server {
    listen 80 default_server backlog=4096 reuseport;
    listen [::]:80 ipv6only=on default_server backlog=4096 reuseport;
    listen 443 ssl default_server backlog=4096 reuseport;
    listen [::]:443 ssl ipv6only=on default_server backlog=4096 reuseport;

    root /var/www/html;

    ssl_certificate     /etc/nginx/ssl/egress.yandex.net.cert;
    ssl_certificate_key /etc/nginx/ssl/egress.yandex.net.key;
    ssl_prefer_server_ciphers on;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
    ssl_ciphers kEECDH+AESGCM+AES128:TLS-CHACHA20-POLY1305-SHA256:kEECDH+AES128:kRSA+AESGCM+AES128:kRSA+AES128:DES-CBC3-SHA:!RC4:!aNULL:!eNULL:!MD5:!EXPORT:!LOW:!SEED:!CAMELLIA:!IDEA:!PSK:!SRP:!SSLv2;
    ssl_session_cache    shared:SSL:64m;
    ssl_session_timeout  28h;

    log_by_lua_file /etc/nginx/lua/solomon-metrics.lua;

    server_name _;
    location / {
        set $true 1;

        error_page 418 = @query20;
        error_page 419 = @query10;
        error_page 420 = @query50;

        if ( $arg_size = "20" ) { return 418; }
        if ( $arg_size = "10" ) { return 419; }
        if ( $arg_size = "50" ) { return 420; }
        if ( $arg_size = "51200" ) { return 420; }
        if ( $true ) { return 404; }
    }

    location @query20 {
        types { } default_type "video/mp4";
        add_header Access-Control-Allow-Origin $http_origin;
        add_header Access-Control-Allow-Credentials true;
        add_header Access-Control-Allow-Headers "Origin, X-Requested-With, Content-Type, Accept, Range";
        add_header Access-Control-Expose-Headers Date;
        add_header Timing-Allow-Origin $http_origin;
        add_header Expires "Thu, 01 Jan 1970 00:00:01 GMT";
        add_header Cache-Control no-cache;
        try_files /data20 =404;
    }

    location @query10 {
        types { } default_type "video/mp4";
        add_header Access-Control-Allow-Origin $http_origin;
        add_header Access-Control-Allow-Credentials true;
        add_header Access-Control-Allow-Headers "Origin, X-Requested-With, Content-Type, Accept, Range";
        add_header Access-Control-Expose-Headers Date;
        add_header Timing-Allow-Origin $http_origin;
        add_header Expires "Thu, 01 Jan 1970 00:00:01 GMT";
        add_header Cache-Control no-cache;
        try_files /data10 =404;
    }

    location @query50 {
        types { } default_type "video/mp4";
        add_header Access-Control-Allow-Origin $http_origin;
        add_header Access-Control-Allow-Credentials true;
        add_header Access-Control-Allow-Headers "Origin, X-Requested-With, Content-Type, Accept, Range";
        add_header Access-Control-Expose-Headers Date;
        add_header Timing-Allow-Origin $http_origin;
        add_header Expires "Thu, 01 Jan 1970 00:00:01 GMT";
        add_header Cache-Control no-cache;
        try_files /data50 =404;
    }
    location /nginx_status {
        stub_status;
        allow 127.0.0.1;
        deny all;
    }
    location /ping {
        root /var/www/html;
    }
    location = /favicon.ico {
        return        204;
        access_log    off;
        log_not_found off;
    }
}

