events {
    worker_connections 1024;
    multi_accept on;
    use epoll;
}

http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;

    sendfile        on;
    keepalive_timeout  65;
    
    # Disable access logs for cleaner output
    access_log off;
    error_log /var/log/nginx/error.log warn;

    server {
        listen       80;
        server_name  _;
        
        # Root is set to uploads directory
        root         /var/www/html/uploads;
        index        index.html index.htm;

        # Strip /uploads/ prefix if present (from Caddy routing)
        location ~ ^/uploads/(.*)$ {
            rewrite ^/uploads/(.*)$ /$1 break;
            try_files $uri =404;
        }

        # Direct access without /uploads/ prefix
        location / {
            try_files $uri $uri/ =404;
        }

        # Enable directory listing for uploads
        autoindex on;
        autoindex_exact_size off;
        autoindex_localtime on;

        # Security: deny access to database files
        location ~ \.(sqlite3|db)$ {
            deny all;
            return 404;
        }

        # Set proper MIME types for common file types
        location ~* \.(jpg|jpeg|png|gif|ico|svg|pdf|zip|tar|gz|mov|mp4|avi)$ {
            expires 30d;
            add_header Cache-Control "public, immutable";
        }
    }
}