###
# Instance
###
upstream backend {
  server backend:3000;
}

upstream frontend {
  server frontend-service:3000;
}

map "$request_method:$cookie_fs_unavailable" $reject_login {
  default  0;
  "POST:1" 1;
}

server {
  listen 80;
  server_name _;

  location ~ ^/-/down/?$ {
    add_header Set-Cookie "fs_unavailable=true; Max-Age=60; Path=/; HttpOnly" always;
    return 302 $scheme://$http_host/;
  }

  location ~ ^/-/down/(?<age>\d+)/?$ {
    add_header Set-Cookie "fs_unavailable=true; Max-Age=$age; Path=/; HttpOnly" always;
    return 302 $scheme://$http_host/;
  }

  location ~ ^/-/up/?$ {
    return 302 $scheme://$http_host/-/down/0;
  }

  # Special‐case POST /login to backend, GET to frontend
  location = /login {
    proxy_set_header Host              $host;
    proxy_set_header X-Real-IP         $remote_addr;
    proxy_set_header X-Forwarded-For   $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;

    if ($reject_login) {
      add_header    Content-Type application/json always;
      return 503 '{"code":"Loading", "message": "Soon!"}';
    }

    if ($request_method = POST) {
      proxy_pass http://backend;
      break;
    }

    if ($request_method = GET) {
      proxy_pass http://frontend;
      break;
    }

    return 405;
  }

  # API calls go to the backend
  # Cheat with app plugin paths and route them to the backend. These should come from
  # the Plugin CDN
  location ~ ^/(api|apis|bootdata|logout|public\/plugins\/grafana\-\w+\-app) {
    if ($cookie_fs_unavailable) {
      add_header Content-Type application/json always;
      return 503 '{"code":"Loading", "message": "Soon!"}';
    }

    proxy_pass http://backend;
    proxy_set_header Host              $host;
    proxy_set_header X-Real-IP         $remote_addr;
    proxy_set_header X-Forwarded-For   $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_set_header Upgrade    $http_upgrade;
    proxy_set_header Connection "upgrade";
  }

  # Everything else to the frontend
  location / {
    proxy_pass http://frontend;
    proxy_set_header Host              $host;
    proxy_set_header X-Real-IP         $remote_addr;
    proxy_set_header X-Forwarded-For   $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;
  }
}


###
# CDN
###
map $request $loggable {
  default 1;
  "~^\x16\x03" 0;
}

server {
  listen 81;
  server_name localhost;
  root /cdn;

  # Enable directory listing
  autoindex on;
  autoindex_exact_size off;
  autoindex_format html;
  autoindex_localtime on;

  add_header Cache-Control "no-cache, no-store, must-revalidate" always;
  add_header Pragma "no-cache" always;
  add_header Expires "0" always;
  add_header Access-Control-Allow-Origin "*" always;
  add_header Access-Control-Allow-Headers "X-Grafana-Device-Id" always;

  # Suppress access log for malformed HTTPS requests (those starting with a TLS handshake)
  access_log  /var/log/nginx/access.log  main if=$loggable;

  # This serves paths like /grafana/12.1.0-88106/public/build/foo
  location ~ ^/grafana[^/]*/[^/]+/(.*)$ {
    alias /cdn/$1;
  }
}