user nginx;
worker_processes auto;
pid /run/nginx.pid;

load_module /usr/lib64/nginx/modules/ngx_stream_module.so;

events {
        worker_connections 1048576;
        multi_accept on;
        use epoll;
}

http {

    resolver 169.254.169.253 ipv6=off;

    server {
        listen 80 proxy_protocol;
        location / {
            proxy_set_header Host $host;
            proxy_pass  http://$host:80;
            proxy_http_version 1.1;
        }
        set_real_ip_from 192.168.0.0/16;
        real_ip_header proxy_protocol;
    }
    include /etc/nginx/ipcontrol.conf;

    log_format  basic   '$time_iso8601 $remote_addr $proxy_protocol_addr $proxy_protocol_port $request_uri $server_port '
                        '$status $upstream_addr $upstream_bytes_sent $upstream_bytes_received $upstream_connect_time';

    access_log  /var/log/nginx/http_access.log basic;
    error_log   /var/log/nginx/http_error.log crit;

}

stream {

    resolver 169.254.169.253 ipv6=off;

    map $bytes_received $notAHealthCheck {
    "~0"            0;
    default         1;
    }

    server {
        listen 443 proxy_protocol;
        proxy_pass $ssl_preread_server_name:$server_port;
        ssl_preread on;
        set_real_ip_from 192.168.0.0/16;
    }
    
    include /etc/nginx/ipcontrol.conf;

    log_format  basic   '$time_iso8601 $remote_addr $proxy_protocol_addr $proxy_protocol_port $protocol $server_port '
                        '$status $upstream_addr $upstream_bytes_sent $upstream_bytes_received $session_time  $upstream_connect_time';

    access_log  /var/log/nginx/stream_access.log basic if=$notAHealthCheck;
    error_log   /var/log/nginx/stream_error.log crit;

}