user nginx;
worker_processes 1;

events {
    worker_connections 1024;
}

http {
    default_type application/octet-stream;

    server {
        listen 80;

        # Define MIME type
        types {
            text/html html htm shtml;
        }

        # Health check location at a secret path
        location /secret-health-path {
            # A simple response to indicate Nginx is running
            add_header Content-Type text/plain;
            return 200 'Healthy';
        }

        location / {
            # Use the placeholders for the proxy pass
            proxy_pass ${PROTOCOL}://${BACKEND_ADDRESS}:${BACKEND_PORT};
            
            # General proxy settings
            proxy_http_version 1.1;
            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header Accept-Encoding "";
            proxy_buffering off;
            proxy_ssl_verify off;  # Skip SSL verification, be cautious

            # Do not alter the Connection header; let the backend and client negotiate that
            proxy_set_header Connection $http_connection;

            # Preserve the request scheme for the backend application
            proxy_set_header X-Forwarded-Proto $scheme;

            # Allow the backend to serve the correct protocol URLs
            proxy_redirect off;
        }
    }
}