server {
    listen 443 ssl   ;
    listen [::]:443 ssl    ;
    include /etc/nginx/conf.d/ssl_settings/ssl-x-uavcmlc.conf;
    include /etc/nginx/conf.d/ssl_settings/error-template.conf;
    server_name uavcmlc.com;
    rewrite ^(.*)$ https://www.uavcmlc.com:443$1 permanent;
    error_page 497 301 https://www.uavcmlc.com:443$1;
}
upstream  k8s_cluster {
    ip_hash;
    server 192.168.148.130:30500;
    server 192.168.148.160:30500;
    server 192.168.148.161:30500;
    server 192.168.148.162:30500;
}
server {
    listen 443 ssl    backlog=1024;
    listen [::]:443 ssl    backlog=1024;
    include /etc/nginx/conf.d/ssl_settings/ssl-x-uavcmlc.conf;
    include /etc/nginx/conf.d/ssl_settings/error-template.conf;
    server_name www.uavcmlc.com s.uavcmlc.com;
    location / {
        proxy_pass http://k8s_cluster/;
        client_max_body_size 5120m;
        client_body_buffer_size 5120m;
        client_body_timeout 6000s;
        proxy_send_timeout 10000s;
        proxy_read_timeout 10000s;
        proxy_connect_timeout 600s;
        proxy_max_temp_file_size 5120m;
        proxy_request_buffering on;
        proxy_buffering off;
        proxy_buffer_size 4k;
        proxy_buffers 4 12k;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    }

    location ~ ^/.*/(actuator|swagger-resources|api-docs|env|ping|health)(/|$) {
        return 403;
    }
    error_page 404 /404.html;

}

server {
    listen 443 ssl    ;
    listen [::]:443 ssl    ;
    include /etc/nginx/conf.d/ssl_settings/ssl-x-uavcmlc.conf;
    include /etc/nginx/conf.d/ssl_settings/error-template.conf;

    #add_header Access-Control-Allow-Origin *;
    add_header Access-Control-Allow-Methods 'GET, POST, OPTIONS';
    add_header Access-Control-Allow-Headers 'DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization';

    server_name live.uavcmlc.com;
    proxy_ignore_client_abort on;

    location / {
        proxy_pass http://192.168.148.130:30080/;
    }
    location /api/ {
        allow 112.19.8.120/29;
        allow 183.220.149.16/28;
        deny  all;
        proxy_pass http://192.168.148.130:30985/api/;
    }
    location /console/ {
        return 403;
    }
    location /rtc/v1/ {
        proxy_pass http://192.168.148.130:30985/rtc/v1/;
    }
    location /api/hubs/live/ {
        proxy_set_header Host "live-op.uavcmlc.com";
        proxy_pass http://k8s_cluster/api/hubs/live/;
    }

    error_page 404 /404.html;
}
server {
    listen 443 ssl    ;
    listen [::]:443 ssl    ;
    include /etc/nginx/conf.d/ssl_settings/ssl-x-uavcmlc.conf;
    server_name slive.uavcmlc.com;

    add_header Access-Control-Allow-Methods 'GET, POST, OPTIONS';
    add_header Access-Control-Allow-Headers 'DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization';

    #proxy_ignore_client_abort on;

    location / {
        proxy_pass http://k8s_cluster/;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        #proxy_pass http://192.168.148.130:38080/;
    }
}