nginx.dev.conf

load_module /opt/homebrew/opt/passenger/libexec/modules/ngx_http_passenger_module.so;

# user  nobody;
worker_processes  1;

#error_log  logs/error.log;
#error_log  logs/error.log  notice;
#error_log  logs/error.log  info;

#pid        logs/nginx.pid;

events {
    worker_connections  1024;
}

http {
    include       mime.types;
    default_type  application/octet-stream;
    server_names_hash_bucket_size 64;

    #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
    #                  '$status $body_bytes_sent "$http_referer" '
    #                  '"$http_user_agent" "$http_x_forwarded_for"';

    #access_log  logs/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    #keepalive_timeout  0;
    keepalive_timeout  65;

    gzip  on;

    ssl_certificate      /Users/huocp/dumber.local+5.pem;
    ssl_certificate_key  /Users/huocp/dumber.local+5-key.pem;
    ssl_session_timeout  1d;
    ssl_session_cache    shared:SSL:50m;
    ssl_session_tickets  off;
    ssl_protocols        TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers          HIGH;
    ssl_prefer_server_ciphers on;

    passenger_root /opt/homebrew/opt/passenger/libexec/src/ruby_supportlib/phusion_passenger/locations.ini;
    passenger_ruby /usr/bin/ruby;
    passenger_nodejs /Users/huocp/.nodenv/shims/node;

    # redirect http request to https
    server {
      listen 80;
      server_name _;

      return 301 https://$host$request_uri;
    }

    server {
        listen       443 ssl http2;
        server_name  cache.dumber.local;

        # add_header Strict-Transport-Security max-age=31536000 always;
        add_header Access-Control-Allow-Origin "https://gist.dumber.local" always;
        add_header Access-Control-Allow-Methods "GET, POST, OPTIONS" always;
        add_header Access-Control-Allow-Credentials "false" always;
        add_header Access-Control-Max-Age "-1" always; # 86400 always; # 24 hours
        add_header Access-Control-Allow-Headers "*" always;

        location @nocache {
            # kill cache for missed cache
            add_header Cache-Control 'no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0' always;
            if_modified_since off;
            expires off;
            etag off;

            add_header Access-Control-Allow-Origin "https://gist.dumber.local" always;
            add_header Access-Control-Allow-Methods "GET, POST, OPTIONS" always;
            add_header Access-Control-Allow-Credentials "false" always;
            add_header Access-Control-Max-Age "-1" always; # 86400 always; # 24 hours
            add_header Access-Control-Allow-Headers "*" always;

            return 204;
        }

        location ~ ^/\w {
            try_files $uri @nocache;
            root /Users/huocp/dumberjs/dumber-gist/server/dumber-cache/public;
            default_type "application/json; charset=utf-8";
            expires 1d;
        }

        location ~ ^/$ {
            client_max_body_size 20m;
            passenger_enabled on;
            root /Users/huocp/dumberjs/dumber-gist/server/dumber-cache/nowhere;
            passenger_app_env development;
        }
    }

    server {
        listen       443 ssl http2;
        server_name  github-oauth.gist.dumber.local;

        # add_header Strict-Transport-Security max-age=31536000 always;
        add_header Access-Control-Allow-Origin "https://gist.dumber.local" always;
        add_header Access-Control-Allow-Methods "POST, OPTIONS" always;
        add_header Access-Control-Allow-Credentials "false" always;
        add_header Access-Control-Max-Age "-1" always; # 86400 always; # 24 hours
        add_header Access-Control-Allow-Headers "*" always;

        passenger_enabled on;
        root /Users/huocp/dumberjs/dumber-gist/server/github-oauth/public;

        # Local dev github oauth client id/secret
        # for https://gist.dumber.local
        passenger_env_var DR_CLIENT_ID a505c051c5291a3f3618;
        passenger_env_var DR_CLIENT_SECRET e43c4733f6a49a3733d34717090a6ea976a8c795;
        passenger_app_env development;
    }

    server {
        listen       443 ssl http2;
        server_name  gist.dumber.local;

        location / {
            root   /Users/huocp/dumberjs/dumber-gist/client;
            index  index.html;
        }
    }

    server {
        listen       443 ssl http2;
        server_name  "~^[0-9a-f]{32,32}\.gist\.dumber\.local$";

        location / {
            root   /Users/huocp/dumberjs/dumber-gist/client-service-worker;
            index  index.html;

            # kill cache for this random host name
            add_header Last-Modified $date_gmt;
            add_header Cache-Control 'no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0';
            if_modified_since off;
            expires off;
            etag off;
        }
    }
}