From c26bd47965db65d00bb10441a3a2236a178f766b Mon Sep 17 00:00:00 2001
From: MoonTestUse1 <crocoman7887@gmail.com>
Date: Wed, 25 Dec 2024 03:20:55 +0600
Subject: [PATCH] Merge remote changes and resolve conflicts

---
 docker-compose.yml               |  4 ++-
 docker/nginx/conf.d/default.conf | 55 ++++++++++++--------------------
 2 files changed, 24 insertions(+), 35 deletions(-)

diff --git a/docker-compose.yml b/docker-compose.yml
index 11d0646..8857e85 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -39,7 +39,9 @@ services:
       - certbot-etc:/etc/letsencrypt
       - certbot-var:/var/lib/letsencrypt
       - webroot:/var/www/html
-    command: certonly --webroot --webroot-path=/var/www/html --email admin@itformhelp.ru --agree-tos --no-eff-email --staging -d itformhelp.ru -d www.itformhelp.ru
+    depends_on:
+      - frontend
+    command: certonly --webroot --webroot-path=/var/www/html --email admin@itformhelp.ru --agree-tos --no-eff-email -d itformhelp.ru -d www.itformhelp.ru
 
 volumes:
   sqlite_data:
diff --git a/docker/nginx/conf.d/default.conf b/docker/nginx/conf.d/default.conf
index 440121f..295bf65 100644
--- a/docker/nginx/conf.d/default.conf
+++ b/docker/nginx/conf.d/default.conf
@@ -1,44 +1,31 @@
-# HTTP server for ACME challenge
 server {
     listen 80;
     listen [::]:80;
     server_name itformhelp.ru www.itformhelp.ru;
-
-    # Allow only ACME challenge and redirect everything else to HTTPS
-    location ^~ /.well-known/acme-challenge/ {
-        default_type "text/plain";
+    
+    # Для Let's Encrypt
+    location /.well-known/acme-challenge/ {
+        allow all;
         root /var/www/html;
     }
 
     location / {
-        return 301 https://$server_name$request_uri;
+        root /usr/share/nginx/html;
+        index index.html;
+        try_files $uri $uri/ /index.html;
+        expires -1;
+        add_header Cache-Control "no-store, no-cache, must-revalidate";
+    }
+    
+    location /api/ {
+        proxy_pass http://backend:8000/api/;
+        proxy_http_version 1.1;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+        proxy_connect_timeout 60s;
+        proxy_send_timeout 60s;
+        proxy_read_timeout 60s;
     }
 }
-
-HTTPS server (commented out until we have certificates)
-server {
-   listen 443 ssl http2;
-   listen [::]:443 ssl http2;
-   server_name itformhelp.ru www.itformhelp.ru;
-   
-   ssl_certificate /etc/letsencrypt/live/itformhelp.ru/fullchain.pem;
-   ssl_certificate_key /etc/letsencrypt/live/itformhelp.ru/privkey.pem;
-   
-   root /usr/share/nginx/html;
-   index index.html;
-
-   location / {
-       try_files $uri $uri/ /index.html;
-       expires -1;
-       add_header Cache-Control "no-store, no-cache, must-revalidate";
-   }
-
-   location /api/ {
-       proxy_pass http://backend:8000/api/;
-       proxy_http_version 1.1;
-       proxy_set_header Host $host;
-       proxy_set_header X-Real-IP $remote_addr;
-       proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-       proxy_set_header X-Forwarded-Proto $scheme;
-   }
-}