From 01369983049758abca16ac58da351b066f8a4a20 Mon Sep 17 00:00:00 2001
From: Michael <michael@congegni.net>
Date: Thu, 22 May 2025 14:40:52 +0200
Subject: [PATCH] feat(nginx): host conf file

---
 docker/nginx-host.conf | 41 +++++++++++++++++++++++++++++++++++++++++
 1 file changed, 41 insertions(+)
 create mode 100644 docker/nginx-host.conf

diff --git a/docker/nginx-host.conf b/docker/nginx-host.conf
new file mode 100644
index 000000000..e8c805c29
--- /dev/null
+++ b/docker/nginx-host.conf
@@ -0,0 +1,41 @@
+server {
+    listen 80;
+    add_header Content-Security-Policy "upgrade-insecure-requests;";
+
+    server_name sintonia.congegni.net;
+
+    client_max_body_size 512M;
+    client_body_timeout 300s;
+
+    if ($host = sintonia.congegni.net) {
+        return 301 https://$host$request_uri;
+    } # managed by Certbot
+
+    return 404; # managed by Certbot
+}
+
+server {
+    listen 443 ssl; # managed by Certbot
+    server_name sintonia.congegni.net;
+    add_header Content-Security-Policy "upgrade-insecure-requests;";
+
+    client_max_body_size 512M;
+    client_body_timeout 300s;
+    ssl_certificate /etc/letsencrypt/live/sintonia.congegni.net/fullchain.pem; # managed by Certbot
+    ssl_certificate_key /etc/letsencrypt/live/sintonia.congegni.net/privkey.pem; # managed by Certbot
+
+    location / {
+        proxy_set_header Host              $host;
+        proxy_set_header X-Real-IP         $remote_addr;
+        proxy_set_header X-Forwarded-For   $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+        proxy_set_header X-Forwarded-Host  $host;
+        proxy_set_header X-Forwarded-Port  $server_port;
+
+        proxy_set_header Access-Control-Allow-Origin *;
+        proxy_set_header Access-Control-Allow-Methods "GET, POST, OPTIONS, DELETE, PUT";
+        proxy_set_header Access-Control-Allow-Headers "Authorization, Content-Type, Accept";
+
+        proxy_pass http://127.0.0.1:9876;
+    }
+}
\ No newline at end of file