# 
# Jorani nginx sample configuration file
# @copyright  Copyright (c) 2014-2019 Benjamin BALET
# @license      http://opensource.org/licenses/AGPL-3.0 AGPL-3.0
# @link            https://github.com/bbalet/jorani
#

server { 
	listen 80 default;
	server_name localhost;
# Jorani works perfectly over HTTPS and HTTP/2:
#        listen 443 ssl http2;
#        server_name secure.jorani.org;
#        ssl_certificate /etc/letsencrypt/live/secure.jorani.org/fullchain.pem;
#       ssl_certificate_key /etc/letsencrypt/live/secure.jorani.org/privkey.pem;

	access_log /var/log/nginx/localhost.access.log;
	root /var/www/;
	index  index.php index.html;

	gzip on;
	gzip_disable "msie6";
	gzip_min_length 1100;
                  gzip_types text/xml text/css image/x-icon image/bmp application/json
                   text/javascript application/x-javascript application/javascript
                   application/pdf application/postscript
                   application/rtf application/vnd.ms-powerpoint
                   application/msword application/vnd.ms-excel
                   application/vnd.wap.xhtml+xml;

# Example with brotli
#                    brotli on;
#                    brotli_types text/xml text/css image/x-icon image/bmp application/json
#                   text/javascript application/x-javascript application/javascript
#                   application/pdf application/postscript
#                   application/rtf application/vnd.ms-powerpoint
#                   application/msword application/vnd.ms-excel
#                   application/vnd.wap.xhtml+xml;

	# If file is an asset, set expires and break
    	location ~* \.(ico|css|js|gif|jpe?g|png|otf|eot|svg|ttf|woff|woff2)(\?[0-9]+)?$ {
        	expires max;
        	break;
    	}

	#Allow acces to some specific assets
	location ~* ^/(robots\.txt) {
            expires max;
            break;
        }

	# canonicalize codeigniter url end points
	# if your default controller is something other than "welcome" you should change the following
	if ($request_uri ~* ^(/leaves(/index)?|/index(.php)?)/?$)
 	{
        	rewrite ^(.*)$ / permanent;
    	}
 
	# removes trailing "index" from all controllers
    	if ($request_uri ~* index/?$)
    	{
        	rewrite ^/(.*)/index/?$ /$1 permanent;
    	}
 
    	# removes trailing slashes (prevents SEO duplicate content issues)
    	if (!-d $request_filename)
    	{
        	rewrite ^/(.+)/$ /$1 permanent;
    	}
 
    	# removes access to "system" folder, also allows a "System.php" controller
    	if ($request_uri ~* ^/system)
    	{
        	rewrite ^/(.*)$ /index.php?/$1 last;
        	break;
    	}
 
    	# unless the request is for a valid file (image, js, css, etc.), send to bootstrap
    	if (!-e $request_filename)
    	{
        	rewrite ^/(.*)$ /index.php?/$1 last;
        	break;
    	}
 
    	# catch all
    	error_page 404 /index.php;

	location ~ \.php$ {
		try_files $uri $uri/ /index.php?/$request_uri;
		include fastcgi_params;
		fastcgi_split_path_info ^(.+\.php)(.*)$;
		#This is a socket configuration example
		#fastcgi_pass unix:/var/run/php-fastcgi/php-fastcgi.socket;
		#Alternatively, you can use FastCGI from a network port
		fastcgi_pass 127.0.0.1:9000;
		fastcgi_index index.php;
                #fastcgi_param CI_ENV development;
                fastcgi_param SERVER_SOFTWARE nginx;
                fastcgi_param HTTP_MOD_REWRITE On; #Mimic Apache
                fastcgi_param ALLOW_OVERWRITE On; #Mimic Apache
                fastcgi_param PHP_AUTH_USER $remote_user;       #Pass BasicAuth headers
                fastcgi_param PHP_AUTH_PW $http_authorization;  #Pass BasicAuth headers
		fastcgi_param SCRIPT_FILENAME
			$document_root$fastcgi_script_name;
                fastcgi_buffer_size 128k;
                fastcgi_buffers 4 256k;
                fastcgi_busy_buffers_size 256k;
	}

	## Disable viewing some files such as .htaccess & .htpassword
        location ~* \.(ht|htpassword|pem) {
                deny all;
        }
}
