server {
    listen 80;

    set $root_path     '/var/www/html';
    set $frontend_path '${root_path}/frontend';

    root    $root_path;
    charset utf-8;

    add_header X-Frame-Options "sameorigin" always;
    add_header X-XSS-Protection "1; mode=block" always;
    add_header X-Content-Type-Options "nosniff" always;

    # You can uncomment the next lines to enable debug mode
    # rewrite_log on;
    # error_log /var/log/nginx/error.log debug;

    set $request_url $request_uri;
    set $host_with_uri '${host}${request_uri}';

    if ($host_with_uri ~ '^${AUTHSERVER_HOST}/auth') {
        set $request_url '/api/authserver${request_uri}';
        rewrite ^/auth /api/authserver$uri last;
    }

    if ($host_with_uri ~ '^${AUTHSERVER_HOST}/session') {
        set $request_url '/api/minecraft${request_uri}';
        rewrite ^/session /api/minecraft$uri last;
    }

    if ($host_with_uri ~ '^${AUTHSERVER_HOST}/api/(user|profiles)') {
        set $request_url '/api/mojang${request_uri}';
        rewrite ^/api/(user|profiles) /api/mojang$uri last;
    }

    location / {
        root       $frontend_path;
        access_log off;
        etag       on;
        expires    $cache_duration;
        try_files  $uri /index.html =404;
    }

    location /images/emails/assets {
        proxy_pass http://emails-renderer:3000/assets/;
        expires    $cache_duration;
        access_log off;
    }

    location /api {
        try_files $uri /api/index.php$is_args$args;
    }

    location ~* \.php$ {
        fastcgi_pass  php; # Use generated upstream. See generate-upstream.sh
        fastcgi_index /index.php;
        fastcgi_cache cache;

        include       fastcgi_params;

        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        fastcgi_param REQUEST_URI $request_url;
        fastcgi_param REMOTE_ADDR $http_x_real_ip;
        # Override HTTPS param to handle ssl from nginx-proxy container
        fastcgi_param HTTPS $http_x_forwarded_ssl if_not_empty;
    }
}