# Nginx Configuration for Published Websites
# This file shows how to configure nginx to serve published websites

# Example configuration for a subdomain
server {
    listen 80;
    listen [::]:80;
    server_name *.omni-coder.com;

    # Redirect to HTTPS
    return 301 https://$host$request_uri;
}

server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    server_name *.omni-coder.com;

    # SSL Configuration (use Let's Encrypt or other SSL provider)
    ssl_certificate /path/to/ssl/certificate.crt;
    ssl_certificate_key /path/to/ssl/private.key;
    ssl_protocols TLSv1.2 TLSv1.3;
    ssl_ciphers HIGH:!aNULL:!MD5;

    # Document root - dynamically serve from published directory
    root /home/p911/domains/ai-webappbuilder-fb10bace-911.app.omni-coder.com/public_html/published;

    # Extract subdomain and serve corresponding directory
    set $subdomain "";
    if ($host ~* "^(.+)\.omni-coder\.com$") {
        set $subdomain $1;
    }

    # Rewrite to use subdomain directory
    rewrite ^(.*)$ /$subdomain$1 break;

    # Index files
    index index.html index.htm;

    # Try files, fallback to index.html for SPAs
    location / {
        try_files $uri $uri/ /index.html =404;
    }

    # Security headers
    add_header X-Frame-Options "SAMEORIGIN" always;
    add_header X-Content-Type-Options "nosniff" always;
    add_header X-XSS-Protection "1; mode=block" always;

    # Gzip compression
    gzip on;
    gzip_vary on;
    gzip_min_length 1024;
    gzip_types text/plain text/css text/xml text/javascript application/x-javascript application/xml+rss application/json;

    # Cache static assets
    location ~* \.(jpg|jpeg|png|gif|ico|css|js|svg|woff|woff2|ttf|eot)$ {
        expires 1y;
        add_header Cache-Control "public, immutable";
    }

    # Deny access to hidden files
    location ~ /\. {
        deny all;
    }
}

# Example configuration for custom domains
server {
    listen 80;
    listen [::]:80;
    server_name example.com www.example.com;

    # Redirect to HTTPS
    return 301 https://$host$request_uri;
}

server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    server_name example.com www.example.com;

    # SSL Configuration
    ssl_certificate /path/to/ssl/example.com.crt;
    ssl_certificate_key /path/to/ssl/example.com.key;

    # Document root - point to published directory
    root /home/p911/domains/ai-webappbuilder-fb10bace-911.app.omni-coder.com/public_html/published/example-com;

    index index.html index.htm;

    location / {
        try_files $uri $uri/ /index.html =404;
    }

    # Security headers
    add_header X-Frame-Options "SAMEORIGIN" always;
    add_header X-Content-Type-Options "nosniff" always;
    add_header X-XSS-Protection "1; mode=block" always;

    # Gzip compression
    gzip on;
    gzip_vary on;
    gzip_min_length 1024;
    gzip_types text/plain text/css text/xml text/javascript application/x-javascript application/xml+rss application/json;
}

# Alternative: Catch-all configuration with map
# This allows multiple domains to be served dynamically

map $host $published_dir {
    default "";
    ~^(?<subdomain>.+)\.omni-coder\.com$ "/published/$subdomain-omni-coder-com";
    example.com "/published/example-com";
    www.example.com "/published/example-com";
}

server {
    listen 80;
    listen [::]:80;
    server_name *.omni-coder.com example.com www.example.com;

    # Redirect to HTTPS
    return 301 https://$host$request_uri;
}

server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    server_name *.omni-coder.com example.com www.example.com;

    # SSL Configuration (wildcard cert for *.omni-coder.com)
    ssl_certificate /path/to/ssl/wildcard.crt;
    ssl_certificate_key /path/to/ssl/wildcard.key;

    root /home/p911/domains/ai-webappbuilder-fb10bace-911.app.omni-coder.com/public_html$published_dir;

    index index.html index.htm;

    location / {
        try_files $uri $uri/ /index.html =404;
    }
}