diff --git a/root/defaults/nginx/site-confs/default.conf b/root/defaults/nginx/site-confs/default.conf
deleted file mode 100644
index 15f18d5..0000000
--- a/root/defaults/nginx/site-confs/default.conf
+++ /dev/null
@@ -1,45 +0,0 @@
-## Version 2024/10/11 - Changelog: https://github.com/linuxserver/docker-baseimage-alpine-nginx/commits/master/root/defaults/nginx/site-confs/default.conf.sample
-
-server {
-    listen 80 default_server;
-    listen [::]:80 default_server;
-
-    listen 443 ssl http2 default_server;
-    listen [::]:443 ssl http2 default_server;
-
-    server_name _;
-
-    include /config/nginx/ssl.conf;
-
-    set $root /app/www/public;
-    if (!-d /app/www/public) {
-        set $root /config/www;
-    }
-    root $root;
-    index index.html index.htm index.php;
-
-    location / {
-        # enable for basic auth
-        #auth_basic "Restricted";
-        #auth_basic_user_file /config/nginx/.htpasswd;
-
-        try_files $uri $uri/ /index.html /index.php$is_args$args;
-    }
-
-    location ~ ^(.+\.php)(.*)$ {
-        try_files $fastcgi_script_name =404;
-        fastcgi_split_path_info ^(.+\.php)(.*)$;
-        fastcgi_pass 127.0.0.1:9000;
-        fastcgi_index index.php;
-        include /etc/nginx/fastcgi_params;
-    }
-
-    location ~ ^/api/(.*)$ {
-        try_files /api/index.php?endpoint=$1$is_args$args =400;
-    }
-
-    # deny access to .htaccess/.htpasswd files
-    location ~ /\.ht {
-        deny all;
-    }
-}
diff --git a/root/defaults/nginx/site-confs/default.conf.sample b/root/defaults/nginx/site-confs/default.conf.sample
deleted file mode 100644
index 15f18d5..0000000
--- a/root/defaults/nginx/site-confs/default.conf.sample
+++ /dev/null
@@ -1,45 +0,0 @@
-## Version 2024/10/11 - Changelog: https://github.com/linuxserver/docker-baseimage-alpine-nginx/commits/master/root/defaults/nginx/site-confs/default.conf.sample
-
-server {
-    listen 80 default_server;
-    listen [::]:80 default_server;
-
-    listen 443 ssl http2 default_server;
-    listen [::]:443 ssl http2 default_server;
-
-    server_name _;
-
-    include /config/nginx/ssl.conf;
-
-    set $root /app/www/public;
-    if (!-d /app/www/public) {
-        set $root /config/www;
-    }
-    root $root;
-    index index.html index.htm index.php;
-
-    location / {
-        # enable for basic auth
-        #auth_basic "Restricted";
-        #auth_basic_user_file /config/nginx/.htpasswd;
-
-        try_files $uri $uri/ /index.html /index.php$is_args$args;
-    }
-
-    location ~ ^(.+\.php)(.*)$ {
-        try_files $fastcgi_script_name =404;
-        fastcgi_split_path_info ^(.+\.php)(.*)$;
-        fastcgi_pass 127.0.0.1:9000;
-        fastcgi_index index.php;
-        include /etc/nginx/fastcgi_params;
-    }
-
-    location ~ ^/api/(.*)$ {
-        try_files /api/index.php?endpoint=$1$is_args$args =400;
-    }
-
-    # deny access to .htaccess/.htpasswd files
-    location ~ /\.ht {
-        deny all;
-    }
-}
diff --git a/root/etc/nginx/nginx.conf b/root/etc/nginx/nginx.conf
new file mode 100644
index 0000000..1561fab
--- /dev/null
+++ b/root/etc/nginx/nginx.conf
@@ -0,0 +1,125 @@
+## Version 2024/05/27 - Changelog: https://github.com/linuxserver/docker-baseimage-alpine-nginx/commits/master/root/defaults/nginx/nginx.conf.sample
+
+### Based on alpine defaults
+# https://git.alpinelinux.org/aports/tree/main/nginx/nginx.conf?h=3.20-stable
+
+user abc;
+
+# Set number of worker processes automatically based on number of CPU cores.
