# Plesk → Domains → <your-domain> → Apache & nginx Settings →
# "Additional nginx directives". Paste the blocks below (adjust the storage path).
#
# Plesk already terminates SSL (Let's Encrypt) and proxies to Apache; these
# directives make nginx proxy directly to the Next.js standalone server instead,
# and serve public cover art straight from disk.

# Public cover art only (MP3s stay private, served via the authed /api/assets route).
location /media/art/ {
    alias /var/www/vhosts/PODCASTYES_DOMAIN/storage/art/;
    expires 7d;
    add_header Cache-Control "public";
    access_log off;
}

# Proxy everything else to the Next.js web process (PM2 podcastyes-web on :3000).
location / {
    proxy_pass http://127.0.0.1:3000;
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;

    # Critical for Server-Sent Events (episode generation progress stream):
    proxy_buffering off;
    proxy_cache off;
    proxy_read_timeout 3600s;
}