server/proxy/lopolis.conf


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55

# /etc/nginx/sites-enabled/lopolis
server {
	listen 0.0.0.0:80;
	listen [::]:80;
	server_name .lopolis.gimb.tk;
	return 301 https://lopolis.gimb.tk/;
}
server {
	listen 0.0.0.0:443 http2 ssl;
	listen [::]:443 http2 ssl;
	ssl_certificate /etc/ssl/sslforfree/gimb.tk.crtca;
	ssl_certificate_key /etc/ssl/sslforfree/gimb.tk.key;
	server_name .lopolis.gimb.tk;
	location / {
		if ($http_origin ~ \.?gimb\.tk$) {
			set $cors 'true';
			set $both_conditions "P";
			add_header "x-debug-http-origin-check" "passed";
		}
		if ($http_origin ~ \.?beziapp\.github\.io$) {
			set $cors 'true';
			set $both_conditions "P";
			add_header "x-debug-http-origin-check" "passed";
		}
		if ($cors = 'true') {
			add_header "Access-Control-Allow-Origin" $http_origin always;
			add_header "Access-Control-Allow-Credentials" "true" always;
			add_header "Access-Control-Allow-Methods" "GET, POST, PATCH, PUT, DELETE, OPTIONS" always;
			add_header 'Access-Control-Allow-Headers' 'Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,Authorization' always;
			add_header 'Access-Control-Expose-Headers' 'Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,Authorization' always;
		}
		if ($request_method = 'OPTIONS') {
			set $both_conditions "${both_conditions}D";
		}
		if ($both_conditions = PD) {
			add_header "Access-Control-Allow-Origin" $http_origin always;
			add_header "Access-Control-Allow-Credentials" "true" always;
			add_header "Access-Control-Allow-Methods" "GET, POST, PATCH, PUT, DELETE, OPTIONS" always;
			add_header 'Access-Control-Allow-Headers' 'Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,Authorization' always;
			add_header 'Access-Control-Expose-Headers' 'Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,Authorization' always;
			add_header 'Access-Control-Max-Age' -1;
			add_header 'Content-Type' 'text/plain charset=UTF-8';
			add_header 'Content-Length' 0;
			return 204;
		}
		access_log /var/log/nginx/lopolis/access.log postdata;
                proxy_set_header Host www.lopolis.si;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_redirect off;
                proxy_ssl_server_name on;
		proxy_pass https://www.lopolis.si;
		# try_files $uri $uri/ =404;
	}
}