# Suggestions? => https://github.com/theraw/The-World-Is-Yours/issues
# Problems?    => https://github.com/theraw/The-World-Is-Yours/issues
user nginx;
pid /var/run/nginx.pid;
worker_processes auto;
worker_rlimit_nofile 65535;

load_module /nginx/modules/ngx_http_modsecurity_module.so;
load_module /nginx/modules/ngx_http_naxsi_module.so;
load_module /nginx/modules/ngx_http_testcookie_access_module.so;

events {
    multi_accept on;
    use epoll;
    worker_connections 65535;
}

http {
    # uncomment lua_package_path if you plan to use ngx-lua module.
    # scripts path of resty-core and lrucache is /usr/twiylua
    #lua_package_path "/usr/twiylua/lib/lua/?.lua;;";
    # ////////////////////////////////////////////////////// #
    # =================== START L7 ========================= #
    include modsec/l7.conf;
    # ===================== END L7 ========================= #
    # ////////////////////////////////////////////////////// #

    # ////////////////////////////////////////////////////// #
    # ===================== LOGS =========================== #
    log_format main '$remote_addr  |==| $status |==| $request |==| $time_local';
    # =================== END LOGS ========================= #
    # ////////////////////////////////////////////////////// #
    
    # ////////////////////////////////////////////////////// #
    # ==================== BACKENDS ======================== #
    map $http_upgrade $connection_upgrade {
    default upgrade;
    '' close;
    }
    # Example Of Backend
    #upstream varnish {
    #    zone tcp_servers 64k;
    #    server 10.10.10.39:80;
    #}
    # =================== END BACKENDS ===================== #
    # ////////////////////////////////////////////////////// #

    # ////////////////////////////////////////////////////// #
    # ==================== GENERAL ========================= #
    client_body_buffer_size        2M;
    client_header_buffer_size      2M;
    client_body_timeout            90s;
    client_header_timeout          90s;
    client_max_body_size           2M;
    keepalive_timeout              15s;
    port_in_redirect               off;
    sendfile                       on;
    server_names_hash_bucket_size  6969;
    server_name_in_redirect        off;
    server_tokens                  off;
    tcp_nodelay                    on;
    tcp_nopush                     on;
    types_hash_max_size            2048;
    resolver                       8.8.8.8 8.8.4.4;
    default_type                   application/octet-stream;
    include                        /nginx/mime.types;
    # =================== END GENERAL ====================== #
    # ////////////////////////////////////////////////////// #

    # ////////////////////////////////////////////////////// #
    # ================ LOAD VHOST +CONFIGS ================= #
    include live/*;
    include modsec/naxi.core;
    # =================== END CONFIGS ====================== #
    # ////////////////////////////////////////////////////// #
}