# =============================================================================
# OpenResty / Nginx 反向代理配置示例
# 此文件仅供参考，实际配置在 1Panel 网站管理中完成
# =============================================================================
#
# 在 1Panel 中需要创建 2 个网站:
#   1. makefire.fun       → 前端
#   2. api.makefire.fun   → 后端 API
#
# 两个网站都需要:
#   - 开启 SSL (1Panel 可自动申请 Let's Encrypt 证书)
#   - 开启 HTTP → HTTPS 强制跳转
#
# 以下是每个网站的反向代理配置内容:

# =============================================
# 网站 1: makefire.fun (前端)
# =============================================
# 在 1Panel 中: 网站 → 创建网站 → 反向代理
# 代理地址: http://127.0.0.1:3001

server {
    listen 80;
    listen 443 ssl http2;
    server_name makefire.fun;

    # SSL 证书 (由 1Panel 自动管理，以下路径仅为示例)
    # ssl_certificate     /path/to/cert.pem;
    # ssl_certificate_key /path/to/key.pem;

    # HTTP → HTTPS 跳转
    if ($scheme = http) {
        return 301 https://$host$request_uri;
    }

    # 前端反向代理
    location / {
        proxy_pass http://127.0.0.1:3001;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;

        # SPA 路由支持 — 当后端 nginx 返回 404 时，由前端处理
        proxy_intercept_errors on;
        error_page 404 = /index.html;
    }

    # 静态资源缓存
    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot)$ {
        proxy_pass http://127.0.0.1:3001;
        proxy_set_header Host $host;
        expires 30d;
        add_header Cache-Control "public, immutable";
    }

    # Gzip 压缩
    gzip on;
    gzip_vary on;
    gzip_min_length 1024;
    gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript image/svg+xml;
}

# =============================================
# 网站 2: api.makefire.fun (后端 API)
# =============================================
# 在 1Panel 中: 网站 → 创建网站 → 反向代理
# 代理地址: http://127.0.0.1:8000

server {
    listen 80;
    listen 443 ssl http2;
    server_name api.makefire.fun;

    # SSL 证书 (由 1Panel 自动管理)
    # ssl_certificate     /path/to/cert.pem;
    # ssl_certificate_key /path/to/key.pem;

    # HTTP → HTTPS 跳转
    if ($scheme = http) {
        return 301 https://$host$request_uri;
    }

    # API 反向代理
    location / {
        proxy_pass http://127.0.0.1:8000;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;

        # WebSocket 支持 (如后续需要)
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";

        # 超时设置
        proxy_connect_timeout 60s;
        proxy_send_timeout 60s;
        proxy_read_timeout 60s;

        # 请求体大小限制 (文件上传等)
        client_max_body_size 10m;
    }

    # Gzip 压缩
    gzip on;
    gzip_vary on;
    gzip_min_length 1024;
    gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
}