worker_processes  1;

events {
    worker_connections  1024;
}

http {
	lua_shared_dict limit_cache 10m;
    include       mime.types;
    default_type  application/octet-stream;
    sendfile        on;
    keepalive_timeout  65;
	client_max_body_size	1024m;
	
	upstream minio-server {
		server 117.73.3.135:9000;
	}
	
	lua_package_path "/usr/local/openresty/nginx/conf/lua/?.lua;;";
	server {
        listen       83;
        server_name  localhost;

		location /download {
			set_by_lua_block $tenant_id {
                return ngx.var.arg_tenant_id or "default"
            }

			set_by_lua_block $file_key {
                return ngx.var.arg_file_key
            }

			access_by_lua_block {
                local limiter = require "bandwidth_limiter"
                local proxy = require "file_proxy"

                local tenant_id = ngx.var.tenant_id
                local file_key = ngx.var.file_key

                local rate = limiter.register_device(tenant_id)
                ngx.var.limit_rate = rate
                ngx.ctx.tenant_id = tenant_id

                local url = proxy.get_minio_url(file_key)
                if not url then
                    return ngx.exit(400)
                end

                local parsed = url:match("https?://[^/]+(/.+)")
                if not parsed then
                    return ngx.exit(400)
                end

                return ngx.exec("/internal_minio" .. parsed)
            }

            log_by_lua_block {
                local limiter = require "bandwidth_limiter"
                if ngx.ctx.tenant_id then
                    limiter.unregister_device(ngx.ctx.tenant_id)
                end
            }
		}

		# 代理 MinIO 的内部 location
		location ~ ^/internal_minio/(.*)$ {
			internal;
			limit_rate $limit_rate;
			proxy_pass http://minio-server/$1;
			proxy_set_header Host $host;
		}
	}	
}