server {
    server_name api.local;
    root /var/www/api/public;
    index index.php;

    # Include a group of snippets like GZIP, client-side caching, security.
    include snippets/main.conf;

    # Force SSL.
    listen 443 ssl http2;
    ssl_certificate /etc/nginx/ssl/api.crt;
    ssl_certificate_key /etc/nginx/ssl/api.key;
    if ($scheme != "https") {
        return 301 https://$host$request_uri;
    }

    # Checks for 'cid' header which works just like a session id. 
    # Required to handle the cache for authorized users.
    set $is_auth false;
    if ($http_cid != '') {
      set $is_auth true;
    }

    # First try files like CSS, JS, images (`$uri $uri/ part`) else redirect to PHP(`/index.php?$args;` part).
    location / {
        try_files $uri $uri/ /index.php?$args;
    }
    location ~ \index.php$ {
        internal;
        include snippets/fastcgi-php.conf;
    }

    # Long requests.
    location ~ (batch|export|import) {
        try_files $uri /index_long_request.php?$args;
    }
    location ~ \index_long_request.php$ {
       internal;
        include snippets/long_requests.conf;
        include snippets/fastcgi-php.conf;
    }
    
    ### CACHE's file name `fastcgi_cache_key` is based on:
    # Protocol / scheme - $scheme. Like http, https, ftp.
    # Request method - $request_method. Like GET, POST, PUT.
    # Host domain / IP - $host. Like, example.com.
    # URI - $request_uri.
    # 'Language' header- $http_language. Like lv, en.
    #
    # 'cid' header- $http_cid. For authorized users. Just like a session id. 
    #
    # Example: 
    #
    ## Structure: 
    # Cache is handled in blocks beginning with `location ~ \index_cached_`.
    # Currently there are 3 blocks based on expiration time and authorization:
    #
    ### Unauthorized
    # * 1h - index_cached_1h (/static-text).
    #
    ### Authorized:
    # * 5min - index_cached_5m_auth (/faq).
    #
    # To use a specific cache you must call the specific block using `try_files $uri /index_cached_.......php?$args;`

    # Cache unauth content for 1h.
    location /static-text {
        try_files $uri /index_cached_1h.php?$args;
    }
    location ~ \index_cached_1h.php$ {
        internal;
        fastcgi_cache_key "$scheme$request_method$host$request_uri$http_language";
        fastcgi_cache cache_1h;
        fastcgi_cache_valid 1h;
        add_header Cache-Status "$upstream_cache_status, 1h" always;
        include snippets/long_requests.conf;
        include snippets/fastcgi-php.conf;
    }

    # Cache auth content for 5 min.
    location /faq {
        set $index_file 'index.php';
        if ($is_auth = true) {
            set $index_file 'index_cached_5m_auth.php';
        }
        try_files $uri /$index_file?$args;
    }
    location ~ \index_cached_5m_auth.php$ {
        internal;
        fastcgi_cache_key "$scheme$request_method$host$request_uri$http_language$http_cid";
        fastcgi_cache cache_5m_auth;
        fastcgi_cache_valid 5m;
        add_header Cache-Status "$upstream_cache_status, 5m_auth" always;

        include snippets/long_requests.conf;
        include snippets/fastcgi-php.conf;
    }
}
# Redirect http to https.
server {
    server_name api.local;
    listen 80;
    listen [::]:80;
    return 302 https://$server_name$request_uri;
}
# http://wiki.nginx.org/Pitfalls http://wiki.nginx.org/QuickStart http://wiki.nginx.org/Configuration /usr/share/doc/nginx-doc/examples/