# Generated by Chef
upstream _sockethub {
  server   localhost:<%= @sockethub_port %>;
}

map $http_upgrade $connection_upgrade {
  default upgrade;
  '' close;
}

<% if File.exist?(@ssl_cert) && File.exist?(@ssl_key) -%>
server {
  listen <%= @sockethub_external_port %> ssl http2;
  add_header Strict-Transport-Security "max-age=15768000";

  server_name <%= @server_name %>;

  access_log <%= node[:nginx][:log_dir] %>/sockethub.access.log json;
  error_log <%= node[:nginx][:log_dir] %>/sockethub.error.log warn;

  # We might need real ETags, disable those for now
  gzip off;

  location / {
    # Increase number of buffers. Default is 8
    proxy_buffers 1024 8k;

    proxy_pass http://_sockethub;
    proxy_http_version 1.1;
    # Enable WebSockets
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection $connection_upgrade;
   }

  ssl_certificate <%= @ssl_cert %>;
  ssl_certificate_key <%= @ssl_key %>;
}
<% end -%>