user nginx;
worker_processes 1;

events {
    worker_connections 1024;
}

http {
    default_type application/octet-stream;

    # Maps for handling WebSocket connections
    map $http_upgrade $connection_upgrade {
        default upgrade;
        ''      close;
    }

    server {
        listen 80;

        # Define MIME type
        types {
            text/html html htm shtml;
        }

        # Health check location at a secret path
        location /secret-health-path {
            # A simple response to indicate Nginx is running
            add_header Content-Type text/plain;
            return 200 'Healthy';
        }

        location / {
            # Proxy pass to the backend using environment variables
            proxy_pass http://${BACKEND_ADDRESS}:${BACKEND_PORT}; # Always use http for the backend connection
            
            # General proxy settings
            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection $connection_upgrade;
            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            # Do not use X-Forwarded-Proto to hide the SSL usage from the backend
            proxy_set_header Accept-Encoding "";
            proxy_buffering off;
            # Skip SSL verification if you are proxying to an HTTPS backend, though this is typically not recommended
            proxy_ssl_verify off;
        }
    }
}