refactor: consolidate Nginx configurations into a single file

- Merged individual Nginx configuration files for Grafana, Prometheus, and Alertmanager into a unified nginx.conf.
- Added location blocks for Grafana, Prometheus, and Alertmanager with appropriate proxy settings, authentication, and rate limiting.
- Removed obsolete configuration files to streamline the Nginx setup and improve maintainability.

infra/nginx/nginx.conf

@@ -264,7 +264,140 @@ http {
             }
         }
 
-        # Include other location configurations
-        include /etc/nginx/conf.d/*.conf;
+        # Grafana proxy configuration
+        location /grafana/ {
+            proxy_pass http://grafana_backend;
+            proxy_set_header Host $host;
+            proxy_set_header X-Real-IP $remote_addr;
+            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+            proxy_set_header X-Forwarded-Proto $scheme;
+            proxy_set_header X-Forwarded-Host $host;
+            proxy_set_header X-Forwarded-Port $server_port;
+
+            # WebSocket support for Grafana
+            proxy_http_version 1.1;
+            proxy_set_header Upgrade $http_upgrade;
+            proxy_set_header Connection "upgrade";
+
+            # Timeouts
+            proxy_connect_timeout 60s;
+            proxy_send_timeout 60s;
+            proxy_read_timeout 60s;
+
+            # Buffer settings
+            proxy_buffering on;
+            proxy_buffer_size 4k;
+            proxy_buffers 8 4k;
+            proxy_busy_buffers_size 8k;
+        }
+
+        # Prometheus proxy configuration with authentication
+        location /prometheus/ {
+            # HTTP Basic Authentication
+            auth_basic "Prometheus Monitoring";
+            auth_basic_user_file /etc/nginx/passwords/monitoring.htpasswd;
+            
+            # Rate limiting
+            limit_req zone=api burst=10 nodelay;
+            
+            proxy_pass http://prometheus_backend/prometheus/;
+            proxy_redirect /prometheus/ /prometheus/;
+            proxy_set_header Host $host;
+            proxy_set_header X-Real-IP $remote_addr;
+            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+            proxy_set_header X-Forwarded-Proto $scheme;
+            proxy_set_header X-Forwarded-Host $host;
+            proxy_set_header X-Forwarded-Port $server_port;
+
+            # Timeouts
+            proxy_connect_timeout 30s;
+            proxy_send_timeout 30s;
+            proxy_read_timeout 30s;
+
+            # Buffer settings
+            proxy_buffering on;
+            proxy_buffer_size 4k;
+            proxy_buffers 8 4k;
+            proxy_busy_buffers_size 8k;
+        }
+
+        # Prometheus health check endpoint
+        location /prometheus/-/healthy {
+            proxy_pass http://prometheus_backend/prometheus/-/healthy;
+            proxy_set_header Host $host;
+            access_log off;
+        }
+
+        # Alertmanager proxy configuration with authentication
+        location /alerts/ {
+            # HTTP Basic Authentication
+            auth_basic "Alertmanager Monitoring";
+            auth_basic_user_file /etc/nginx/passwords/monitoring.htpasswd;
+            
+            # Rate limiting
+            limit_req zone=api burst=10 nodelay;
+            
+            # Remove trailing slash for proxy
+            rewrite ^/alerts/(.*)$ /$1 break;
+            
+            # Proxy to Alertmanager
+            proxy_pass http://alertmanager_backend;
+            proxy_set_header Host $host;
+            proxy_set_header X-Real-IP $remote_addr;
+            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+            proxy_set_header X-Forwarded-Proto $scheme;
+            proxy_set_header X-Forwarded-Host $host;
+            proxy_set_header X-Forwarded-Port $server_port;
+
+            # Timeouts
+            proxy_connect_timeout 30s;
+            proxy_send_timeout 30s;
+            proxy_read_timeout 30s;
+
+            # Buffer settings
+            proxy_buffering on;
+            proxy_buffer_size 4k;
+            proxy_buffers 8 4k;
+            proxy_busy_buffers_size 8k;
+
+            # Security headers
+            add_header X-Frame-Options "SAMEORIGIN" always;
+            add_header X-Content-Type-Options "nosniff" always;
+        }
+
+        # Alertmanager API with authentication
+        location /api/v1/ {
+            # HTTP Basic Authentication
+            auth_basic "Alertmanager API";
+            auth_basic_user_file /etc/nginx/passwords/monitoring.htpasswd;
+            
+            # Rate limiting
+            limit_req zone=api burst=20 nodelay;
+            
+            # Proxy to Alertmanager
+            proxy_pass http://alertmanager_backend;
+            proxy_set_header Host $host;
+            proxy_set_header X-Real-IP $remote_addr;
+            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+            proxy_set_header X-Forwarded-Proto $scheme;
+            
+            # CORS headers
+            add_header Access-Control-Allow-Origin "*" always;
+            add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS" always;
+            add_header Access-Control-Allow-Headers "DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization" always;
+            
+            # Handle preflight requests
+            if ($request_method = 'OPTIONS') {
+                add_header Access-Control-Allow-Origin "*";
+                add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS";
+                add_header Access-Control-Allow-Headers "DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization";
+                add_header Access-Control-Max-Age 1728000;
+                add_header Content-Type "text/plain; charset=utf-8";
+                add_header Content-Length 0;
+                return 204;
+            }
+        }
+
+        # All location configurations are now integrated into this file
     }
 }