user {{ data.user }};
pid {{ data.pid}};
worker_processes {{ data.worker_processes }};
worker_rlimit_nofile 65535;

events {
	multi_accept on;
	worker_connections 65535;
}

http {
	charset utf-8;
	sendfile on;
	tcp_nopush on;
	tcp_nodelay on;<!--

	✘ serverTokens --><span ng-if="!isServerTokens()">
	server_tokens off;</span><!--

	✘ logNotFound --><span ng-if="!isLogNotFound()">
	log_not_found off;</span>
	types_hash_max_size 2048;
	client_max_body_size {{ data.client_max_body_size }}M;

	# MIME
	include mime.types;
	default_type application/octet-stream;

	# logging
	access_log {{ isAccessLog() ? data.access_log : 'off' }};
	error_log {{ data.error_log }} warn;<!--

	✔ limitReq --><span ng-if="data.limit_req">

	# limits
	limit_req_log_level warn;
	limit_req_zone $binary_remote_addr zone=login:10m rate=10r/m;</span><!--

	✔ HTTPS --><span ng-if="isHTTPS()">

	# SSL
	ssl_session_timeout 1d;
	ssl_session_cache shared:SSL:50m;
	ssl_session_tickets off;<!--

	✘ SSLProfileModern --><span ng-if="!isSSLProfileModern()">

	# Diffie-Hellman parameter for DHE ciphersuites
	ssl_dhparam /etc/nginx/dhparam.pem;</span>

	# {{ data.ssl_profile }} configuration
	ssl_protocols {{ sslProfiles[ data.ssl_profile ].protocols }};
	ssl_ciphers {{ sslProfiles[ data.ssl_profile ].ciphers }};
	ssl_prefer_server_ciphers on;

	# OCSP Stapling
	ssl_stapling on;
	ssl_stapling_verify on;
	resolver 8.8.8.8 8.8.4.4 208.67.222.222 208.67.220.220 valid=60s;
	resolver_timeout 2s;</span>

	# load configs
	include /etc/nginx/conf.d/*.conf;<span ng-if="data.file_structure === 'modularized'">
	include /etc/nginx/sites-enabled/*;</span><span ng-if="data.file_structure === 'unified'">

	# {{ !data.non_www ? 'www.' : '' }}{{ domain() }}
<ng-include ng-include-tabs="1" src="'templates/conf/sites-available/example.com.conf.html?v=COMMIT_HASH'" sonload="refreshHighlighting()"></ng-include></span>
}