worker_processes {{ parameter_dict['nb_workers'] }};

pid {{ parameter_dict['pid'] }};
error_log {{ parameter_dict['error-log'] }};

daemon off;

events {
	worker_connections 1024;
	accept_mutex off;
}


http {
     default_type application/octet-stream;
     access_log {{ parameter_dict['access-log'] }} combined;
     client_max_body_size 10M;
     map $http_upgrade $connection_upgrade {
        default upgrade;
        ''      close;
     }
     server {
        listen [{{ parameter_dict['ipv6'] }}]:{{ parameter_dict['port'] }} ssl;
        server_name _;
        ssl_certificate     {{ parameter_dict['ssl-certificate'] }};
        ssl_certificate_key {{ parameter_dict['ssl-key'] }};
        ssl_protocols       TLSv1 TLSv1.1 TLSv1.2;
        ssl_ciphers         ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:HIGH:!aNULL:!MD5
        ssl_prefer_server_ciphers on;
        keepalive_timeout 90s;
        client_body_temp_path {{ param_tempdir['client_body_temp_path'] }};
        proxy_temp_path {{ param_tempdir['proxy_temp_path'] }};
        fastcgi_temp_path {{ param_tempdir['fastcgi_temp_path'] }};
        uwsgi_temp_path {{ param_tempdir['uwsgi_temp_path'] }};
        scgi_temp_path {{ param_tempdir['scgi_temp_path'] }};
	      error_page 401 /login;
        location / {
            proxy_pass_header Server;
        		proxy_set_header Host $http_host;
        		proxy_redirect off;
        		proxy_set_header X-Real-IP $remote_addr;
        		proxy_set_header X-Scheme $scheme;
        		
        		proxy_pass {{ parameter_dict['backend-url'] }};
        		
        		proxy_http_version 1.1;
        		proxy_set_header Upgrade $http_upgrade;
        		proxy_set_header Connection "upgrade";
        }
    }
}