michaelkove · October 28, 2024 12:36
diff --git a/gistfile1.txt b/gistfile1.txt
 server {
    listen 80;
    server_name ***********;
    return 301 https://$server_name$request_uri;
 }

 server {
 	# OPTIONAL FOR SSL if you use other port, skip this part.
    listen 443 ssl;
    server_name ************;
 	###### SSL CONFIG #####
    ssl_certificate /etc/nginx/ssl/fullchain.pem;
    ssl_certificate_key /etc/nginx/ssl/privkey.pem;

    ssl_protocols TLSv1.2 TLSv1.3;
    ssl_prefer_server_ciphers on;
    ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;

 	###### END SSL #####

    # Enable debug logging
    error_log /var/log/nginx/api_error.log debug;

    location / {
        proxy_pass http://app:3000; # I HAVE DOCKER SETUP, yours will be localhost.
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;

        # Authentication headers IMPORTANT SHIT HERE
        proxy_set_header Authorization $http_authorization;
        proxy_pass_header Authorization;

        # CORS headers
        proxy_set_header Origin $http_origin;
        proxy_set_header Access-Control-Request-Method $http_access_control_request_method;
        proxy_set_header Access-Control-Request-Headers $http_access_control_request_headers;

        # Forward all response headers
        proxy_pass_header Access-Control-Allow-Origin;
        proxy_pass_header Access-Control-Allow-Methods;
        proxy_pass_header Access-Control-Allow-Headers;
        proxy_pass_header Access-Control-Expose-Headers;
        proxy_pass_header Access-Control-Max-Age;

        # Preflight request handling (NOTICE AUTH Handlers)
        if ($request_method = 'OPTIONS') {
            add_header 'Access-Control-Allow-Origin' '$http_origin' always;
            add_header 'Access-Control-Allow-Methods' 'GET, PATCH, POST, PUT, DELETE, OPTIONS' always;
            add_header 'Access-Control-Allow-Headers' 'Authorization,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range' always;
            add_header 'Access-Control-Max-Age' 1728000;
            add_header 'Content-Type' 'text/plain; charset=utf-8';
            add_header 'Content-Length' 0;
            return 204;
        }

        # Add debug logging -  you don't really need this.
        add_header X-Debug-Message "Request forwarded to backend" always;
        add_header X-Forwarded-Host $host;
        add_header X-Forwarded-Proto $scheme;
    }
 }
	server {
	listen 80;
	server_name ***********;
	return 301 https://$server_name$request_uri;
	}

	server {
	# OPTIONAL FOR SSL if you use other port, skip this part.
	listen 443 ssl;
	server_name ************;
	###### SSL CONFIG #####
	ssl_certificate /etc/nginx/ssl/fullchain.pem;
	ssl_certificate_key /etc/nginx/ssl/privkey.pem;

	ssl_protocols TLSv1.2 TLSv1.3;
	ssl_prefer_server_ciphers on;
	ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;

	###### END SSL #####

	# Enable debug logging
	error_log /var/log/nginx/api_error.log debug;

	location / {
	proxy_pass http://app:3000; # I HAVE DOCKER SETUP, yours will be localhost.
	proxy_set_header Host $host;
	proxy_set_header X-Real-IP $remote_addr;
	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	proxy_set_header X-Forwarded-Proto $scheme;

	# Authentication headers IMPORTANT SHIT HERE
	proxy_set_header Authorization $http_authorization;
	proxy_pass_header Authorization;

	# CORS headers
	proxy_set_header Origin $http_origin;
	proxy_set_header Access-Control-Request-Method $http_access_control_request_method;
	proxy_set_header Access-Control-Request-Headers $http_access_control_request_headers;

	# Forward all response headers
	proxy_pass_header Access-Control-Allow-Origin;
	proxy_pass_header Access-Control-Allow-Methods;
	proxy_pass_header Access-Control-Allow-Headers;
	proxy_pass_header Access-Control-Expose-Headers;
	proxy_pass_header Access-Control-Max-Age;

	# Preflight request handling (NOTICE AUTH Handlers)
	if ($request_method = 'OPTIONS') {
	add_header 'Access-Control-Allow-Origin' '$http_origin' always;
	add_header 'Access-Control-Allow-Methods' 'GET, PATCH, POST, PUT, DELETE, OPTIONS' always;
	add_header 'Access-Control-Allow-Headers' 'Authorization,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range' always;
	add_header 'Access-Control-Max-Age' 1728000;
	add_header 'Content-Type' 'text/plain; charset=utf-8';
	add_header 'Content-Length' 0;
	return 204;
	}

	# Add debug logging - you don't really need this.
	add_header X-Debug-Message "Request forwarded to backend" always;
	add_header X-Forwarded-Host $host;
	add_header X-Forwarded-Proto $scheme;
	}
	}