server {
	#Redirect HTTP to HTTPS
	listen         [::]:80;
	return 301 https://$host$request_uri;
}

server {
	listen 443;

	ssl on;
	ssl_certificate /usr/share/nginx/conf/server.crt;
	ssl_certificate_key /usr/share/nginx/conf/server.key;

	ssl_session_timeout 5m;

	ssl_protocols SSLv3 TLSv1;
	ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP;
	ssl_prefer_server_ciphers on;

	#Change this to match your root directory
	root /usr/share/nginx/www;
	index index.php index.html index.htm;

	# Make site accessible from http://localhost/
	server_name localhost;

	location / {
		# First attempt to serve request as file, then
		# as directory, then fall back to displaying a 404.
		try_files $uri $uri/ =404;
		# Uncomment to enable naxsi on this location
		# include /etc/nginx/naxsi.rules
	}

	# Only for nginx-naxsi used with nginx-naxsi-ui : process denied requests
	#location /RequestDenied {
	#	proxy_pass http://127.0.0.1:8080;    
	#}

	#error_page 404 /404.html;

	# redirect server error pages to the static page /50x.html
	#
	#error_page 500 502 503 504 /50x.html;
	#location = /50x.html {
	#	root /usr/share/nginx/html;
	#}

	# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
	#
	location ~ \.php$ {
		fastcgi_split_path_info ^(.+\.php)(/.+)$;
	#	# NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
	#
	#	# With php5-cgi alone:
	#	fastcgi_pass 127.0.0.1:9000;
	#	# With php5-fpm:
		fastcgi_pass unix:/var/run/php5-fpm.sock;
		fastcgi_index index.php;
		include fastcgi_params;
	}

	# deny access to .htaccess files, if Apache's document root
	# concurs with nginx's one
	#
	location ~ /\.ht {
		deny all;
	}
	
	#MCTX API
	location /api {
		#Login area
		location ^~ /api/control {
			#Uncomment to add back login
			#auth_basic "Restricted Access";
			#auth_basic_user_file /usr/share/nginx/access/.htpasswd;
	
			fastcgi_pass 127.0.0.1:9005;
			fastcgi_param DOCUMENT_URI_LOCAL control;
			include fastcgi_params;
		}

		#Program log
		location ^~ /api/log {
			alias /var/log/mctxserv.log;
			default_type text/plain;
		}

		#Program error log
		location ^~ /api/errorlog {
			alias /var/log/mctxserv-error.log;
			default_type text/plain;
		}

		location ~ ^/api/?([^?]*) {
			fastcgi_pass 127.0.0.1:9005;
			fastcgi_param DOCUMENT_URI_LOCAL $1;
			include fastcgi_params;
		}
	}
}


# another virtual host using mix of IP-, name-, and port-based configuration
#
#server {
#	listen 8000;
#	listen somename:8080;
#	server_name somename alias another.alias;
#	root html;
#	index index.html index.htm;
#
#	location / {
#		try_files $uri $uri/ =404;
#	}
#}


# HTTPS server
#
#server {
#	listen 443;
#	server_name localhost;
#
#	root html;
#	index index.html index.htm;
#
#	ssl on;
#	ssl_certificate cert.pem;
#	ssl_certificate_key cert.key;
#
#	ssl_session_timeout 5m;
#
#	ssl_protocols SSLv3 TLSv1;
#	ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP;
#	ssl_prefer_server_ciphers on;
#
#	location / {
#		try_files $uri $uri/ =404;
#	}
#}