TLSv1;
	ssl_ciphers "HIGH:!aNULL:!MD5 or HIGH:!aNULL:!MD5:!3DES";
	ssl_prefer_server_ciphers on;

	location / {
		try_files $uri $uri/ /index.html;
	}
}