1 files changed, 54 insertions, 0 deletions

diff --git a/src-slowcord/nginx/fosscord b/src-slowcord/nginx/fosscord
new file mode 100644

index 00000000..f1d53de1
--- /dev/null
+++ b/src-slowcord/nginx/fosscord
@@ -0,0 +1,54 @@
+server {
+	server_name slowcord.understars.dev;
+
+	client_max_body_size 150M;
+
+	add_header Last-Modified $date_gmt;
+	proxy_set_header Host $host;
+	proxy_pass_request_headers on;
+	proxy_set_header X-Real-IP $remote_addr;
+	proxy_set_header X-Forwarded-Proto https;
+	proxy_set_header X-Forwarded-For $remote_addr;
+	proxy_set_header X-Forwarded-Host $remote_addr;
+	proxy_set_header Upgrade $http_upgrade;
+	proxy_set_header Connection "upgrade";
+
+	location / {
+		proxy_pass http://127.0.0.1:3001;
+	}
+
+	location /api {
+		proxy_pass http://127.0.0.1:3001;
+		add_header Cache-Control 'no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0';
+
+		# TODO: This is a bad solution. Why does proxy_pass not forward all upstream errors to client?
+		# Or is it just that the server is not actually responding?
+		proxy_no_cache 1;
+		proxy_cache_bypass 1;
+		proxy_connect_timeout 1;
+		proxy_send_timeout 1;
+		proxy_read_timeout 1;
+		send_timeout 1;
+	}
+
+	# TODO: Make the login service not suck
+	location ~ ^/(login|register|oauth/discord|css/index.css|js/handler.js) {
+		proxy_pass http://127.0.0.1:3010;
+	}
+
+	listen 443 ssl;
+	ssl_certificate /etc/letsencrypt/live/slowcord.understars.dev/fullchain.pem;
+	ssl_certificate_key /etc/letsencrypt/live/slowcord.understars.dev/privkey.pem;
+	include /etc/letsencrypt/options-ssl-nginx.conf;
+	ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
+}
+
+server {
+	if ($host = slowcord.understars.dev) {
+		return 301 https://$host$request_uri;
+	}
+
+	listen 80;
+	server_name slowcord.understars.dev;
+	return 404;
+}
\ No newline at end of file