# doc :
# https://nginx.org/en/docs/dirindex.html
# https://www.nginx.com/resources/wiki/start/
# https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/
# https://wiki.debian.org/Nginx/DirectoryStructure

server {
	listen							443 ssl;												# for ipv4, on port 443, specifying that accepted connections should works in ssl mode
	listen							[::]:443 ssl;										# for ipv6
	server_name					${WP_URL};
	ssl_certificate			/etc/ssl/certs/${WP_URL}.crt;		# specifies the file with the ssl certificate (self signed here) generated by openssl
	ssl_certificate_key	/etc/ssl/private/${WP_URL}.key;	# specifies the file with the secret key of the certificate

	root				/var/www/html/;													# contains default nginx index.nginx-debian.html
	index				index.html index.php;										# defines files that will be used as index (https://nginx.org/en/docs/http/ngx_http_index_module.html)
		 
	access_log /var/log/nginx/${WP_URL}.access.log;
	error_log /var/log/nginx/${WP_URL}.error.log;

	# use fastcgi for all php files
	location ~ \.php$ {
		fastcgi_pass	wordpress:9000;
		fastcgi_split_path_info	^(.+\.php)(/.+)$;
		fastcgi_param	SCRIPT_FILENAME $document_root$fastcgi_script_name;
		include			fastcgi_params;
	}

# followings are from :
# https://www.farinspace.com/wordpress-nginx-rewrite-rules/

	# unless the request is for a valid file, send to bootstrap
	# without this, permalinks changes don't work
	if (!-e $request_filename) {
		rewrite ^(.+)$ /index.php?q=$1 last;
	}

	## enforce NO www
	#if ($host ~* ^www\.(.*)) {
	#	set $host_without_www $1;
	#	rewrite ^/(.*)$ $scheme://$host_without_www/$1 permanent;
	#}

	## catch all
	#error_page 404 /index.php;

	## deny access to apache .htaccess files
	#location ~ /\.ht {
	#	deny all;
	#}

}