cfg/ngx/fw.op.fo.conf

# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# configuration of fw.op.fo / frode klevstul / oct 2025
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

# sc.op.fo ➔ fw.op.fo
server {
    listen 80;
    server_name sc.op.fo;
    return 301 https://fw.op.fo$request_uri;
}

server {
    listen 443 ssl;
    listen [::]:443 ssl;
    http2 on;

    ssl_certificate /etc/nginx/acme.sh/op.fo/fullchain.pem;
    ssl_certificate_key /etc/nginx/acme.sh/op.fo/key.pem;
    ssl_trusted_certificate /etc/nginx/acme.sh/op.fo/cert.pem;

    server_name sc.op.fo;
    return 301 https://fw.op.fo$request_uri;
}

# http to https
server {
    listen 80;
    server_name fw.op.fo;
    return 301 https://$host$request_uri;
}

# upstream configuration for postgrest (used as reversed proxy)
upstream postgrest {
    server localhost:3000;
}

# https
server {
    listen 443 ssl;
    listen [::]:443 ssl;
    http2 on;

    ssl_certificate /etc/nginx/acme.sh/op.fo/fullchain.pem;
    ssl_certificate_key /etc/nginx/acme.sh/op.fo/key.pem;
    ssl_trusted_certificate /etc/nginx/acme.sh/op.fo/cert.pem;

    add_header Strict-Transport-Security "max-age=63072000" always;

    root /var/www/fw.op.fo;
    index index.html;
    server_name fw.op.fo;

    location @myownredirect {
        return 302 /;
    }

    # postgrest reverse proxy
    location / {
        error_page 404 = @myownredirect;
    }

    # /dbg/shortcode | debug mode
    location ~ ^/dbg/(\w+) {
        default_type  application/json;
        proxy_hide_header Content-Location;
        add_header Content-Location  /rpc/$upstream_http_content_location;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_http_version 1.1;
        proxy_pass http://postgrest/rpc/fwd?p_shortcode=$1&p_dbg=true;
    }

    # /shortcode | normal mode
    location ~ ^/([A-Za-z0-9]+) {
        # https://stackoverflow.com/questions/53353572/proxy-pass-cannot-have-uri-part-in-location-given-by-regular-expression
        rewrite ^/([A-Za-z0-9]+) /rpc/fwd break;
        default_type  application/json;
        proxy_hide_header Content-Location;
        add_header Content-Location  /rpc/$upstream_http_content_location;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_http_version 1.1;
        proxy_method POST; # note, that if writing 'post' (lowercase) instead of 'POST' (uppercase), that will lead to the postgrest error "cannot use the post method on rpc"
#        set $query_string $args;
#        proxy_set_body $query_string;

#https://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_set_body

proxy_set_body '{"p_shortcode": "ph25", "p_dbg": "true"}';


        proxy_pass http://postgrest;
    }

    # normal mode: /shortcode
#    location ~ ^/\w+ {
#        #rewrite ^/your_endpoint(.*)$ /your_backend_endpoint?args=$args break;
#        #rewrite ^ /your_backend_endpoint?args=$args break;
#        default_type  application/json;
#        proxy_hide_header Content-Location;
#        add_header Content-Location  /rpc/$upstream_http_content_location;
#        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#        proxy_http_version 1.1;
#        proxy_method post;
##        proxy_pass http://postgrest/rpc/fwd?args=$args;
##        proxy_pass http://postgrest/rpc/fwd;
#        proxy_pass http://postgrest;
#        proxy_set_body $args;
#    }

}
+ fw.op.fo.conf 2025-10-29 03:01:59 -05:00			`# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -`
			`# configuration of fw.op.fo / frode klevstul / oct 2025`
			`# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -`

/ + sc.op.fo redirect to fw.op.fo 2025-10-29 03:38:11 -05:00			`# sc.op.fo ➔ fw.op.fo`
			`server {`
			`listen 80;`
			`server_name sc.op.fo;`
			`return 301 https://fw.op.fo$request_uri;`
			`}`

			`server {`
			`listen 443 ssl;`
			`listen [::]:443 ssl;`
			`http2 on;`

			`ssl_certificate /etc/nginx/acme.sh/op.fo/fullchain.pem;`
			`ssl_certificate_key /etc/nginx/acme.sh/op.fo/key.pem;`
			`ssl_trusted_certificate /etc/nginx/acme.sh/op.fo/cert.pem;`

u 2025-10-29 03:38:59 -05:00			`server_name sc.op.fo;`
/ + sc.op.fo redirect to fw.op.fo 2025-10-29 03:38:11 -05:00			`return 301 https://fw.op.fo$request_uri;`
			`}`

