server {
    listen 80;
    listen [::]:80;
    server_name _;
    root /var/www/html/public;

    add_header X-Frame-Options "SAMEORIGIN";
    add_header X-Content-Type-Options "nosniff";

    index index.php;

    charset utf-8;

    location = /favicon.ico { access_log off; log_not_found off; }
    location = /robots.txt  { access_log off; log_not_found off; }

    # Configuration spéciale pour l'endpoint SSE - DOIT être avant la location générale PHP
    location /mcp/sse {
        try_files $uri /index.php?$query_string;

        fastcgi_pass mcp-php:9000;
        fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
        include fastcgi_params;
        fastcgi_hide_header X-Powered-By;

        # Timeouts pour SSE - connexions long-polling
        fastcgi_read_timeout 3600s;
        fastcgi_send_timeout 3600s;

        # Headers pour SSE
        fastcgi_buffering off;
        fastcgi_request_buffering off;

        # Headers SSE spécifiques
        add_header Cache-Control "no-cache";
        add_header Connection "keep-alive";
        add_header Access-Control-Allow-Origin "*";
        add_header Access-Control-Allow-Headers "Cache-Control";

        # Force le flush des données
        gzip off;
    }

    location / {
        try_files $uri $uri/ /index.php?$query_string;
    }

    error_page 404 /index.php;

    location ~ \.php$ {
        fastcgi_pass mcp-php:9000;
        fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
        include fastcgi_params;
        fastcgi_hide_header X-Powered-By;
    }

    location ~ /\.(?!well-known).* {
        deny all;
    }
}