events {
    worker_connections  64;
}

http {
  server {
    listen 80;
    server_name wallet.localhost;
    location /api/validator {
      rewrite ^\/(.*) /$1 break;
      proxy_pass http://validator:5003/api/validator;
    }
    location / {
      proxy_pass http://wallet-web-ui:8080/;
    }
  }

  server {
    listen 80;
    server_name ans.localhost;
    location /api/validator {
      rewrite ^\/(.*) /$1 break;
      proxy_pass http://validator:5003/api/validator;
    }
    location / {
      proxy_pass http://ans-web-ui:8080/;
    }
  }

  server {
    listen 80;
    server_name validator.localhost;
    location /metrics {
      proxy_pass http://validator:10013/metrics;
    }
  }

  server {
    listen 80;
    server_name participant.localhost;
    location /metrics {
      proxy_pass http://participant:10013/metrics;
    }
  }

  server {
    listen 80;
    server_name json-ledger-api.localhost;
    location / {
      proxy_pass http://participant:7575;
      include /etc/nginx/includes/cors-headers.conf;
    }
  }

  server {
    listen 80 http2;
    server_name grpc-ledger-api.localhost;
    location / {
      grpc_pass grpc://participant:5001;
    }
  }

  # Note: There is no auth at the admin API at this point so this is not exposed
  # exposed by default. If you need it during development, you can enable this section.
  # If you need access in prod, make sure to protect access otherwise, e.g., through network restrictions.
  # server {
  #   listen 80;
  #   http2 on;
  #   server_name grpc-admin-api.localhost;
  #   location / {
  #     grpc_pass grpc://participant:5002;
  #   }
  # }
}