frontend/.nginx/nginx.conf

worker_processes  auto;

error_log  /var/log/nginx/error.log notice;
pid        /tmp/nginx.pid;


events {
    worker_connections  1024;
}


http {

    server_tokens off;

    proxy_temp_path /tmp/proxy_temp;
    client_body_temp_path /tmp/client_temp;
    fastcgi_temp_path /tmp/fastcgi_temp;
    uwsgi_temp_path /tmp/uwsgi_temp;
    scgi_temp_path /tmp/scgi_temp;

    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    keepalive_timeout  65;

    #gzip  on;
	
	# Custom context starts: Added to resolve an issue
	server {
        listen 8080;
        root  /usr/share/nginx/html;
        include /etc/nginx/mime.types;

        location / {
            try_files $uri /index.html;
        }

        # Adding section from  /etc/nginx/conf.d/*.conf;
        # redirect server error pages to the static page /50x.html
        #
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   /usr/share/nginx/html;
        }
        # Adding section from  /etc/nginx/conf.d/*.conf;
		
        # Headers required by Web App Vulnerability Scan
        add_header X-Content-Type-Options nosniff;
        add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; preload';
        add_header X-XSS-Protection "1; mode=block";
        add_header Content-Security-Policy "default-src 'self'; connect-src https://*.gov.bc.ca; font-src *;img-src * data:; script-src * 'sha256-uS7/g9fhQwNZS1f/MqYqqKv8y9hCu36IfX9XZB5L7YY=' 'sha256-4m6wOIrq/wFDmi9Xh3mFM2mwI4ik9n3TMgHk6xDtLxk='; style-src * 'sha256-0UTAjn9qJ2+s9AJRZe0Ycl2l+R8GUq+2ZN5DSItWUzo' 'sha256-YU2XW0vVslSGNLLvr2p8c1rK8ZEmd7G+OK0USOToEGs=' 'sha256-ShuEs10HLgCAclz19DAh9OFR4QAZ48fjNAaJ34xfGSk=' 'sha256-fGxkcaQ6Z/i2bi5qKNuJwsclUB391Cn5S2lb5B51AIU=' 'sha256-4+0mt1YoMq+J1WxaN93MYonQ/Hh6YnEeREn78nw1K54=' 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=' 'sha256-MBVp6JYxbC/wICelYC6eULCRpgi9kGezXXSaq/TS2+I=' 'sha256-utjbDbVPbU5y3EebkVnX7axzZoghI+nz5IQPPznOdYQ=' 'sha256-AeReE7Ma/1yl7yFczYpMbCHhyrMims0SXYdn3Z2TAQI=' 'sha256-gKpQMMSZTSQsa1l8h8MnFRNmcuzw5kwdeF8CmuhOgXk=' 'sha256-4YPj4R1kppk6JCxy2dHYiheFZ84MlTcmgROd8BB8fLE=' ; ";
        add_header Referrer-Policy "strict-origin";
        add_header X-Frame-Options "SAMEORIGIN";
    }
	# Custom context ends
    #include /etc/nginx/conf.d/*.conf;
}