#
# You should look at the following URL's in order to grasp a solid understanding
# of Nginx configuration files in order to fully unleash the power of Nginx.
# https://www.nginx.com/resources/wiki/start/
# https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/
# https://wiki.debian.org/Nginx/DirectoryStructure
#
# In most cases, administrators will remove this file from sites-enabled/ and
# leave it as reference inside of sites-available where it will continue to be
# updated by the nginx packaging team.
#
# This file will automatically load configuration files provided by other
# applications, such as Drupal or Wordpress. These applications will be made
# available underneath a path with that package name, such as /drupal8.
#
# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.
##

# Default server configuration

# Default should define all the routes to upgrade to https and global rules!

server {
  listen 443;
  listen [::]:443;

  server_name request.movie;

  location / {
#    proxy_http_version 1.1;
#    proxy_set_header Upgrade $http_upgrade;
#    proxy_set_header X-Real-IP $remote_addr;
#    proxy_set_header X-Forwarded-Proto https;
#    proxy_set_header X-Forwarded-for $remote_addr;

#    proxy_set_header X-Forwarded-For $remote_addr;
#    proxy_set_header X-Forwarded-Proto $scheme;
#    proxy_set_header X-Real-IP $remote_addr;
#    proxy_set_header Host $http_host;

#    proxy_set_header Connection 'upgrade';
#    proxy_set_header Host $host;
#    proxy_pass_header Set-Cookie;
#    proxy_cache_bypass $http_upgrade;

    proxy_http_version 1.1;
#    add_header 'Access-Control-Allow-Origin' 'request.movie';
    add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
#    add_header 'Access-Control-Allow-Headers' 'Content-Type';

    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "Upgrade";
    proxy_set_header Host $host;

    proxy_pass http://seasoned.schleppe:5000;
  }

  error_page 502 /502.html;
  location = /502.html {
    root /home/kevin;
  }

    ssl_certificate /etc/letsencrypt/live/request.movie-0001/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/request.movie-0001/privkey.pem; # managed by Certbot
}

server {
  listen 443;
  listen [::]:443;

  server_name api.request.movie;

  location /api {
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-for $proxy_add_x_forwarded_for;

    proxy_set_header Connection 'upgrade';
    proxy_set_header Host $host;
    proxy_pass_header Set-Cookie;
    proxy_cache_bypass $http_upgrade;
    add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
#    add_header 'Access-Control-Allow-Headers' 'Content-Type';

    proxy_pass http://seasoned.schleppe:31459;
  }

    ssl_certificate /etc/letsencrypt/live/api.request.movie/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/api.request.movie/privkey.pem; # managed by Certbot
}

server {
  listen 443;
  listen [::]:443;

  server_name warden.request.movie;

  location / {
    proxy_pass http://seasoned.schleppe:31458;
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-for $proxy_add_x_forwarded_for;
    proxy_set_header Connection 'upgrade';
    proxy_set_header Host $host;
    proxy_cache_bypass $http_upgrade;
  }

    ssl_certificate /etc/letsencrypt/live/warden.request.movie/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/warden.request.movie/privkey.pem; # managed by Certbot
}