server {
	listen 80 default_server;
	listen [::]:80 default_server;
	server_name matrix.envs.net turn.envs.net;

	location / {
		return 307 https://$host$request_uri;
	}

	location /.well-known/acme-challenge/ {
		alias /var/lib/letsencrypt/.well-known/acme-challenge/;
	}
}


# WORKERS
upstream generic_worker_ih {
       ip_hash;
       server localhost:8510;
       server localhost:8511;
       server localhost:8512;
       server localhost:8513;
}
upstream generic_worker_lc {
       least_conn;
       server localhost:8510;
       server localhost:8511;
       server localhost:8512;
       server localhost:8513;
}
## STREAM WORKER
upstream generic_worker_lc_instancemap {
       least_conn;
       server localhost:8510;
       server localhost:8511;
       server localhost:8512;
}


server {
	listen 443 ssl http2 default_server;
	listen [::]:443 ssl http2 default_server;
	server_name matrix.envs.net;

	include snippets/ssl.conf;

	## well-known
	location /.well-known/matrix/support {
		add_header Access-Control-Allow-Origin '*' always;
		add_header Content-Type application/json;
		return 200 '{"admins": [{"matrix_id": "@creme:envs.net", "email_address": "hostmaster@envs.net", "role": "admin"}], "support_page": "https://matrix.to/#/#envs:envs.net"}';
	}

	location /.well-known/matrix/server {
		add_header Access-Control-Allow-Origin '*' always;
		add_header Content-Type application/json;
		return 200 '{"m.server": "matrix.envs.net:443"}';
	}

	location /.well-known/matrix/client {
		add_header Access-Control-Allow-Origin '*' always;
		add_header Content-Type application/json;
		return 200 '{"m.homeserver": {"base_url": "https://matrix.envs.net"}, "m.integrations": {"managers": [{"ui_url": "https://dimension.envs.net/riot", "api_url": "https://dimension.envs.net/api/v1/scalar"}, {"ui_url": "https://scalar.vector.im/", "api_url": "https://scalar.vector.im/api"}]}, "m.integrations_widget": {"url": "https://dimension.envs.net/riot", "data": {"api_url": "https://dimension.envs.net/api/v1/scalar"}}}';
	}

	# workers
	include include.d/generic_worker.conf;

	# mjolnir report
	include include.d/mjolnir-report.conf;

	##
	location ~ ^(/_matrix|/_synapse/client) {
		include include.d/synapse-proxy.conf;
		proxy_pass http://localhost:8008;
	}
	# /synapse/admin
	include include.d/synapse-admin.conf;

	# media-repo
	include include.d/media-repo.conf;

	# MAUBOT
	include include.d/maubot.conf;

	##
	location / {
		include include.d/synapse-proxy.conf;
		proxy_pass http://localhost:8008;
	}
}

server {
        listen 8448 ssl http2;
	listen [::]:8448 ssl http2;
        server_name matrix.envs.net;

        include snippets/ssl.conf;

        location / {
		include include.d/synapse-proxy.conf;
                proxy_pass http://localhost:8008;
        }
}