user  nginx;
worker_processes 1;
error_log  /var/log/nginx/error.log warn;
pid        /var/run/nginx.pid;

events {
    worker_connections 1024;
}

http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';
    access_log  /var/log/nginx/access.log  main;
    sendfile        on;
    keepalive_timeout  65;

    server_tokens off;

    upstream tacticalrmm {
        server unix:///app/tacticalrmm.sock;
    }

    server {
        listen 80;
        #server_name ${API_HOST};
        client_max_body_size 300M;
        access_log /var/log/nginx/api-access.log;
        error_log /var/log/nginx/api-error.log;
    
        location /static/ {
            root /app;
        }

        location /private/ {
            internal;
            add_header "Access-Control-Allow-Origin" "https://${APP_HOST}";
            alias /app/tacticalrmm/private/;
        }

        location /saltscripts/ {
            internal;
            add_header "Access-Control-Allow-Origin" "https://${APP_HOST}";
            alias /srv/salt/scripts/userdefined/;
        }

        location / {
            uwsgi_pass  tacticalrmm;
            include     /etc/nginx/uwsgi_params;
            uwsgi_read_timeout 9999s;
            uwsgi_ignore_client_abort on;
        }
    }

}
daemon off;