server {
	listen 443 ssl;
	server_name dev3.4nkweb.com;

	ssl_certificate /etc/letsencrypt/live/dev3.4nkweb.com/fullchain.pem;
	ssl_certificate_key /etc/letsencrypt/live/dev3.4nkweb.com/privkey.pem;

	ssl_protocols TLSv1.2 TLSv1.3;
	ssl_prefer_server_ciphers on;
	ssl_ciphers HIGH:!aNULL:!MD5;
	# Redirection des requêtes HTTP normales vers Vite
	location / {
		proxy_pass http://localhost:3004;
		proxy_http_version 1.1;
		proxy_set_header Upgrade $http_upgrade;
		proxy_set_header Connection "Upgrade";
		proxy_set_header Host $host;
	}

	location /ws/ {
		proxy_pass http://localhost:8090;
		proxy_http_version 1.1;
		proxy_set_header Upgrade $http_upgrade;
		proxy_set_header Connection "Upgrade";
		proxy_set_header Host $host;
		proxy_set_header X-Real-IP $remote_addr;
		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
		proxy_set_header X-Forwarded-Proto $scheme;
		proxy_set_header X-NginX-Proxy true;

		proxy_read_timeout 86400;  
		proxy_set_header Connection "Upgrade";
	}

	location /storage/ {
		if ($request_method = 'OPTIONS') {
			add_header 'Access-Control-Allow-Origin' '*' always;
			add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS' always;
			add_header 'Access-Control-Allow-Headers' 'Content-Type, Authorization, X-Requested-With' always;
			add_header 'Access-Control-Max-Age' 86400;
			add_header 'Content-Length' 0;
			add_header 'Content-Type' 'text/plain';
			return 204;
		}

		add_header 'Access-Control-Allow-Origin' '*' always;
		add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS' always;
		add_header 'Access-Control-Allow-Headers' 'Content-Type, Authorization, X-Requested-With' always;

		rewrite ^/storage(/.*)$ $1 break;
		proxy_pass http://localhost:8080;
		proxy_http_version 1.1;
		proxy_set_header Upgrade $http_upgrade;
		proxy_set_header Connection "Upgrade";
		proxy_set_header Host $host;
	}

	location ^~ /api/ {
		if ($request_method = OPTIONS) {
			add_header Access-Control-Allow-Origin	"*" always;
			add_header Access-Control-Allow-Methods  "GET, POST, OPTIONS, PUT, DELETE" always;
			add_header Access-Control-Allow-Headers  "Authorization,Content-Type,Accept" always;
			add_header Access-Control-Max-Age       600;
			return 204;
		}

		proxy_pass http://127.0.0.1:8091;
		proxy_set_header Host              $host;
		proxy_set_header X-Real-IP         $remote_addr;
		proxy_set_header X-Forwarded-For   $proxy_add_x_forwarded_for;
		proxy_set_header X-Forwarded-Proto $scheme;

		add_header Access-Control-Allow-Origin  "http://local.lecoffreio.4nkweb:3000" always ;
		add_header Access-Control-Allow-Methods  "GET, POST, OPTIONS, PUT, DELETE" always;
		add_header Access-Control-Allow-Headers  "Authorization,Content-Type,Accept,X-Requested-With" always;
	}

	location @handle_502 {
		internal;
		add_header Access-Control-Allow-Origin  "*" always;
		add_header Access-Control-Allow-Methods "GET, POST, OPTIONS, PUT, DELETE" always;
		add_header Access-Control-Allow-Headers "Authorization, Content-Type, Accept, X-Requested-With" always;
		return 502;
	}

	ssl_certificate /etc/letsencrypt/live/dev3.4nkweb.com/fullchain.pem; # managed by Certbot
		ssl_certificate_key /etc/letsencrypt/live/dev3.4nkweb.com/privkey.pem; # managed by Certbot

		ssl_certificate /etc/letsencrypt/live/dev3.4nkweb.com/fullchain.pem; # managed by Certbot
		ssl_certificate_key /etc/letsencrypt/live/dev3.4nkweb.com/privkey.pem; # managed by Certbot
}

server {
	if ($host = dev3.4nkweb.com) {
		return 301 https://$host$request_uri;
	} # managed by Certbot


	listen 80;
	server_name dev3.4nkweb.com;

	return 301 https://$host$request_uri;


}