server {
    listen 80;
    server_name localhost;
    root /usr/share/nginx/html;
    index index.html;

    # Compression
    gzip on;
    gzip_static on;
    brotli_static on;
    gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;

    # Assets & Fonts
    location ~* \.(?:css|js|woff2?|png|jpg|ico|svg)$ {
        expires 1y;
        add_header Cache-Control "public, max-age=31536000, immutable";
        access_log off;
    }

    location / {
        try_files $uri $uri/ /index.html;
        
        add_header Cache-Control "no-cache, no-store, must-revalidate";
        add_header Pragma "no-cache";
        add_header Expires "0";

        # CSP Report Only
        add_header Referrer-Policy "strict-origin-when-cross-origin" always;

        add_header Content-Security-Policy-Report-Only "default-src 'self' *.mangopig.tech; script-src 'self' 'unsafe-inline' *.mangopig.tech; style-src 'self' 'unsafe-inline' *.mangopig.tech; img-src 'self' data: *.mangopig.tech; font-src 'self' data: *.mangopig.tech; connect-src 'self'" always;
    }

    # 404 Handling
    error_page 404 /404.html;
    location = /404.html {
        internal;
    }
}