From 3d7415afef8614ddfc371b8495a809cc2924d9c8 Mon Sep 17 00:00:00 2001
From: liquidrinu <liquidrinu@gmail.com>
Date: Thu, 15 May 2025 15:43:55 +0200
Subject: [PATCH] config for production

---
 docker-compose.yml  |  6 +++---
 frontend/nginx.conf | 32 +++++++++++++++++++-------------
 nginx/nginx.conf    | 40 ++++++++++++----------------------------
 3 files changed, 34 insertions(+), 44 deletions(-)

diff --git a/docker-compose.yml b/docker-compose.yml
index 198945e..eb8cc56 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -76,12 +76,12 @@ services:
     container_name: fusero-nginx
     ports:
       - '14001:80'
-      - '14443:443'
+      - '14443:14443'
     volumes:
-      - ./nginx/nginx.conf.prod:/etc/nginx/conf.d/default.conf:ro
+      - ./nginx/nginx.conf:/etc/nginx/conf.d/default.conf:ro
       - ./nginx/certs:/etc/nginx/certs:ro
     depends_on:
-      - fusero-app-frontend
+      - fusero-app-frontend-dev
       - fusero-app-backend
     networks:
       - fusero-network
diff --git a/frontend/nginx.conf b/frontend/nginx.conf
index b54a604..6e501a6 100644
--- a/frontend/nginx.conf
+++ b/frontend/nginx.conf
@@ -1,19 +1,25 @@
 server {
-    listen 80;
+    listen 14443 ssl;
     server_name _;
 
-    root /usr/share/nginx/html;
-    index index.html;
+    ssl_certificate /etc/nginx/certs/fusero-selfsigned.crt;
+    ssl_certificate_key /etc/nginx/certs/fusero-selfsigned.key;
+
+    location ^~ /api/ {
+        proxy_pass http://fusero-app-backend:14000/;
+        proxy_http_version 1.1;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $remote_addr;
+        proxy_set_header X-Forwarded-Proto $scheme;
+    }
 
     location / {
-        try_files $uri $uri/ /index.html;
+        proxy_pass http://host.docker.internal:8080;
+        proxy_http_version 1.1;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $remote_addr;
+        proxy_set_header X-Forwarded-Proto $scheme;
     }
-
-    location /favicon/ {
-        alias /usr/share/nginx/html/dist/favicon/;
-        access_log off;
-        expires max;
-    }
-
-    # DO NOT proxy /api here — let the global Nginx handle it
-}
+}
\ No newline at end of file
diff --git a/nginx/nginx.conf b/nginx/nginx.conf
index a8a1cb3..bdbf823 100644
--- a/nginx/nginx.conf
+++ b/nginx/nginx.conf
@@ -1,38 +1,22 @@
-# Nginx SSL reverse proxy config
-
-# Redirect HTTP to HTTPS
 server {
     listen 80;
     server_name _;
-    return 301 https://$host$request_uri;
-}
 
-# HTTPS server
-server {
-    listen 443 ssl;
-    server_name _;
+    location ^~ /api/ {
+        proxy_pass http://fusero-app-backend:14000/;
+        proxy_http_version 1.1;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $remote_addr;
+        proxy_set_header X-Forwarded-Proto $scheme;
+    }
 
-    ssl_certificate /etc/nginx/certs/fusero-selfsigned.crt;
-    ssl_certificate_key /etc/nginx/certs/fusero-selfsigned.key;
-
-    ssl_protocols TLSv1.2 TLSv1.3;
-    ssl_ciphers HIGH:!aNULL:!MD5;
-
-    # Proxy frontend
     location / {
-        proxy_pass http://fusero-frontend:80;
+        proxy_pass http://host.docker.internal:8080;
+        proxy_http_version 1.1;
         proxy_set_header Host $host;
         proxy_set_header X-Real-IP $remote_addr;
-        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-For $remote_addr;
         proxy_set_header X-Forwarded-Proto $scheme;
     }
-
-    # Proxy API (backend)
-    location /api/ {
-        proxy_pass http://fusero-app-boilerplate:14000/api/;
-        proxy_set_header Host $host;
-        proxy_set_header X-Real-IP $remote_addr;
-        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-        proxy_set_header X-Forwarded-Proto $scheme;
-    }
-} 
\ No newline at end of file
+}