user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;

events {
    worker_connections 4096;
    use epoll;
    multi_accept on;
}

http {
    # 基础配置
    include /etc/nginx/mime.types;
    default_type application/octet-stream;

    # 日志格式
    log_format main '$remote_addr - $remote_user [$time_local] "$request" '
                    '$status $body_bytes_sent "$http_referer" '
                    '"$http_user_agent" "$http_x_forwarded_for" '
                    'rt=$request_time uct="$upstream_connect_time" '
                    'uht="$upstream_header_time" urt="$upstream_response_time"';

    access_log /var/log/nginx/access.log main;

    # 性能优化
    sendfile on;
    tcp_nopush on;
    tcp_nodelay on;
    keepalive_timeout 65;
    types_hash_max_size 2048;

    # 压缩
    gzip on;
    gzip_vary on;
    gzip_proxied any;
    gzip_comp_level 6;
    gzip_types text/plain text/css text/xml application/json application/javascript application/rss+xml application/atom+xml image/svg+xml;

    # 限流配置
    limit_req_zone $binary_remote_addr zone=general:10m rate=100r/s;
    limit_req_zone $binary_remote_addr zone=api_strict:10m rate=10r/s;
    
    # 连接限制
    limit_conn_zone $binary_remote_addr zone=addr:10m;

    # 上游服务 —— 通过 Docker 内部 DNS（服务名）访问，统一由根目录 docker-compose 编排
    upstream user_service {
        least_conn;
        server user-service:8080 max_fails=3 fail_timeout=30s;
        keepalive 32;
    }

    # 以下服务尚未实现，临时标记为 down，避免启动时 DNS 解析失败
    upstream order_service {
        least_conn;
        server 127.0.0.1:9999 down;
        keepalive 32;
    }

    upstream payment_service {
        least_conn;
        server 127.0.0.1:9999 down;
        keepalive 32;
    }

    # 包含子配置
    include /etc/nginx/conf.d/*.conf;
}