server {
  listen 80;
  server_name _;
  root /var/www/html/public;

  index index.php;

  # Healthcheck endpoint
  location = /healthz { return 200 'ok'; add_header Content-Type text/plain; }

  # Static files
  location ~* \.(jpg|jpeg|png|gif|ico|svg|css|js|woff2?|ttf|eot)$ {
    access_log off;
    log_not_found off;
    expires max;
    try_files $uri =404;
  }

  # Front controller
  location / {
    try_files $uri /index.php$is_args$args;
    autoindex on;
  }

  location ~ \.php$ {
    include fastcgi_params;
    fastcgi_pass php:9000; # matches service name "php"
    fastcgi_split_path_info ^(.+\.php)(/.+)$;
    fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
    fastcgi_param DOCUMENT_ROOT $realpath_root;
    internal;
  }

  # Security
  location ~ /\. {
    deny all;
  }

  client_max_body_size 50M;
  sendfile on;
}