#fastcgi_cache_path /etc/nginx/cache levels=1:2 keys_zone=MYAPP:100m max_size=10g inactive=1440m;

server {
    listen       80;
    server_name   www.mail.ictdownwerk.com;
    return       301 http://mail.ictdownwerk.com$request_uri;
}

server {
    root /var/www/mail.ictdownwerk.com/html;
    index index.php index.html index.htm index.nginx-debian.html;
    server_name mail.ictdownwerk.com;
    #return 301 $scheme:/$domain$request_uri; Redirect to non-www
    #return 301 https://domein.nl; Redirect to other domain

    #add_header X-Cache "$upstream_cache_status";

    #netdata here
        
    gzip on;
    gzip_proxied any;
    gzip_types text/plain text/css text/xml text/javascript application/javascript application/x-javascript image/svg image/svg+xml application/xml image/x-icon;
    gzip_comp_level 2;
    gzip_disable "msie6";
    gzip_buffers 16 8k;

#    location /rspamd {
#    proxy_pass http://127.0.0.1:11334/;
#    proxy_set_header Host $host;
#    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#}

        location / {
            #try_files $uri $uri/ =404;
            try_files $uri $uri/ /index.php$is_args$args;
            #try_files $uri $uri/ $uri.html $uri.php$is_args$query_string;
        }

        location = /favicon.ico { log_not_found off; access_log off; }
        location = /robots.txt { log_not_found off; access_log off; allow all; }
        location ~* \.(css|gif|ico|jpeg|jpg|js|png|svg|webp|eot|otf|woff|woff2|ttf|ogg)$ {
            expires max;
            log_not_found off;
            add_header Cache-Control "public, no-transform";
        }

        location ~ \.php$ {
            include snippets/fastcgi-php.conf;
            fastcgi_pass unix:/var/run/php/php7.3-fpm.sock;
            #fastcgi_cache MYAPP;
            #fastcgi_cache_valid 200 302 301 1m;
            #fastcgi_cache_valid 404 1m;
            #fastcgi_cache_bypass $no_cache;
            #fastcgi_no_cache $no_cache;
            #fastcgi_cache_revalidate on;
            #fastcgi_cache_background_update on;
            #fastcgi_cache_lock on;
            #fastcgi_cache_use_stale updating;
            #fastcgi_buffer_size 128k;
            #fastcgi_buffers 256 16k;
            #fastcgi_busy_buffers_size 256k;
            #fastcgi_temp_file_write_size 256k;
        }

        location ~ /\.ht {
            deny all;
        }

        location /phpmyadmin {
            index index.php;
        }

        #Cache everything by default
        set $no_cache 0;

        #Don't cache POST requests
        if ($request_method = POST) {
            set $no_cache 1;
        }

        #Don't cache if the URL contains a query string
        if ($query_string != "") {
            set $no_cache 1;
        }

        #Don't cache the following URLs
        if ($request_uri ~* "/(administrator/|login.php)") {
            set $no_cache 1;
        }

        #Don't cache if there is a cookie called PHPSESSID
        if ($http_cookie = "PHPSESSID") {
            set $no_cache 1;
        }
    
    listen [::]:443 ssl http2 ipv6only=on; # managed by Certbot
    listen 443 ssl http2; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/mail.ictdownwerk.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/mail.ictdownwerk.com/privkey.pem; # managed by Certbot
    ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot


    add_header Strict-Transport-Security "max-age=31536000" always; # managed by Certbot

}


server {
    if ($host = mail.ictdownwerk.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    listen 80;
    listen [::]:80;
    root /var/www/mail.ictdownwerk.com/html;
    index index.php index.html index.htm index.nginx-debian.html;
    server_name mail.ictdownwerk.com;
    #return 301 $scheme:/$domain$request_uri; Redirect to non-www
    #return 301 https://domein.nl; Redirect to other domain

    #add_header X-Cache "$upstream_cache_status";

    #netdata here
        
    gzip on;
    gzip_proxied any;
    gzip_types text/plain text/css text/xml text/javascript application/javascript application/x-javascript image/svg image/svg+xml application/xml image/x-icon;
    gzip_comp_level 2;
    gzip_disable "msie6";
    gzip_buffers 16 8k;

#    location /rspamd {
#    proxy_pass http://127.0.0.1:11334/;
#    proxy_set_header Host $host;
#    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#}

        location / {
            #try_files $uri $uri/ =404;
            try_files $uri $uri/ /index.php$is_args$args;
            #try_files $uri $uri/ $uri.html $uri.php$is_args$query_string;
        }

        location = /favicon.ico { log_not_found off; access_log off; }
        location = /robots.txt { log_not_found off; access_log off; allow all; }
        location ~* \.(css|gif|ico|jpeg|jpg|js|png|svg|webp|eot|otf|woff|woff2|ttf|ogg)$ {
            expires max;
            log_not_found off;
            add_header Cache-Control "public, no-transform";
        }

        location ~ \.php$ {
            include snippets/fastcgi-php.conf;
            fastcgi_pass unix:/var/run/php/php7.3-fpm.sock;
            #fastcgi_cache MYAPP;
            #fastcgi_cache_valid 200 302 301 1m;
            #fastcgi_cache_valid 404 1m;
            #fastcgi_cache_bypass $no_cache;
            #fastcgi_no_cache $no_cache;
            #fastcgi_cache_revalidate on;
            #fastcgi_cache_background_update on;
            #fastcgi_cache_lock on;
            #fastcgi_cache_use_stale updating;
            #fastcgi_buffer_size 128k;
            #fastcgi_buffers 256 16k;
            #fastcgi_busy_buffers_size 256k;
            #fastcgi_temp_file_write_size 256k;
        }

        location ~ /\.ht {
            deny all;
        }

        location /phpmyadmin {
            index index.php;
        }

        #Cache everything by default
        set $no_cache 0;

        #Don't cache POST requests
        if ($request_method = POST) {
            set $no_cache 1;
        }

        #Don't cache if the URL contains a query string
        if ($query_string != "") {
            set $no_cache 1;
        }

        #Don't cache the following URLs
        if ($request_uri ~* "/(administrator/|login.php)") {
            set $no_cache 1;
        }

        #Don't cache if there is a cookie called PHPSESSID
        if ($http_cookie = "PHPSESSID") {
            set $no_cache 1;
        }
    



}