upstream kxo-lottis {
  server vinlottis.schleppe:30030;
}

upstream aller-lottis {
  server allerlottis.schleppe:30030;
}

upstream beta-lottis {
  server vinlottis-beta.schleppe:30030;
}

server {
  listen 80;
  listen [::]:80;

  server_name .lottis.vin .vinlottis.no aller.vin knowit.vin;

  more_set_headers "Upgrading: Connection";
  return 302 https://$host$request_uri;
}

# - - - - - - - -
# KXO start
server {
  listen 443 ssl http2;
  listen [::]:443 ssl http2;

  server_name lottis.vin;

  # TODO: does this do anything other than what nginx.conf does (?)
  # gzip on;
  # gzip_types application/javascript;
  # gzip_min_length 1000;

  location / {
    resolver 10.0.0.72;
    proxy_pass http://kxo-lottis;
    
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "Upgrade";
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header Host $host;
  }

  ssl_certificate /etc/letsencrypt/live/lottis.vin-0001/fullchain.pem; # managed by Certbot
  ssl_certificate_key /etc/letsencrypt/live/lottis.vin-0001/privkey.pem; # managed by Certbot
}

server {
  listen 443 ssl http2;
  listen [::]:443 ssl http2;

  server_name vinlottis.no;

  location / {
    resolver 10.0.0.72;
    proxy_pass http://kxo-lottis;

    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "Upgrade";
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header Host $host;
  }

  ssl_certificate /etc/letsencrypt/live/vinlottis.no-0003/fullchain.pem; # managed by Certbot
  ssl_certificate_key /etc/letsencrypt/live/vinlottis.no-0003/privkey.pem; # managed by Certbot
}

server {
  listen 443 ssl http2;
  listen [::]:443 ssl http2;

  server_name kxo.lottis.vin;

  location / {
    resolver 10.0.0.72;
    proxy_pass http://kxo-lottis;

    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "Upgrade";
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header Host $host;
  }

    ssl_certificate /etc/letsencrypt/live/kxo.lottis.vin/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/kxo.lottis.vin/privkey.pem; # managed by Certbot
}

server {
  listen 443 ssl http2;
  listen [::]:443 ssl http2;

  server_name knowit.vin;

  location / {
    resolver 10.0.0.72;
    proxy_pass http://kxo-lottis;

    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "Upgrade";
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header Host $host;
  }

    ssl_certificate /etc/letsencrypt/live/kxo.lottis.vin/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/kxo.lottis.vin/privkey.pem; # managed by Certbot
}
# KXO end
# - - - - - - - -

# - - - - - - - -
# Aller start
server {
  listen 443 ssl http2;
  listen [::]:443 ssl http2;

  server_name aller.lottis.vin;

  location / {
    resolver 10.0.0.72;
    proxy_pass http://aller-lottis;

    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "Upgrade";
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header Host $host;

    more_set_headers 'Access-Control-Allow-Headers: Content-Type, vinlottis-admin';
  }

  ssl_certificate /etc/letsencrypt/live/aller.lottis.vin/fullchain.pem; # managed by Certbot
  ssl_certificate_key /etc/letsencrypt/live/aller.lottis.vin/privkey.pem; # managed by Certbot
}

server {
  listen 443 ssl http2;
  listen [::]:443 ssl http2;

  server_name aller.vin;

  location / {
    resolver 10.0.0.72;
    proxy_pass http://aller-lottis;

    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "Upgrade";
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header Host $host;

    more_set_headers 'Access-Control-Allow-Headers: Content-Type';
  }
    ssl_certificate /etc/letsencrypt/live/aller.vin/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/aller.vin/privkey.pem; # managed by Certbot

}
# Aller end
# - - - - - - - -

# - - - - - - - -
# Beta start
# - - - - - - - -
server {
  listen 443 ssl http2;
  listen [::]:443 ssl http2;

  server_name beta.lottis.vin;

  location / {
    resolver 10.0.0.72;
    proxy_pass http://beta-lottis;

    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "Upgrade";
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header Host $host;
  }
  
  ssl_certificate /etc/letsencrypt/live/beta.lottis.vin/fullchain.pem; # managed by Certbot
  ssl_certificate_key /etc/letsencrypt/live/beta.lottis.vin/privkey.pem; # managed by Certbot
}
# Beta end
# - - - - - - - -