worker_processes  1;

events {
    worker_connections  1024;
}

http {
    include       mime.types;
    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;
    
    sendfile        on;
    keepalive_timeout  65;
    client_max_body_size 5m;

#     server {
#         listen 80;
#         server_name localhost;
#         return 301 https://$host$request_uri; # 将HTTP请求重定向到HTTPS
#    }

    server {
        listen       80;
        server_name  localhost;
        # ssl_certificate /opt/wfc/ssl/server.crt;
        # ssl_certificate_key /opt/wfc/ssl/server.key;
        # ssl_session_cache shared:SSL:10m;
        # ssl_session_timeout 120m;
        # ssl_prefer_server_ciphers on;
        # ssl_session_tickets off;
        # ssl_stapling_verify on;

        location /kyc {
            alias   /opt/wfc/file/upload;

            autoindex on;
            autoindex_exact_size off;
            autoindex_localtime on;
        }

        location /sys {
            root   /opt/wfc/portal;
            try_files $uri $uri/ /index.html;
            index  index.html index.htm;
        }

        location /sys-api/{
            proxy_set_header Host $http_host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header REMOTE-HOST $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_pass http://192.168.13.128:8080/;
        }

        location /u {
            root   /opt/wfc/portal;
            try_files $uri $uri/ /index.html;
            index  index.html index.htm;
        }

        location /u-api/{
            proxy_set_header Host $http_host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header REMOTE-HOST $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_pass http://192.168.13.128:8080/;
        }

        location /file {
            proxy_pass http://192.168.13.128:9201/;
            proxy_cache_bypass                  $http_upgrade;
            proxy_set_header Upgrade            $http_upgrade;
            proxy_set_header Host               $host;
            proxy_set_header Connection         "upgrade";
            proxy_set_header X-Forwarded-For    $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto  $scheme;
            proxy_set_header X-Forwarded-Host   $host;
            proxy_set_header X-Forwarded-Port   $server_port;
            proxy_set_header Content-Type       $content_type;
            proxy_set_header Content-Length     $http_content_length;
        }

        # Avoid actuator access
        if ($request_uri ~ "/actuator") {
            return 403;
        }

        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }
    }
}