default.conf

tcp_nopush on;
gzip on;

# Set default DNS resolver
resolver 1.1.1.1;

# Define the proxy cache path, levels, and keys_zone
# Consider using your own levels & key_zones parameters to fine-tune your config
proxy_cache_path /var/cache/nginx levels=2:2:2 keys_zone=main:30m inactive=60m;

server {
    # 1. Welcome, NGINX listening http-only port. This is our main server.
    listen 80;
    listen [::]:80;

    location / {
        # 2. To access all ressources here, an auth-like behavior is requested. Let's check Who is our user here
        auth_request /fs-experiences-subrequest;
        # 10. As a result, headers will be returned to me
        auth_request_set $experienceKey $upstream_http_x_fs_experiences;

        # 11. Now I can use it as cache criteria, and proceed
        proxy_set_header X-fs-experiences $experienceKey;
        proxy_cache_key "$scheme$request_method$host$request_uri$experienceKey";
        proxy_cache main;

        # 12. Rest of a NGINX fine tuned config here ⤵️ - Thanks for reading.
        proxy_pass ${NGINX_UPSTREAM};
        proxy_cache_valid 200 5s;
        add_header X-Cache-Status $upstream_cache_status;
        add_header X-Response-Time $request_time;
    }

    # 3. This location is only accessible from within the server, dedicated to us
    location /fs-experiences-subrequest {
        # 4. By the way, this request/process is not approriate on the outside internet, unless front-end signature checks
        internal;
        
        # 5. Triggering sub-request (allowing async behavior, simulating restart)
        proxy_pass http://127.0.0.1:${FS_DEFAULT_SERVER_PORT};
        proxy_pass_request_body off;
        proxy_set_header Content-Length "";
        
        # 6. Wanna do some logging ?
        proxy_set_header X-Original-URI $request_uri;
    }

    # Return a 404 error for requests for the favicon
    location /favicon.ico {
        return 404 "";
    }
}