diff --git a/nginx.conf.template b/nginx.conf.template index 37be380..dbc6c6e 100644 --- a/nginx.conf.template +++ b/nginx.conf.template @@ -28,7 +28,7 @@ http { resolver 127.0.0.11 valid=10s ipv6=off; upstream backend { - server ${API_HOST}:${API_PORT}; + server ${API_HOST}:8080; } server { @@ -56,22 +56,23 @@ http { access_log off; } - location ^~ /api/ { - # Proxy to Quarkus - proxy_pass http://backend; - proxy_http_version 1.1; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; + location /api/ { + proxy_pass http://backend:8080/; - # Relay CORS headers from the backend - proxy_pass_header Access-Control-Allow-Origin; - proxy_pass_header Access-Control-Allow-Methods; - proxy_pass_header Access-Control-Allow-Headers; - proxy_pass_header Access-Control-Allow-Credentials; + # Headers for both simple and preflight requests + add_header 'Access-Control-Allow-Origin' '$http_origin' always; + add_header 'Access-Control-Allow-Credentials' 'true' always; + add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS' always; + add_header 'Access-Control-Allow-Headers' 'Authorization,Content-Type' always; + add_header 'Access-Control-Expose-Headers' 'Authorization' always; + + # Handle OPTIONS directly + if ($request_method = 'OPTIONS') { + add_header 'Access-Control-Max-Age' 1728000; + add_header 'Content-Type' 'text/plain; charset=UTF-8'; + add_header 'Content-Length' 0; + return 204; + } } # Cache static assets