api-rws/examples/api.rwsbank.com.ua.nginx-example

server {

    server_name tasks-api.rwsbank.com.ua www.tasks-api.rwsbank.com.ua;

    add_header X-Frame-Options "SAMEORIGIN";
    add_header X-XSS-Protection "1; mode=block";
    add_header X-Content-Type-Options "nosniff";
    add_header 'Access-Control-Allow-Methods' 'GET,POST,OPTIONS,PUT,DELETE,PATCH';

    gzip            on;
    gzip_types      text/plain application/xml text/css application/javascript;
    gzip_min_length 1000;

    location / {

        client_max_body_size 100M;
        proxy_set_header Host               $host;
        proxy_set_header X-Real-IP          $remote_addr;
        proxy_set_header X-Forwarded-For    $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto  $scheme;
        proxy_redirect              off;
        proxy_read_timeout          1m;
        proxy_connect_timeout       1m;

        proxy_pass                          http://127.0.0.1:3000;

        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";

        proxy_buffer_size  128k;
        proxy_buffers   4 256k;
        proxy_busy_buffers_size   256k;

    }

    listen 443 ssl;
    ssl_certificate /etc/ssl/rwsbank/ssl-bundle.crt;
    ssl_certificate_key /etc/ssl/rwsbank/com.key;
}

server {
    if ($host = tasks-api.rwsbank.com.ua) {
        return 301 https://$host$request_uri;
    } 

    server_name tasks-api.rwsbank.com.ua www.tasks-api.rwsbank.com.ua;
    listen 80;
    return 404; # managed by Certbot
}


server {
        listen 443 ssl;
        ssl_certificate /etc/ssl/rwsbank/ssl-bundle.crt;
        ssl_certificate_key /etc/ssl/rwsbank/com.key;

        root /home/programmer/api-rws/documentation;
        index index.html index.htm index.nginx-debian.html;

        server_name opendoc.rwsbank.com.ua;

        auth_basic "Restricted Content";
        auth_basic_user_file /etc/nginx/.htpasswd;

        location / {
                # First attempt to serve request as file, then
                # as directory, then fall back to redirecting to index.html
                try_files $uri $uri/ /index.html;
        }
        # Media: images, icons, video, audio, HTC
        location ~* \.(?:jpg|jpeg|gif|png|ico|cur|gz|svg|svgz|mp4|ogg|ogv|webm|htc)$ {
          expires 1M;
          access_log off;
          add_header Cache-Control "public";
        }

        # Javascript and CSS files
        location ~* \.(?:css|js)$ {
                try_files $uri =404;
                expires 1y;
                access_log off;
                add_header Cache-Control "public";
        }

        # Any route containing a file extension (e.g. /devicesfile.js)
        location ~ ^.+\..+$ {
                try_files $uri =404;
        }

}