# vi: ft=nginx
server {  
    listen 8080 default_server;

    server_name localhost;

    # Optional security related headers
    # add_header Content-Security-Policy "default-src 'self';";
    # add_header Strict-Transport-Security "max-age=31536000;"; # includeSubDomains"
    # add_header X-Frame-Options "SAMEORIGIN";
    # add_header X-Content-Type-Options "nosniff";
    # add_header Referrer-Policy "origin-when-cross-origin";

    # access_log /var/log/nginx/imgsort2-access.log;
    # error_log /var/log/nginx/imgsort2-error.log;

    root /mnt/imgsort2;
    index index.html;

    # serve full size images here
    location /images-full {
        alias /mnt/data/images;
    }
    # serve low res images here
    location /images {
        alias /mnt/data/images;
        location ~* \.(jpg|png|jpeg|webp)$ {
            # resize to width=700
            image_filter resize 700 -;
            image_filter_jpeg_quality 50;
            image_filter_webp_quality 50;
            image_filter_buffer 40M;
        }
    }

    # TODO: Access restriction
    # https://docs.nginx.com/nginx/admin-guide/security-controls/configuring-http-basic-authentication/

    # auth_basic "Imgsort 2";
    # auth_basic_user_file /etc/www/.imgsort2.htpasswd;

    location ~ .*\.php$ {
        # TODO: this depends on your php-fpm configuration
        fastcgi_pass unix:/var/run/php/php-fpm-imgsort2.sock;
        include fastcgi.conf;
    }
}