nginx.conf

server {
	listen 80 default_server;

	# Gzip Settings
	gzip off;
	gzip_disable "msie6";
	gzip_min_length 1k;
    gzip_buffers 16 64k;
    gzip_http_version 1.1;
    gzip_comp_level 6;
    gzip_types *;
	root /app;

	# normal routes
	# serve given url and default to index.html if not found
	# e.g. /, /user and /foo/bar will return index.html
	location / {
		try_files $uri $uri/index.html /index.html;
		add_header Cache-Control "private,no-cache";
		add_header Last-Modified "Oct, 03 Jan 2022 13:46:41 GMT";
        expires 0;
	}

    # location /bfl/ {
    #     add_header 'Access-Control-Allow-Headers' 'x-api-nonce,x-api-ts,x-api-ver,x-api-source';
    #     proxy_pass http://bfl;
    #     proxy_set_header            Host $host;
    #     proxy_set_header            X-real-ip $remote_addr;
    #     proxy_set_header            X-Forwarded-For $proxy_add_x_forwarded_for;

    #     add_header X-Frame-Options SAMEORIGIN;
    # }
	
    location /api/logout {
        add_header 'Access-Control-Allow-Headers' 'x-api-nonce,x-api-ts,x-api-ver,x-api-source';
        proxy_pass http://authelia-svc;
        proxy_set_header            Host $host;
        proxy_set_header            X-real-ip $remote_addr;
        proxy_set_header            X-Forwarded-For $proxy_add_x_forwarded_for;

        add_header X-Frame-Options SAMEORIGIN;
    }

    location /api/device {
        add_header Access-Control-Allow-Headers "access-control-allow-headers,access-control-allow-methods,access-control-allow-origin,content-type,x-auth,x-unauth-error,x-authorization";
        add_header Access-Control-Allow-Methods "PUT, GET, DELETE, POST, OPTIONS";
	    add_header Access-Control-Allow-Origin $http_origin;
	    add_header Access-Control-Allow-Credentials true;

        proxy_pass http://settings-service;
        proxy_set_header            Host $host;
        proxy_set_header            X-real-ip $remote_addr;
        proxy_set_header            X-Forwarded-For $proxy_add_x_forwarded_for;

        add_header X-Frame-Options SAMEORIGIN;
    }

    location /api/refresh {
	    add_header Access-Control-Allow-Headers "access-control-allow-headers,access-control-allow-methods,access-control-allow-origin,content-type,x-auth,x-unauth-error,x-authorization";
        add_header Access-Control-Allow-Methods "PUT, GET, DELETE, POST, OPTIONS";
	    add_header Access-Control-Allow-Origin $http_origin;
	    add_header Access-Control-Allow-Credentials true;
	
        proxy_pass http://authelia-backend-svc:9091;
        proxy_set_header            Host $host;
        proxy_set_header            X-real-ip $remote_addr;
        proxy_set_header            X-Forwarded-For $proxy_add_x_forwarded_for;

        add_header X-Frame-Options SAMEORIGIN;
    }

    location /api {
        proxy_pass http://127.0.0.1:3010;
        # rewrite ^/server(.*)$ $1 break;

        # Add original-request-related headers
        proxy_set_header            Host $host;
        proxy_set_header            X-real-ip $remote_addr;
        proxy_set_header            X-Forwarded-For $proxy_add_x_forwarded_for;

    }

    location /server {
        if ($request_method = 'OPTIONS') {
            add_header Access-Control-Allow-Headers "access-control-allow-headers,access-control-allow-methods,access-control-allow-origin,content-type,x-auth,x-unauth-error,x-authorization";
            add_header Access-Control-Allow-Methods "PUT, GET, DELETE, POST, OPTIONS";
            add_header Access-Control-Allow-Origin $http_origin;
            add_header Access-Control-Allow-Credentials true;

            add_header 'Access-Control-Max-Age' 1728000;
            add_header 'Content-Type' 'text/plain; charset=utf-8';
            add_header 'Content-Length' 0;
            return 204;
        }

        add_header Access-Control-Allow-Headers "access-control-allow-headers,access-control-allow-methods,access-control-allow-origin,content-type,x-auth,x-unauth-error,x-authorization";
        add_header Access-Control-Allow-Methods "PUT, GET, DELETE, POST, OPTIONS";
        add_header Access-Control-Allow-Origin $http_origin;
        add_header Access-Control-Allow-Credentials true;

        proxy_pass http://127.0.0.1:3010;
        # rewrite ^/server(.*)$ $1 break;

        # Add original-request-related headers
        proxy_set_header            Host $host;
        proxy_set_header            X-real-ip $remote_addr;
        proxy_set_header            X-Forwarded-For $proxy_add_x_forwarded_for;

    }

    location /notification {
        proxy_pass http://127.0.0.1:3010;
        # rewrite ^/server(.*)$ $1 break;

        # Add original-request-related headers
        proxy_set_header            Host $host;
        proxy_set_header            X-real-ip $remote_addr;
        proxy_set_header            X-Forwarded-For $proxy_add_x_forwarded_for;

    }

    location /video {
        proxy_pass http://127.0.0.1:3010;
        # rewrite ^/server(.*)$ $1 break;

        # Add original-request-related headers
        proxy_set_header            Host $host;
        proxy_set_header            X-real-ip $remote_addr;
        proxy_set_header            X-Forwarded-For $proxy_add_x_forwarded_for;

    }

    location /seahub/ {
        proxy_pass http://seafile/;
        # rewrite ^/server(.*)$ $1 break;

        # Add original-request-related headers
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Host $host;

        add_header Accept-Ranges bytes;

        client_body_timeout 60s;
        client_max_body_size 2000M;
        proxy_request_buffering off;
        keepalive_timeout 75s;
        proxy_read_timeout 60s;
        proxy_send_timeout 60s;
    }

	# Websocket
	# location /ws {
	# 	proxy_http_version 1.1;
	# 	proxy_set_header Upgrade $http_upgrade;
	# 	proxy_set_header Connection 'upgrade';
	# 	proxy_set_header Host $host;
	# 	proxy_cache_bypass $http_upgrade;
	# 	proxy_pass http://localhost:3100;
	# }

	# # files
	# # for all routes matching a dot, check for files and return 404 if not found
	# # e.g. /file.js returns a 404 if not found
	location ~.*\.(js|css|png|jpg|svg|woff|woff2)$
    {
      	add_header Cache-Control "public, max-age=2678400";
    }
}