apiVersion: v1
kind: ConfigMap
metadata:
  name: {{ include "wordpress-nginx.fullname" . }}-nginx-config
  labels:
    {{- include "wordpress-nginx.labels" . | nindent 4 }}
data:
  default.conf: |
    upstream php {
        server 127.0.0.1:9000;
    }

    map $http_x_forwarded_for $real_ip {
        ~^(\d+\.\d+\.\d+\.\d+) $1;
        default $remote_addr;
    }

    map $http_x_forwarded_proto $fastcgi_https {
        default '';
        https on;
    }

    server {
        listen 80;
        server_name _;
        
        root /var/www/html;
        index index.php;

        access_log /var/log/nginx/access.log;
        error_log /var/log/nginx/error.log;

        client_max_body_size 64M;

        real_ip_header X-Forwarded-For;
        set_real_ip_from 10.0.0.0/8;
        set_real_ip_from 172.16.0.0/12;
        set_real_ip_from 192.168.0.0/16;
        real_ip_recursive on;

        location = /favicon.ico {
            log_not_found off;
            access_log off;
        }

        location = /robots.txt {
            allow all;
            log_not_found off;
            access_log off;
        }

        location / {
            try_files $uri $uri/ /index.php?$args;
        }

        location ~ \.php$ {
            include fastcgi_params;
            fastcgi_intercept_errors on;
            fastcgi_pass php;
            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
            fastcgi_param HTTPS $fastcgi_https;
            fastcgi_param HTTP_X_FORWARDED_PROTO $http_x_forwarded_proto;
            fastcgi_param HTTP_X_FORWARDED_FOR $http_x_forwarded_for;
            fastcgi_param HTTP_X_REAL_IP $real_ip;
            fastcgi_param REMOTE_ADDR $real_ip;
        }

        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
            expires max;
            log_not_found off;
        }
    }