# keep in sync with clsi-startup.sh files
# keep in sync with server-ce/nginx/clsi-nginx.conf
# Changes to the above:
#  - added debug header

server {
  # Extra header for dev-env.
  add_header 'X-Served-By' 'clsi-nginx' always;

  listen 8080;
  server_name clsi-proxy;
  server_tokens off;
  access_log off;
  # Ignore symlinks possibly created by users
  disable_symlinks on;
  # enable compression for tex auxiliary files, but not for pdf files
  gzip on;
  gzip_types text/plain;
  gzip_proxied any;
  types {
      text/plain log blg aux stdout stderr;
      application/pdf pdf;
  }

  # user content domain access check
  # The project-id is zero prefixed. No actual user project uses these ids.
  # mongo-id 000000000000000000000000 -> 1970-01-01T00:00:00.000Z
  # mongo-id 000000010000000000000000 -> 1970-01-01T00:00:01.000Z
  # mongo-id 100000000000000000000000 -> 1978-07-04T21:24:16.000Z
  # This allows us to distinguish between check-traffic and regular output traffic.
  location ~ ^/project/0([0-9a-f]+)/user/([0-9a-f]+)/build/([0-9a-f-]+)/output/output\.pdf$ {
    if ($request_method = 'OPTIONS') {
      # handle OPTIONS method for CORS requests
      add_header 'Allow' 'GET,HEAD';
      return 204;
    }
    alias /var/clsi/tiny.pdf;
  }
  location ~ ^/project/0([0-9a-f]+)/build/([0-9a-f-]+)/output/output\.pdf$ {
    if ($request_method = 'OPTIONS') {
      # handle OPTIONS method for CORS requests
      add_header 'Allow' 'GET,HEAD';
      return 204;
    }
    alias /var/clsi/tiny.pdf;
  }

  # handle output files for specific users
  location ~ ^/project/([0-9a-f]+)/user/([0-9a-f]+)/build/([0-9a-f-]+)/output/output\.([a-z]+)$ {
    if ($request_method = 'OPTIONS') {
      # handle OPTIONS method for CORS requests
      add_header 'Allow' 'GET,HEAD';
      return 204;
    }
    alias /output/$1-$2/generated-files/$3/output.$4;
  }
  # handle .blg files for specific users
  location ~ ^/project/([0-9a-f]+)/user/([0-9a-f]+)/build/([0-9a-f-]+)/output/(.+)\.blg$ {
    if ($request_method = 'OPTIONS') {
      # handle OPTIONS method for CORS requests
      add_header 'Allow' 'GET,HEAD';
      return 204;
    }
    alias /output/$1-$2/generated-files/$3/$4.blg;
  }
  # handle output files for anonymous users
  location ~ ^/project/([0-9a-f]+)/build/([0-9a-f-]+)/output/output\.([a-z]+)$ {
    if ($request_method = 'OPTIONS') {
      # handle OPTIONS method for CORS requests
      add_header 'Allow' 'GET,HEAD';
      return 204;
    }
    alias /output/$1/generated-files/$2/output.$3;
  }
  # handle .blg files for anonymous users
  location ~ ^/project/([0-9a-f]+)/build/([0-9a-f-]+)/output/(.+)\.blg$ {
    if ($request_method = 'OPTIONS') {
      # handle OPTIONS method for CORS requests
      add_header 'Allow' 'GET,HEAD';
      return 204;
    }
    alias /output/$1/generated-files/$2/$3.blg;
  }

  # PDF range for specific users
  location ~ ^/project/([0-9a-f]+)/user/([0-9a-f]+)/content/([0-9a-f-]+/[0-9a-f]+)$ {
    if ($request_method = 'OPTIONS') {
      # handle OPTIONS method for CORS requests
      add_header 'Content-Type' 'text/plain charset=UTF-8';
      add_header 'Allow' 'GET,HEAD';
      return 200 'GET,HEAD';
    }
    # Cache for one day
    expires 1d;
    alias /output/$1-$2/content/$3;
  }
  # PDF range for anonymous users
  location ~ ^/project/([0-9a-f]+)/content/([0-9a-f-]+/[0-9a-f]+)$ {
    if ($request_method = 'OPTIONS') {
      # handle OPTIONS method for CORS requests
      add_header 'Allow' 'GET,HEAD';
      return 204;
    }
    # Cache for one day
    expires 1d;
    alias /output/$1/content/$2;
  }

  # status endpoint for haproxy httpchk option
  location /status {
    return 200;
  }

  # load shedding probe
  location = /instance-state {
    alias /var/clsi/instance-state;
  }
}