server {
	server_tokens off;
	listen 80;
	listen 443 ssl default_server;
	server_name GWSERIAL GWSERIAL.local;
	server_name_in_redirect on;
	client_max_body_size 32M;

	ssl_certificate /etc/ssl/certs/localhost.crt;
	ssl_certificate_key /etc/ssl/private/localhost.key;

	if ($scheme != "https") {
			return 301 https://$host$request_uri;
	}

	access_log /var/log/nginx/sagacity-webserver-access.log;
	error_log /var/log/nginx/sagacity-webserver-error.log;

# We need to discuss this part as well
	#root /sagacitysoft/webserver/public;

	add_header Strict-Transport-Security max-age=15768000;
	add_header X-XSS-Protection "1; mode=block";
	add_header X-Frame-Options sameorigin always;
#       add_header X-Content-Type-Options nosniff;
	add_header Content-Security-Policy "
		default-src 'self' 'unsafe-inline';
		script-src 'self' 'unsafe-inline' 'unsafe-eval';
		style-src 'self' 'unsafe-inline';
		font-src 'self' 'unsafe-inline';
		connect-src 'self' 'unsafe-inline';
		" always;

# We need to discuss this next line
# add_header Content-Security-Policy "default-src 'self' https://app.sagacitysoft.ca https://utility.sagacitysoft.ca; img-src * data: https://app.sagacitysoft.ca; script-src https://app.sagacitysoft.ca *.googleapis.com; style-src 'self' 'unsafe-inline' https://app.sagacitysoft.ca; style-src-elem 'self' 'unsafe-inline' https://app.sagacitysoft.ca https://fonts.googleapis.com https://use.fontawesome.com https://maxcdn.bootstrapcdn.com; font-src 'self' https://app.sagacitysoft.ca fonts.gstatic.com data: https://use.fontawesome.com https://maxcdn.bootstrapcdn.com; object-src https://app.sagacitysoft.ca data:; frame-src https://app.sagacitysoft.ca https://*.google.com data:;";
	add_header Referrer-Policy no-referrer;
	add_header Permissions-Policy "autoplay=()";


	error_page 502 /custom502.html;
	location /custom502.html {
		root /etc/nginx;
	}

# Add the proxy pass arguments here
	location / {
		proxy_pass http://127.0.0.1:3001/;
		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

		add_header Last-Modified $date_gmt;
		add_header Cache-Control 'no-store, no-cache';
		if_modified_since off;
		expires off;
		etag off;
	}
}
