user www-data;

worker_processes  1;

pid /run/nginx.pid;

events {
    worker_connections  1024;
}

http {
    include       mime.types;
    default_type  application/octet-stream;

    # the collectd config depends on this log format
    log_format combined2 '$remote_addr - [$time_local] '
        '"$request" $status $body_bytes_sent $request_time '
        '"$http_referer" "$host" "$http_user_agent"';

    # required for long host names
    server_names_hash_bucket_size 128;

    access_log /var/log/nginx/access.log combined2;

    sendfile        on;

    # timeout for client to finish sending headers
    client_header_timeout 30s;

    # timeout for reading client request body (successive read timeout and not whole body!)
    client_body_timeout 60s;

    # keep-alive connections timeout in 65s. this is because many browsers timeout in 60 seconds
    keepalive_timeout  65s;

    # zones for rate limiting
    limit_req_zone $binary_remote_addr zone=admin_login:10m rate=10r/s; # 10 request a second


    # default http server that returns 404 for any domain we are not listening on
    server {
        listen      80 default_server;
        listen      [::]:80 default_server;
        server_name does_not_match_anything;

        location / {
            return 404;
        }
    }

    include applications/*.conf;
}