From eeab7a9521bf63c1030a95ad099e08f7094a2b5e Mon Sep 17 00:00:00 2001
From: MoonTestUse1 <crocoman7887@gmail.com>
Date: Wed, 25 Dec 2024 04:38:28 +0600
Subject: [PATCH] Merge remote changes and resolve conflicts

---
 docker/nginx/conf.d/default.conf | 61 +++++++++++++++++++++++---------
 docker/nginx/nginx.conf          |  1 -
 2 files changed, 44 insertions(+), 18 deletions(-)

diff --git a/docker/nginx/conf.d/default.conf b/docker/nginx/conf.d/default.conf
index 2dc3089..d840445 100644
--- a/docker/nginx/conf.d/default.conf
+++ b/docker/nginx/conf.d/default.conf
@@ -1,25 +1,52 @@
-user nginx;
-worker_processes auto;
+server {
+    listen 80;
+    listen [::]:80;
+    server_name itformhelp.ru www.itformhelp.ru;
+    
+    location ~ /.well-known/acme-challenge {
+        allow all;
+        root /var/www/html;
+    }
 
-error_log /var/log/nginx/error.log notice;
-pid /var/run/nginx.pid;
-
-events {
-    worker_connections 1024;
+    location / {
+        return 301 https://$host$request_uri;
+    }
 }
 
-http {
-    include /etc/nginx/mime.types;
-    default_type application/octet-stream;
+server {
+    listen 443 ssl http2;
+    listen [::]:443 ssl http2;
+    server_name itformhelp.ru www.itformhelp.ru;
+    
+    ssl_certificate /etc/letsencrypt/live/itformhelp.ru/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/itformhelp.ru/privkey.pem;
+    
+    ssl_session_timeout 1d;
+    ssl_session_cache shared:SSL:50m;
+    ssl_session_tickets off;
 
-    log_format main '$remote_addr - $remote_user [$time_local] "$request" '
-                   '$status $body_bytes_sent "$http_referer" '
-                   '"$http_user_agent" "$http_x_forwarded_for"';
+    ssl_protocols TLSv1.2 TLSv1.3;
+    ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
+    ssl_prefer_server_ciphers off;
 
-    access_log /var/log/nginx/access.log main;
+    root /usr/share/nginx/html;
+    index index.html;
 
-    sendfile on;
-    keepalive_timeout 65;
+    location / {
+        try_files $uri $uri/ /index.html;
+        expires -1;
+        add_header Cache-Control "no-store, no-cache, must-revalidate";
+    }
 
-    include /etc/nginx/conf.d/*.conf;
+    location /api/ {
+        proxy_pass http://backend:8000/api/;
+        proxy_http_version 1.1;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+        proxy_connect_timeout 60s;
+        proxy_send_timeout 60s;
+        proxy_read_timeout 60s;
+    }
 }
diff --git a/docker/nginx/nginx.conf b/docker/nginx/nginx.conf
index 4b402e4..b62804f 100644
--- a/docker/nginx/nginx.conf
+++ b/docker/nginx/nginx.conf
@@ -16,7 +16,6 @@ http {
                    '"$http_user_agent" "$http_x_forwarded_for"';
 
     access_log /var/log/nginx/access.log main;
-
     sendfile on;
     keepalive_timeout 65;