+ fw.op.fo.conf 2025-10-29 03:01:59 -05:00			`# http to https`
			`server {`
			`listen 80;`
			`server_name fw.op.fo;`
			`return 301 https://$host$request_uri;`
			`}`

/ postgrest reverse proxy 2025-10-29 03:14:54 -05:00			`# upstream configuration for postgrest (used as reversed proxy)`
			`upstream postgrest {`
w 2025-10-29 05:28:16 -05:00			`server localhost:3000;`
/ postgrest reverse proxy 2025-10-29 03:14:54 -05:00			`}`
+ postgrest info (wip) 2025-10-29 03:11:03 -05:00
config ok i believe 2025-10-29 03:40:05 -05:00			`# https`
+ fw.op.fo.conf 2025-10-29 03:01:59 -05:00			`server {`
			`listen 443 ssl;`
			`listen [::]:443 ssl;`
			`http2 on;`

			`ssl_certificate /etc/nginx/acme.sh/op.fo/fullchain.pem;`
			`ssl_certificate_key /etc/nginx/acme.sh/op.fo/key.pem;`
			`ssl_trusted_certificate /etc/nginx/acme.sh/op.fo/cert.pem;`

			`add_header Strict-Transport-Security "max-age=63072000" always;`

			`root /var/www/fw.op.fo;`
			`index index.html;`
			`server_name fw.op.fo;`

			`location @myownredirect {`
			`return 302 /;`
			`}`
+ postgrest info (wip) 2025-10-29 03:11:03 -05:00
			`# postgrest reverse proxy`
/ postgrest reverse proxy 2025-10-29 03:14:54 -05:00			`location / {`
/ postgrest wip 2025-10-29 03:28:06 -05:00			`error_page 404 = @myownredirect;`
+ postgrest info (wip) 2025-10-29 03:11:03 -05:00			`}`

w 2025-10-29 05:59:58 -05:00			`# /dbg/shortcode \| debug mode`
u 2025-10-29 04:36:17 -05:00			`location ~ ^/dbg/(\w+) {`
/ + debug url 2025-10-29 04:35:07 -05:00			`default_type application/json;`
			`proxy_hide_header Content-Location;`
			`add_header Content-Location /rpc/$upstream_http_content_location;`
			`proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;`
			`proxy_http_version 1.1;`
u 2025-10-29 04:36:17 -05:00			`proxy_pass http://postgrest/rpc/fwd?p_shortcode=$1&p_dbg=true;`
/ + debug url 2025-10-29 04:35:07 -05:00			`}`

w 2025-10-29 05:59:58 -05:00			`# /shortcode \| normal mode`
			`location ~ ^/([A-Za-z0-9]+) {`
			`# https://stackoverflow.com/questions/53353572/proxy-pass-cannot-have-uri-part-in-location-given-by-regular-expression`
			`rewrite ^/([A-Za-z0-9]+) /rpc/fwd break;`
			`default_type application/json;`
			`proxy_hide_header Content-Location;`
			`add_header Content-Location /rpc/$upstream_http_content_location;`
			`proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;`
			`proxy_http_version 1.1;`
			`proxy_method POST; # note, that if writing 'post' (lowercase) instead of 'POST' (uppercase), that will lead to the postgrest error "cannot use the post method on rpc"`
w 2025-10-29 06:05:08 -05:00			`# set $query_string $args;`
			`# proxy_set_body $query_string;`

			`#https://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_set_body`

w 2025-10-29 06:09:57 -05:00			`proxy_set_body '{"p_shortcode": "ph25", "p_dbg": "true"}';`
w 2025-10-29 06:05:08 -05:00

w 2025-10-29 05:59:58 -05:00			`proxy_pass http://postgrest;`
			`}`
w 2025-10-29 05:28:16 -05:00
/ wip 2025-10-29 05:01:17 -05:00			`# normal mode: /shortcode`
w 2025-10-29 05:34:02 -05:00			`# location ~ ^/\w+ {`
			`# #rewrite ^/your_endpoint(.*)$ /your_backend_endpoint?args=$args break;`
			`# #rewrite ^ /your_backend_endpoint?args=$args break;`
			`# default_type application/json;`
			`# proxy_hide_header Content-Location;`
			`# add_header Content-Location /rpc/$upstream_http_content_location;`
			`# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;`
			`# proxy_http_version 1.1;`
			`# proxy_method post;`
			`## proxy_pass http://postgrest/rpc/fwd?args=$args;`
			`## proxy_pass http://postgrest/rpc/fwd;`
			`# proxy_pass http://postgrest;`
			`# proxy_set_body $args;`
			`# }`
/ postgrest wip 2025-10-29 03:28:06 -05:00
+ fw.op.fo.conf 2025-10-29 03:01:59 -05:00			`}`