bookwyrm/nginx/production

include /etc/nginx/conf.d/server_config;

upstream web {
    server web:8000;
}

server {
    listen [::]:80;
    listen 80;

    server_name your-domain.com www.your-domain.com;

    location ~ /.well-known/acme-challenge {
        allow all;
        root /var/www/certbot;
    }

#     # redirect http to https
#     return 301 https://your-domain.com$request_uri;
}

#
# server {
#     listen [::]:443 ssl http2;
#     listen 443 ssl http2;
#
#     server_name your-domain.com;
#
#     client_max_body_size 3M;
#
#     if ($host != "your-domain.com") {
#         return 301 $scheme://your-domain.com$request_uri;
#     }
#
#     # SSL code
#     ssl_certificate /etc/nginx/ssl/live/your-domain.com/fullchain.pem;
#     ssl_certificate_key /etc/nginx/ssl/live/your-domain.com/privkey.pem;
#
#     location ~ /.well-known/acme-challenge {
#         allow all;
#         root /var/www/certbot;
#     }
#
#     location ~ ^/(login[^-/]|password-reset|resend-link|2fa-check) {
#         limit_req zone=loginlimit;
#
#         proxy_pass http://web;
#         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#         proxy_set_header Host $host;
#         proxy_redirect off;
#     }
#
#     location / {
#         proxy_pass http://web;
#         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#         proxy_set_header Host $host;
#         proxy_redirect off;
#     }
#
#     location /images/ {
#         alias /app/images/;
#     }
#
#     location /static/ {
#         alias /app/static/;
#     }
# }

# Reverse-Proxy server
# server {
#     listen [::]:8001;
#     listen 8001;

#     server_name your-domain.com www.your-domain.com;

#     location / {
#         proxy_pass http://web;
#         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#         proxy_set_header Host $host;
#         proxy_redirect off;
#     }

#     location /images/ {
#         alias /app/images/;
#     }

#     location /static/ {
#         alias /app/static/;
#     }
# }