limit_req_zone $binary_remote_addr zone=rate_limit_per_ip:10m rate=10r/s;

server {
	listen 443 ssl http2 default_server;

	server_name dinhvan.com www.dinhvan.com admin.dinhvan.com media.dinhvan.com prod-origin.dinhvan.com static.dinhvan.com;

 #       ssl on;
        #ssl_certificate         /etc/nginx/ssl/wildcard.dinhvan.com.cert;
        #ssl_certificate_key     /etc/nginx/ssl/wildcard.dinhvan.com.key;
	ssl_certificate /etc/ssl/virtualmin/16965295569177/ssl.combined;
	ssl_certificate_key /etc/ssl/virtualmin/16965295569177/ssl.key;

	access_log /home/dinhvan/public_html/dinhvan-magento/var/log/nginx-tls-access.log;
	error_log /home/dinhvan/public_html/dinhvan-magento/var/log/nginx-tls-errors.log;

    location / {
        proxy_redirect          off;
        proxy_set_header        Host                    $http_host;
        proxy_set_header        X-Forwarded-Proto       "HTTPS";
        proxy_set_header        X-Forwarded-For         $proxy_add_x_forwarded_for;
        proxy_set_header        HTTPS                   "On";
        proxy_set_header        ViaSSL                  Yes;

        proxy_connect_timeout   30;
        proxy_send_timeout      600;
        proxy_read_timeout      600;

        proxy_buffers           8 16k;
        proxy_buffer_size       16k;

        # Vers varnish local
        proxy_pass              http://127.0.0.1:80/;
    }

	# --- Interdiction d’accès direct aux fichiers sensibles Magento ---
	# TODO : reinclure "vendor" dans le path
#	location ~* (\.git|\.hg|\.svn|\.env|var/.+\.xml|vendor/) {
	location ~* (\.git|\.hg|\.svn|\.env|var/.+\.xml) {
		deny all;
	}	

	listen 193.151.87.225:443 ssl;
}


# Configuration WebServer
upstream fastcgi_backend {
    server unix:/run/php/16965295569177.sock;
}

server {
	ssl_certificate /etc/ssl/virtualmin/16965295569177/ssl.combined;
    ssl_certificate_key /etc/ssl/virtualmin/16965295569177/ssl.key;
 
	
    listen 8080;

    set_real_ip_from 127.0.0.1;
    real_ip_header X-Forwarded-For;
    real_ip_recursive on;

    # ISS-ISS-422346
    include /etc/nginx/include/redirections.conf;

    server_name dinhvan.com www.dinhvan.com prod-origin.dinhvan.com static.dinhvan.com media.dinhvan.com admin.dinhvan.com;

    set $MAGE_ROOT /home/dinhvan/public_html/dinhvan-magento;
    set $MAGE_RUN_TYPE website;

    if ($host ~ "dinhvan.es") {
        set $MAGE_RUN_CODE espagne;
    }
    if ($host ~ "dinhvan.com") {
        set $MAGE_RUN_CODE international;
    }

    # Include des configurations client
    include /home/dinhvan/public_html/dinhvan-magento/nginx.conf.dinhvan;

    #access_log /home/dinhvan/public_html/dinhvan-magento/var/log/access.log time;
    access_log /home/dinhvan/public_html/dinhvan-magento/var/log/nginx-access.log;
    error_log /home/dinhvan/public_html/dinhvan-magento/var/log/nginx-errors.log;
}