server {
  listen 80;
  server_name manager.example.com;
  root /usr/share/lemonldap-ng/manager/htdocs/;
  # Use "lm_app" format to get username in nginx.log (see nginx-lmlog.conf)
  #access_log /var/log/nginx/portal.log lm_app;

  # Uncomment this if you are running behind a reverse proxy and want
  # LemonLDAP::NG to see the real IP address of the end user
  # Adjust the settings to match the IP address of your reverse proxy
  # and the header containing the original IP address
  # As an alternative, you can use the PROXY protocol
  #
  #set_real_ip_from  127.0.0.1;
  #real_ip_header    X-Forwarded-For;

  if ($uri !~ ^/(.*\.psgi|static|doc|lib|javascript|favicon)) {
    rewrite ^/(.*)$ /manager.psgi/$1 break;
  }

  location ~ ^(?<sc>/.*\.psgi)(?:$|/) {

    # FastCGI configuration
    include /etc/nginx/fastcgi_params;
    fastcgi_pass unix:/var/run/llng-fastcgi-server/llng-fastcgi.sock;
    fastcgi_param LLTYPE psgi;
    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    fastcgi_split_path_info ^(.*\.psgi)(/.*)$;
    fastcgi_param PATH_INFO  $fastcgi_path_info;

    # OR TO USE uWSGI
    #include /etc/nginx/uwsgi_params;
    #uwsgi_pass 127.0.0.1:5000;
    #uwsgi_param LLTYPE psgi;
    #uwsgi_param SCRIPT_FILENAME $document_root$sc;
    #uwsgi_param SCRIPT_NAME $sc;

    # Uncomment this if you use https only
    #add_header Strict-Transport-Security "max-age=15768000";
  }

  location / {
    index manager.psgi;
    try_files $uri $uri/ =404;
    allow 127.0.0.0/8;
    deny all;
  }

  location /doc/ {
    alias /usr/share/doc/lemonldap-ng-doc/;
    index index.html start.html;
  }
  location /lib/ {
    alias /usr/share/doc/lemonldap-ng-doc/pages/documentation/current/lib/;
  }
  location /static/ {
    alias /usr/share/lemonldap-ng/manager/htdocs/static/;
  }

  # DEBIAN
  # If install was made with USEDEBIANLIBS (official releases), uncomment this
  #location /javascript/ {
  #  alias /usr/share/javascript/;
  #}

}