server {
	listen 80 default_server;
	server_name _; # This is just an invalid value which will never trigger on a real hostname.
	error_log /proc/self/fd/2;
	access_log /proc/self/fd/1;
	return 503;
}

{{ range $host, $containers := groupByMulti $ "Env.VIRTUAL_HOST" "," }}
upstream {{ $host }} {

{{ range $index, $value := $containers }}

	{{ $addrLen := len $value.Addresses }}
	{{/* If only 1 port exposed, use that */}}
	{{ if eq $addrLen 1 }}
		{{ with $address := index $value.Addresses 0 }}
		   # {{$value.Name}}
		   server {{ $address.IP }}:{{ $address.Port }};
		{{ end }}

	{{/* If more than one port exposed, use the one matching VIRTUAL_PORT env var */}}
	{{ else if $value.Env.VIRTUAL_PORT }}
		{{ range $i, $address := $value.Addresses }}
		   {{ if eq $address.Port $value.Env.VIRTUAL_PORT }}
		   # {{$value.Name}}
		   server {{ $address.IP }}:{{ $address.Port }};
		   {{ end }}
		{{ end }}

	{{/* Else default to standard web port 80 */}}
	{{ else }}
		{{ range $i, $address := $value.Addresses }}
			{{ if eq $address.Port "80" }}
			# {{$value.Name}}
			server {{ $address.IP }}:{{ $address.Port }};
			{{ end }}
		{{ end }}
	{{ end }}
{{ end }}
}

{{ $crt := groupBy $containers "Env.SSL_CRT" }}
{{ $key := groupBy $containers "Env.SSL_KEY" }}

{{ if and (eq (len $crt) 1) (eq (len $key) 1) }}

server {
    listen 80;
    server_name {{ $host }};
    rewrite ^(.*) https://{{ $host }}$1 permanent;
}

server {
	gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
    listen 443;
    server_name {{ $host }};
    ssl      on;
    {{ range $crt, $value := $crt }}
    ssl_certificate /ssl/{{ $crt }};
    {{ end }}

    {{ range $key, $value := $key }}
    ssl_certificate_key /ssl/{{ $key }};
    {{ end }}

	proxy_buffering off;
	error_log /proc/self/fd/2;
	access_log /proc/self/fd/1;

	location / {
		proxy_pass http://{{ $host }};
		include /etc/nginx/proxy_params;

		# HTTP 1.1 support
		proxy_http_version 1.1;
		proxy_set_header Connection "";
	}

}

{{/* if there is not a ssl_crt env variable */}}
{{ else }}

server {
	gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;

	server_name {{ $host }};
	proxy_buffering off;
	error_log /proc/self/fd/2;
	access_log /proc/self/fd/1;

	location / {
		proxy_pass http://{{ $host }};
		include /etc/nginx/proxy_params;

		# HTTP 1.1 support
		proxy_http_version 1.1;
		proxy_set_header Connection "";
	}
}
{{ end }}
{{ end }}