worker_processes auto;
worker_rlimit_nofile 65535;
pid /run/openresty.pid;
events {
  worker_connections 4096;
  multi_accept on;
  use epoll;
}

quic_bpf on;

http {
  map_hash_max_size 4096;
  map_hash_bucket_size 128;

  map $server_addr $unix {
    default 0;
    "~unix:" 1;
  }


  log_format detailed-debug '$remote_addr - $remote_user [$time_local] '
    '"$request" $status $body_bytes_sent '
    '"$http_referer" "$http_user_agent" "$ssl_cipher"';

  include configs/cache.conf;

  include configs/luaconfig.conf;
  init_by_lua_file "conf/lua/init.lua";

  include configs/crowdsec.conf;

  resolver 127.0.0.1 ipv6=off;
  # For OCSP Stapling
  ssl_stapling on;
  ssl_stapling_verify on;

  access_log off;
  error_log /dev/null;

  # Basic Settings
  charset utf-8;
  sendfile on;
  tcp_nopush on;
  tcp_nodelay on;
  server_tokens off;
  log_not_found off;
  types_hash_max_size 1024;
  types_hash_bucket_size 128;
  server_names_hash_bucket_size 128;

  # MIME
  include mime.types;

  # SSL
  include configs/ssl.conf;

  # reset timed out connections freeing ram
  reset_timedout_connection on;
  # maximum time between packets the client can pause when sending nginx any data
  client_body_timeout 10s;
  # maximum time the client has to send the entire header to nginx
  client_header_timeout 10s;
  # timeout which a single keep-alive client connection will stay open
  keepalive_timeout 60s;
  # maximum time between packets nginx is allowed to pause when sending the client data
  send_timeout 10s;

  client_body_buffer_size 32k;
  client_max_body_size 2m;

  open_file_cache max=1024 inactive=10s;
  open_file_cache_valid 60s;
  open_file_cache_min_uses 2;
  open_file_cache_errors on;

  # PERFORMANCE / ASYNC I/O
  aio threads=default;
  aio_write on;
  directio 2m;

  # QUIC settings
  # https://nginx.org/en/docs/http/ngx_http_v3_module.html
  quic_gso on;

  # Maps
  include snippets/maps.conf;

  include configs/general.conf;
  include configs/upstreams.conf;
  include configs/limits.conf;
  include http.d/*.conf;
}