+include /config/nginx/worker_processes.conf;
+
+# Enables the use of JIT for regular expressions to speed-up their processing.
+pcre_jit on;
+
+# Configures default error logger.
+error_log /config/log/nginx/error.log;
+
+# Includes files with directives to load dynamic modules.
+include /etc/nginx/modules/*.conf;
+
+# Include files with config snippets into the root context.
+include /etc/nginx/conf.d/*.conf;
+
+events {
+    # The maximum number of simultaneous connections that can be opened by
+    # a worker process.
+    worker_connections 1024;
+}
+
+http {
+    # Includes mapping of file name extensions to MIME types of responses
+    # and defines the default type.
+    include /etc/nginx/mime.types;
+    default_type application/octet-stream;
+
+    # Name servers used to resolve names of upstream servers into addresses.
+    # It's also needed when using tcpsocket and udpsocket in Lua modules.
+    #resolver 1.1.1.1 1.0.0.1 2606:4700:4700::1111 2606:4700:4700::1001;
+    include /config/nginx/resolver.conf;
+
+    # Don't tell nginx version to the clients. Default is 'on'.
+    server_tokens off;
+
+    # Specifies the maximum accepted body size of a client request, as
+    # indicated by the request header Content-Length. If the stated content
+    # length is greater than this size, then the client receives the HTTP
+    # error code 413. Set to 0 to disable. Default is '1m'.
+    client_max_body_size 0;
+
+    # Sendfile copies data between one FD and other from within the kernel,
+    # which is more efficient than read() + write(). Default is off.
+    sendfile on;
+
+    # Causes nginx to attempt to send its HTTP response head in one packet,
+    # instead of using partial frames. Default is 'off'.
+    tcp_nopush on;
+
+    # all ssl related config moved to ssl.conf
+    # included in server blocks where listen 443 is defined
+
+    # Enable gzipping of responses.
+    #gzip on;
+
+    # Set the Vary HTTP header as defined in the RFC 2616. Default is 'off'.
+    gzip_vary on;
+
+    # Helper variable for proxying websockets.
+    map $http_upgrade $connection_upgrade {
+        default upgrade;
+        '' close;
+    }
+
+    # Sets the path, format, and configuration for a buffered log write.
+    access_log /config/log/nginx/access.log;
+
+    # Includes virtual hosts configs.
+    include /etc/nginx/http.d/*.conf;
+
+    #include /config/nginx/site-confs/*.conf;
+    server {
+        listen 80 default_server;
+        listen [::]:80 default_server;
+
+        listen 443 ssl http2 default_server;
+        listen [::]:443 ssl http2 default_server;
+
+        server_name _;
+
+        include /config/nginx/ssl.conf;
+
+        set $root /app/www/public;
+        if (!-d /app/www/public) {
+            set $root /config/www;
+        }
+        root $root;
+        index index.html index.htm index.php;
+
+        location / {
+            # enable for basic auth
+            #auth_basic "Restricted";
+            #auth_basic_user_file /config/nginx/.htpasswd;
+
+            try_files $uri $uri/ /index.html /index.php$is_args$args;
+        }
+
+        location ~ ^(.+\.php)(.*)$ {
+            try_files $fastcgi_script_name =404;
+            fastcgi_split_path_info ^(.+\.php)(.*)$;
+            fastcgi_pass 127.0.0.1:9000;
+            fastcgi_index index.php;
+            include /etc/nginx/fastcgi_params;
+        }
+
+        location ~ ^/api/(.*)$ {
+            try_files $uri /api/index.php?endpoint=$1&$args;
+        }
+
+        # deny access to .htaccess/.htpasswd files
+        location ~ /\.ht {
+            deny all;
+        }
+    }
+}
+
+daemon off;
+pid /run/nginx.pid;
\ No newline at end of file