server {
    listen 80;
    server_name _;

    # v2 widget — served from image, short cache OK (changes only on redeploy)
    location = /api/v2/lagaufre.js {
        alias /usr/share/nginx/html/widget/lagaufre.js;
        add_header Content-Type "application/javascript; charset=utf-8";
        add_header Access-Control-Allow-Origin "*";
        add_header Cache-Control "public, max-age=3600";
    }

    # v2 services — mounted from ConfigMap (contains expanded DOMAIN_SUFFIX URLs)
    location = /api/v2/services.json {
        alias /etc/integration/services.json;
        add_header Content-Type "application/json; charset=utf-8";
        add_header Access-Control-Allow-Origin "*";
        add_header Cache-Control "no-cache";
    }

    # SVG logos — served from image, long cache (change only on redeploy)
    location ~ ^/logos/[a-zA-Z0-9_-]+\.svg$ {
        root /usr/share/nginx/html;
        add_header Content-Type "image/svg+xml";
        add_header Access-Control-Allow-Origin "*";
        add_header Cache-Control "public, max-age=86400";
    }

    # v2 theme — brand CSS variable overrides served from image
    location = /api/v2/theme.css {
        alias /usr/share/nginx/html/theme.css;
        add_header Content-Type "text/css; charset=utf-8";
        add_header Access-Control-Allow-Origin "*";
        add_header Cache-Control "public, max-age=3600";
    }

    # v1 gaufre.js — thin wrapper served from image (no DOMAIN_SUFFIX needed)
    location = /api/v1/gaufre.js {
        alias /usr/share/nginx/html/gaufre.js;
        add_header Content-Type "application/javascript; charset=utf-8";
        add_header Access-Control-Allow-Origin "*";
    }

    location / {
        return 404;
    }
}