From 649505d869ff7a04d894fb2322428d0cfb82100e Mon Sep 17 00:00:00 2001
From: Bianca Nenciu <nbianca@users.noreply.github.com>
Date: Tue, 4 Feb 2025 15:21:33 +0200
Subject: [PATCH] DEV: Add 'include' statements for outlets in nginx config
 (#30929)

The 'include' statements serve as extension outlets that are populated
by discourse/discourse_docker.
---
 config/nginx.sample.conf | 38 ++++++++++++++++----------------------
 1 file changed, 16 insertions(+), 22 deletions(-)

diff --git a/config/nginx.sample.conf b/config/nginx.sample.conf
index b8873880313..be7d1fa04f8 100644
--- a/config/nginx.sample.conf
+++ b/config/nginx.sample.conf
@@ -1,14 +1,13 @@
 # Additional MIME types that you'd like nginx to handle go in here
 types {
-    text/csv csv;
-    application/wasm wasm;
-    font/ttf ttf;
-    font/otf otf;
+  text/csv csv;
+  application/wasm wasm;
+  font/ttf ttf;
+  font/otf otf;
 }
 
 upstream discourse {
-  server unix:/var/www/discourse/tmp/sockets/nginx.http.sock;
-  server unix:/var/www/discourse/tmp/sockets/nginx.https.sock;
+  server 127.0.0.1:3000;
 }
 
 # inactive means we keep stuff around for 1440m minutes regardless of last access (1 week)
@@ -40,11 +39,15 @@ geo $bypass_cache {
   ::1             1;
 }
 
-server {
+include conf.d/outlets/before-server/*.conf;
 
+server {
   access_log /var/log/nginx/access.log log_discourse;
 
   listen 80;
+
+  include conf.d/outlets/server/*.conf;
+
   gzip on;
   gzip_vary on;
   gzip_min_length 1000;
@@ -52,19 +55,7 @@ server {
   gzip_types application/json text/css text/javascript application/x-javascript application/javascript image/svg+xml application/wasm font/ttf font/otf;
   gzip_proxied any;
 
-  # Uncomment and configure this section for HTTPS support
-  # NOTE: Put your ssl cert in your main nginx config directory (/etc/nginx)
-  #
-  # rewrite ^/(.*) https://enter.your.web.hostname.here/$1 permanent;
-  #
-  # listen 443 ssl;
-  # ssl_certificate your-hostname-cert.pem;
-  # ssl_certificate_key your-hostname-cert.key;
-  # ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
-  # ssl_ciphers HIGH:!aNULL:!MD5;
-  #
-
-  server_name enter.your.web.hostname.here;
+  server_name _;
   server_tokens off;
 
   sendfile on;
@@ -181,7 +172,6 @@ server {
     }
 
     location ~ ^/uploads/ {
-
       # NOTE: it is really annoying that we can't just define headers
       # at the top level and inherit.
       #
@@ -206,14 +196,17 @@ server {
           add_header Access-Control-Allow-Origin *;
           try_files $uri =404;
       }
+
       # this allows us to bypass rails
       location ~* \.(gif|png|jpg|jpeg|bmp|tif|tiff|ico|webp|avif)$ {
           add_header Access-Control-Allow-Origin *;
           try_files $uri =404;
       }
+
       # SVG needs an extra header attached
       location ~* \.(svg)$ {
       }
+
       # thumbnails & optimized images
       location ~ /_?optimized/ {
           add_header Access-Control-Allow-Origin *;
@@ -291,6 +284,8 @@ server {
   }
 
   location @discourse {
+    include conf.d/outlets/discourse/*.conf;
+
     proxy_set_header Host $http_host;
     proxy_set_header X-Request-Start "t=${msec}";
     proxy_set_header X-Real-IP $remote_addr;
@@ -301,5 +296,4 @@ server {
     proxy_set_header Client-Ip "";
     proxy_pass http://discourse;
   }
-
 }