From f9fa3aaf35b6d8a14966de204bc1ffbc3541ea46 Mon Sep 17 00:00:00 2001
From: sijanec <sijanecantonluka@gmail.com>
Date: Sat, 29 Aug 2020 23:24:38 +0200
Subject: initial commit

---
 nginx.conf | 58 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 58 insertions(+)
 create mode 100644 nginx.conf

(limited to 'nginx.conf')

diff --git a/nginx.conf b/nginx.conf
new file mode 100644
index 0000000..ff71ccc
--- /dev/null
+++ b/nginx.conf
@@ -0,0 +1,58 @@
+server {
+	listen 0.0.0.0:80;
+	listen [::]:80;
+	server_name .teletekst.xn--jha.ga;
+	return 301 https://teletekst.xn--jha.ga$request_uri;
+	port_in_redirect off;
+	server_name_in_redirect off;
+}
+server {
+	listen 0.0.0.0:443 ssl http2;
+	listen [::]:443 ssl http2;
+	ssl_certificate /etc/letsencrypt/live/teletekst.xn--jha.ga/fullchain.pem;
+	ssl_certificate_key /etc/letsencrypt/live/teletekst.xn--jha.ga/privkey.pem;
+	ssl_session_cache builtin:1000 shared:SSL:10m;
+	ssl_prefer_server_ciphers on;
+	add_header Strict-Transport-Security "max-age=604800";
+	index index.html;
+	server_name .teletekst.xn--jha.ga;
+	root /var/www/teletekst.xn--jha.ga;
+	location / {
+		set $cors '';
+		set $both_conditions "";
+		add_header "x-debug-location-gse" "triggered";
+		if ($http_origin ~ \.?xn--jha\.ga$) {
+			set $cors 'true';
+			set $both_conditions "P";
+			add_header "x-debug-http-origin-check" "passed";
+		}
+		if ($cors = 'true') {
+			add_header "Access-Control-Allow-Origin" $http_origin always;
+			add_header "Access-Control-Allow-Credentials" "true" always;
+			add_header "Access-Control-Allow-Methods" "GET, POST, PATCH, PUT, DELETE, OPTIONS" always;
+			add_header 'Access-Control-Allow-Headers' 'Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,Authorization' always;
+			add_header 'Access-Control-Expose-Headers' 'Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,Authorization' always;
+		}
+		if ($request_method = 'OPTIONS') {
+			set $both_conditions "${both_conditions}D";
+		}
+		if ($both_conditions = PD) {
+			add_header "Access-Control-Allow-Origin" $http_origin always;
+			add_header "Access-Control-Allow-Credentials" "true" always;
+			add_header "Access-Control-Allow-Methods" "GET, POST, PATCH, PUT, DELETE, OPTIONS" always;
+			add_header 'Access-Control-Allow-Headers' 'Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,Authorization' always;
+			add_header 'Access-Control-Expose-Headers' 'Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,Authorization' always;
+			add_header 'Access-Control-Max-Age' -1;
+			add_header 'Content-Type' 'text/plain charset=UTF-8';
+			add_header 'Content-Length' 0;
+			return 204;
+		}
+		try_files $uri $uri/ @backend;
+	}
+	location @backend {
+		proxy_pass https://localhost:27443;
+		proxy_set_header Host      teletext.rtvslo.si;
+		proxy_set_header Referer https://teletext.rtvslo.si/;
+		proxy_set_header X-Forwarded-For $remote_addr;
+	}
+}
-- 
cgit v1.2.3