# Redirect HTTP to HTTPS
server {
  listen 80;
  server_name kornerr.ru;
  return 301 https://$server_name$request_uri;
}

server {
  listen 443 ssl;
  server_name kornerr.ru;

  ssl_certificate /etc/encrypt/fullchain.pem;
  ssl_certificate_key /etc/encrypt/privkey.pem;

  #
  # Note: You should disable gzip for SSL traffic.
  # See: https://bugs.debian.org/773332
  #
  # Read up on ssl_ciphers to ensure a secure configuration.
  # See: https://bugs.debian.org/765782
  #
  # Self signed certs generated by the ssl-cert package
  # Don't use them in a production server!
  #
  # include snippets/snakeoil.conf;

  root /var/www/html;

  index index.html;

  server_name _;

  location / {
    # First attempt to serve request as file, then
    # as directory, then fall back to displaying a 404.
    try_files $uri $uri/ =404;
    add_header "Access-Control-Allow-Origin" "*";
    add_header "Cache-Control" "max-age=43200";
    # Remove CORS.
    if ($request_method = "OPTIONS") {
      add_header "Access-Control-Allow-Origin" "*";
      add_header "Access-Control-Allow-Headers" "Content-Type";
      add_header "Content-Type" "text/plain;charset=UTF-8";
      add_header "Content-Length" 0;
      return 204;
    }
  }

  location /api {
    proxy_pass http://localhost:8001;
  }
}