user  nginx;
worker_processes  auto;

error_log  /var/log/nginx/error.log notice;
pid        /var/run/nginx.pid;
include	   /etc/nginx/modules-enabled/*.conf;

events {
	worker_connections  1024;
}

http {
	include       /etc/nginx/mime.types;
	default_type  text/plain;

	##################
	# Basic settings #
	##################

	sendfile on;
	tcp_nopush on;
	tcp_nodelay on;
	keepalive_timeout 65;
	types_hash_max_size 2048;

	##################
	# Gzip settings  #
	##################

	gzip  on;

	##################
	# Headers        #
	##################

	add_header X-Web-Entry "Bifrost" always;

	##################
	# SSL settings   #
	##################

	ssl_protocols TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE
	ssl_prefer_server_ciphers on;

	##################
	# Log settings   #
	##################

	log_format  main  '$remote_addr - $remote_user [$time_local] '
				  '"$request_method $scheme://$host$request_uri $server_protocol" '
					  '$status $body_bytes_sent "$http_referer" '
					  '"$http_user_agent" "$http_x_forwarded_for"';

	access_log  /var/log/nginx/access.log  main;
	error_log   /var/log/nginx/error.log;

	include /etc/nginx/conf.d/*.conf;
	include /etc/nginx/sites-enabled/*.conf;
	include /etc/nginx/cloudflare;
}