server {
    listen                  443 ssl http2;
    listen                  [::]:443 ssl http2;
    server_name             swagger.eax.app;
    root                    /srv/http/swagger.eax.app;

    # SSL
    ssl_certificate         /etc/letsencrypt/live/eax.app/fullchain.pem;
    ssl_certificate_key     /etc/letsencrypt/live/eax.app/privkey.pem;
    ssl_trusted_certificate /etc/letsencrypt/live/eax.app/chain.pem;

    # security
    include                 nginxconfig.io/security.conf;

    # restrict methods
    if ($request_method !~ ^(GET|HEAD|CONNECT|OPTIONS|TRACE)$) {
        return '405';
    }

    # logging
    access_log /var/log/nginx/swagger.eax.app.access.log;
    error_log  /var/log/nginx/swagger.eax.app.error.log warn;

    # index.html fallback
    location / {
        try_files $uri $uri/ /index.html;
    }

    # index.php fallback
    location /api/ {	
	proxy_pass http://10.10.12.10:5000/swagger/0.1-alpha1/swagger.json;
	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header Host $http_host;
        proxy_set_header Accept-Encoding "";
        proxy_redirect off;
    }

    sub_filter '"openapi": "3.0.1",' '"openapi": "3.0.1", "securityDefinitions":{"JWT":{"type":"apiKey","in":"header","name":"Authorization"}},"responses":{"UnauthorizedError":{"description":"Access token is missing or invalid"}},';
    sub_filter_types application/json;
    sub_filter_once off;

    # additional config
    include nginxconfig.io/general.conf;
}

# HTTP redirect
server {
    listen      80;
    listen      [::]:80;
    server_name eax.app;
    include     nginxconfig.io/letsencrypt.conf;

    location / {
        try_files $uri $uri/ /index.html;
    }
}