HEX
Server: Apache/2.4.52 (Ubuntu)
System: Linux spn-python 5.15.0-89-generic #99-Ubuntu SMP Mon Oct 30 20:42:41 UTC 2023 x86_64
User: arjun (1000)
PHP: 8.1.2-1ubuntu2.20
Disabled: NONE
$ pwd: /home/arjun/projects/buyercall_forms/buyercall/nginx/configs/
Upload Files
File: //home/arjun/projects/buyercall_forms/buyercall/nginx/configs/default_dev.conf
upstream website {
  # The Flask application.
  server 127.0.0.1:8000;
}

upstream flower {
        server 127.0.0.1:8081;
}

#server {
#  listen 80;
#  server_name www.buyercall.com;
#
#  return 301 https://buyercall.com$request_uri;
#}

server {
  listen 80;
  #server_name dev.buyercall.com stage.buyercall.com buyercall.com www.buyercall.com intellacar.buyercall.com teamvelocity.buyercall.com level5advertising.buyercall.com payheremarketing.buyercall.com;
  server_name _;
  
  # Static asset path, which is read from the catwatch's VOLUME. In this
  # case the example application has no assets, but this is how you would
  # configure assets to be served through nginx.
  root /buyercall/build/public;

  # Ensure timeouts are equal across browsers and raise the max content-length size.
  keepalive_timeout 60;
  client_max_body_size 5m;

  # Disallow access to hidden files and directories.
  location ~ /\. {
    return 404;
    access_log off;
    log_not_found off;
  }

  location / {
  # Allow optionally writing an index.html file to take precedence over the upstream.
  try_files $uri $uri/index.html $uri.html @website;
  }
  
  location = /robots.txt {
       add_header Content-Type text/plain;
       return 200 "User-agent: *\nDisallow: /\n";
  }
  
  # Common asset types that we want to cache for the maximum amount of time.
  location ~ /\.(bmp|class|css|csv|doc|docx|ejs|eot|eps|gif|ico|jar|jpeg|jpg|js|mid|midi|otf|pdf|pict|pls|png|ppt|pptx|ps|svg|svgz|swf|tif|tiff|ttf|webp|woff|xls|xlsx) {
    expires max;
    add_header Cache-Control public;
    add_header Last-Modified "";
    add_header ETag "";
  }

  # Attempt to load the favicon or fall back to status code 204.
  location = /favicon.ico {
    try_files /favicon.ico = 204;
    access_log off;
    log_not_found off;
  }
  # Allow more cross-origin access to app routes
  location ~ /api/outbound/ {
    proxy_hide_header 'Access-Control-Allow-Origin';
    add_header 'Access-Control-Allow-Origin' '*';

    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_set_header Host $http_host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_redirect off;
    proxy_pass http://website;
  }
  # Allow access to form_leads
  location = /form_leads {
    proxy_hide_header 'Access-Control-Allow-Origin';
    add_header 'Access-Control-Allow-Origin' '*';

    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_set_header Host $http_host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_redirect off;
    proxy_pass http://website;
}  

  # Allow cross-origin access for widget
  location ~ call_widget_external.js {
    add_header "Access-Control-Allow-Origin" "*";
  }
  # Allow access for the call widget to work on all sites
  location /api {
    proxy_hide_header 'Access-Control-Allow-Origin';
    add_header 'Access-Control-Allow-Origin' '*';
    add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, PUT, DELETE';
    add_header 'Access-Control-Allow-Headers' 'Authorize, Content-Type';

    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_set_header Host $http_host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_redirect off;
    proxy_pass http://website;
  }

  # Load the Flask app back end with proper headers.
  location @website {
    if ($http_origin ~* "^https?://intellacar\.buyercall\.com$") {
        add_header Access-Control-Allow-Origin $http_origin;
    }
    if ($http_origin ~* "^https?://teamvelocity\.buyercall\.com$") {
        add_header Access-Control-Allow-Origin $http_origin;
    }
    if ($http_origin ~* "^https?://level5advertising\.buyercall\.com$") {
        add_header Access-Control-Allow-Origin $http_origin;
    }
    if ($http_origin ~* "^https?://payheremarketing\.buyercall\.com$") {
        add_header Access-Control-Allow-Origin $http_origin;
    }
    if ($http_origin ~* "^https?://rvsolarusa\.com$") {
        add_header Access-Control-Allow-Origin $http_origin;
    }
    if ($http_origin ~* "^https?://teamv\.buyercall\.com$") {
        add_header Access-Control-Allow-Origin $http_origin;
    }
    if ($http_origin ~* "^https?://leads\.golfcartly\.com$") {
        add_header Access-Control-Allow-Origin $http_origin;
    }
    if ($http_origin ~* "null") {
        add_header Access-Control-Allow-Origin $http_origin;
    }
    add_header 'Access-Control-Allow-Credentials' 'true';
    add_header 'Access-Control-Allow-Headers' 'Content-Type,Accept';
    add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, PUT, DELETE';

    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_set_header Host $http_host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_redirect off;
    proxy_pass http://website;
    proxy_hide_header 'Access-Control-Allow-Origin';
  }

location ~ ^/flower/? {
                sub_filter_last_modified on;
                sub_filter_once off;

                rewrite ^/flower/(.*)$ /$1 break;
                proxy_pass http://flower;
                proxy_redirect off;
                proxy_http_version 1.1;
                proxy_set_header Host $host;
                proxy_set_header Connection "upgrade";
                proxy_set_header Upgrade $http_upgrade;
                proxy_set_header X-Real-IP $remote_addr;

                auth_basic "Restricted";
                auth_basic_user_file /etc/nginx/.htpasswd;
        }
  
}
@ Telegram