env AWS_ACCESS_KEY_ID;
env AWS_SECRET_ACCESS_KEY;
env S3_BUCKET_NAME;

worker_processes 1;

events {
  worker_connections 1024;
}

http {
  server {
    listen 80;
    client_max_body_size 0;

    location /healthcheck {
      add_header Content-Type text/plain;
      return 200 'Ok';
      access_log off;
    }

    location ~* ^/uploads {
      if ($request_method = 'OPTIONS') {
        # Tell client that this pre-flight info is valid for 20 days
        add_header 'Access-Control-Allow-Origin' "*" ;
        add_header 'Access-Control-Allow-Credentials' 'true' ;
        add_header 'Access-Control-Allow-Methods' 'GET, PUT, OPTIONS' ;
        add_header 'Access-Control-Allow-Headers' 'Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With';
        add_header 'Access-Control-Max-Age' 1728000;
        add_header 'Content-Type' 'text/plain charset=UTF-8';
        add_header 'Content-Length' 0;
        return 204;
      }
      if ($request_method != PUT) {
        return 404;
      }

      set_secure_random_alphanum $prefix 64;
      set_sha1 $prefixsha $prefix;
      set_by_lua $date "return ngx.cookie_time(ngx.time())";
      set_by_lua $day "return ngx.today()";
      set_sha1 $datesha $date;
      set $key $prefixsha$datesha;
      set_by_lua $bucket "return os.getenv('S3_BUCKET_NAME')";
      set $url https://$bucket.s3.amazonaws.com/$day/$key;
      set $returnurl https://uploads.paidit.se/$day/$key;
      set $acl public-read;

      proxy_set_header x-amz-acl $acl;
      proxy_set_header x-amz-date $date;
      proxy_hide_header x-amz-id-2;
      proxy_hide_header x-amz-request-id;
      add_header X-File-URL $returnurl;

      resolver 8.8.8.8 valid=300s;
      resolver_timeout 10s;
      add_header 'Access-Control-Expose-Headers' 'X-File-Url';

      proxy_pass $url;
    }
  }
}