user mozdef mozdef;
worker_processes 5;

error_log /var/log/mozdef/nginx_error_log notice;

events {
  worker_connections 1024;
  use epoll;
}

http {
  include /etc/nginx/mime.types;
  default_type application/octet-stream;

  log_format main
    '$remote_addr - $remote_user [$time_local] '
    '"$request" $status $bytes_sent '
    '"$http_referer" "$http_user_agent" '
    '"$gzip_ratio"';

  client_header_timeout 10m;
  client_max_body_size 4m;
  client_body_timeout 10m;
  send_timeout 10m;
  connection_pool_size 256;
  client_header_buffer_size 1k;
  client_body_buffer_size 1024k;
  large_client_header_buffers 4 2k;
  request_pool_size 4k;

  gzip on;
  gzip_min_length 1100;
  gzip_buffers 4 8k;
  gzip_types text/plain;

  output_buffers 1 32k;
  postpone_output 1460;

  sendfile on;
  tcp_nopush on;
  tcp_nodelay on;

  keepalive_disable none;
  keepalive_requests 2147483647;
  keepalive_timeout 750s;

  ignore_invalid_headers on;

  index index.html;

  proxy_temp_path /tmp/proxy 1 2;

  ## loginput - 8080 ###
  server {
    access_log          off;
    error_log /var/log/mozdef/nginx.loginput.error_log notice;

    listen   8080;
    charset utf-8;
    root /opt/mozdef/envs/mozdef/loginput;

    location / {
      include uwsgi_params;
      uwsgi_pass unix:/opt/mozdef/envs/mozdef/loginput/loginput.socket;
      uwsgi_param UWSGI_PYHOME /opt/mozdef/envs/python/;
      uwsgi_param UWSGI_CHIDIR /opt/mozdef/envs/mozdef/loginput;
      uwsgi_param UWSGI_SCRIPT index;
    }
    location ~static{
        root /opt/mozdef/envs/mozdef;
    }
  }

  ## restapi - 8081 ###
  server {
    access_log          off;
    error_log /var/log/mozdef/nginx.rest.error_log notice;

    listen   8081;
    charset utf-8;
    root /opt/mozdef/envs/mozdef/rest;

    location / {
      include uwsgi_params;
      uwsgi_pass unix:/opt/mozdef/envs/mozdef/rest/restapi.socket;
      uwsgi_param UWSGI_PYHOME /opt/mozdef/envs/python/;
      uwsgi_param UWSGI_CHIDIR /opt/mozdef/envs/mozdef/rest;
      uwsgi_param UWSGI_SCRIPT index;
    }
  }

  ## meteor - 80 ##
  server{
    listen              *:80;
    access_log          off;

    location /{
      proxy_pass http://127.0.0.1:3000;
      proxy_read_timeout 90;
    }
  }

  ## kibana - 9090 ##
  server {
    listen              *:9090;
    server_name         localhost;
    access_log          off;
    error_log           /var/log/mozdef/nginx.kibana.error_log notice;

    location /{
      proxy_http_version   1.1;
      proxy_pass           http://127.0.0.1:5601;
      proxy_read_timeout   90;
      proxy_set_header     Upgrade             $http_upgrade;
      proxy_set_header     Connection 'upgrade';
      proxy_set_header     Host                $http_host;
      proxy_set_header     X-Real-IP           $remote_addr;
      proxy_set_header     X-Forwarded-For     $proxy_add_x_forwarded_for;
      proxy_set_header     X-Forwarded-Proto   $scheme;
      proxy_cache_bypass   $http_upgrade;
    }
  }
}