server {
    server_name ppt24.com www.ppt24.com;
    root /var/www/ppt24.com/frontend;
    index index.html;

    # Serve static assets with a far-future expiration date
    location ~* \.(?:css|js|jpg|jpeg|gif|png|ico|svg|woff|woff2|ttf|eot)$ {
        expires 30d;
        add_header Cache-Control "public, no-transform";
        try_files $uri =404;
    }

    # Redirect requests for non-existent files to index.html (SPA support)
    location / {
        try_files $uri $uri/ /index.html =404;
        add_header Cache-Control "no-store, no-cache, must-revalidate";
    }

    # API requests proxy to backend
    location /api {
        proxy_pass http://localhost:5000;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_set_header Host $host;
        proxy_cache_bypass $http_upgrade;
    }

    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/ppt24.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/ppt24.com/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}

server {
    if ($host = www.ppt24.com) {
        return 301 https://$host$request_uri;
    }

    if ($host = ppt24.com) {
        return 301 https://$host$request_uri;
    }

    listen 80;
    server_name ppt24.com www.ppt24.com;
    return 404;
}