user www-data;
worker_processes auto;
pid /run/nginx.pid;
error_log /var/log/nginx/error.log;
include /etc/nginx/modules-enabled/*.conf;

events {
	worker_connections 2048;
	multi_accept on;
	use epoll;
}

http {

	##
	# Basic Settings
	##

	# Ограничение скорости для API (100 запросов в секунду)
	limit_req_zone $binary_remote_addr zone=api_limit:10m rate=100r/s;

	# Ограничение одновременных соединений (20 соединений с одного IP)
	limit_conn_zone $binary_remote_addr zone=conn_limit:10m;

	sendfile on;
	tcp_nopush on;
	types_hash_max_size 2048;
	# server_tokens off;

	# server_names_hash_bucket_size 64;
	# server_name_in_redirect off;

	include /etc/nginx/mime.types;
	default_type application/octet-stream;

	##
	# SSL Settings
	##

	ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE
	ssl_prefer_server_ciphers on;

	##
	# Logging Settings
	##

	access_log /var/log/nginx/access.log;

	##
	# Gzip Settings
	##

	gzip on;
	gzip_vary on;
	gzip_min_length 1024;
	gzip_proxied any;
	gzip_comp_level 6;
	gzip_buffers 16 8k;
	gzip_http_version 1.1;
	gzip_types
		text/plain
		text/css
		text/xml
		text/javascript
		application/javascript
		application/json
		application/xml+rss
		application/atom+xml
		image/svg+xml;

	##
	# Performance
	##

	client_max_body_size 100M;
	client_body_buffer_size 128k;
	client_header_buffer_size 1k;
	large_client_header_buffers 4 4k;
	output_buffers 1 32k;
	postpone_output 1460;

	##
	# Timeouts
	##

	client_body_timeout 12;
	client_header_timeout 12;
	keepalive_timeout 65;
	send_timeout 10;

	##
	# Proxy Cache
	##

	proxy_cache_path /var/cache/nginx levels=1:2 keys_zone=api_cache:10m max_size=100m inactive=60m;
	proxy_cache_key "$scheme$request_method$host$request_uri";

	##
	# Virtual Host Configs
	##

	include /etc/nginx/conf.d/*.conf;
	include /etc/nginx/sites-enabled/*;
}


#mail {
#	# See sample authentication script at:
#	# http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
#
#	# auth_http localhost/auth.php;
#	# pop3_capabilities "TOP" "USER";
#	# imap_capabilities "IMAP4rev1" "UIDPLUS";
#
#	server {
#		listen     localhost:110;
#		protocol   pop3;
#		proxy      on;
#	}
#
#	server {
#		listen     localhost:143;
#		protocol   imap;
#		proxy      on;
#	}
#}