send_timeout $GATEWAY_SEND_TIMEOUT;
keepalive_timeout           $GATEWAY_SEND_TIMEOUT;
proxy_connect_timeout       $GATEWAY_PROXY_TIMEOUT;
proxy_send_timeout          $GATEWAY_PROXY_TIMEOUT;
client_header_timeout       $GATEWAY_SEND_TIMEOUT;
client_body_timeout         $GATEWAY_SEND_TIMEOUT;
fastcgi_read_timeout        $GATEWAY_FASTCGI_TIMEOUT;

map $request_method $postlimit {
  default         "";
  POST            $binary_remote_addr;
}

map $request_method $getlimit {
  default         "";
  GET            $binary_remote_addr;
}

limit_req_status 429;
limit_req_zone $getlimit zone=readlimitsbyip:$HTTP_READ_REQUEST_LIMIT_MEMORYm rate=$HTTP_READ_REQUEST_LIMIT_RATEr/s;
limit_req_zone $postlimit zone=writelimitsbyip:$HTTP_WRITE_REQUEST_LIMIT_MEMORYm rate=$HTTP_WRITE_REQUEST_LIMIT_RATEr/s;
resolver $NEW_RESOLVER;

upstream backend {
    server phraseanet:9000;
}

#upstream samlsp {
#    server phraseanet-saml-sp:8080;
#}

server {
    listen       80;
    root         /var/alchemy/Phraseanet/www;

    index        index.php;
    client_max_body_size $MAX_BODY_SIZE;

    location /api {
        if (-f /var/alchemy/Phraseanet/datas/nginx/maintenance.html) {
            return 503;
        }
        rewrite ^(.*)$ /api.php/$1 last;
    }

    location / {

        error_page 503 = @maintenance;
        recursive_error_pages on;
        if (-f /var/alchemy/Phraseanet/datas/nginx/maintenance.html) {
            return 503;
        }
        # First attempt to serve request as file, then
        # as directory, then fall back to index.html
        try_files $uri $uri/ @rewriteapp;
        limit_req zone=readlimitsbyip burst=$HTTP_READ_REQUEST_LIMIT_BURST nodelay;
        limit_req zone=writelimitsbyip burst=$HTTP_WRITE_REQUEST_LIMIT_BURST nodelay;
    }

    location @rewriteapp {
        rewrite ^(.*)$ /index.php/$1 last;
    }

    # PHP scripts -> PHP-FPM server listening on 127.0.0.1:9000
    location ~ ^/(index|index_dev|api)\.php(/|$) {
        fastcgi_pass   backend;
        fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
        include        fastcgi_params;
        $GATEWAY_FASTCGI_HTTPS
        include        restrictions;
    }

    location ~ ^/(status|ping)$ {
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        fastcgi_index index.php;
        include fastcgi_params;
        include fastcgi_extended_params;
        fastcgi_pass backend;
    }

    location  /simplesaml/ {
        proxy_redirect off;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        set $target $NEW_TARGET:8080;
        proxy_pass http://$target;

    }

    location @maintenance {
        root /var/alchemy/Phraseanet/datas/nginx/;
        try_files $uri /maintenance.html;
    }
}