nginx.conf

user nginx;
worker_processes 1;

error_log /var/log/nginx/error.log;
pid /var/run/nginx.pid;

events {
    worker_connections 1024;
    use epoll;
}


http {
    upstream app_servers {
        server app1:8000;
    }

    server {
        listen 80;
        server_name api.leaderboard.agsolutions.dev;
        return 301 https://$host$request_uri;
    }

    server {
        listen 443 ssl;
        server_name api.leaderboard.agsolutions.dev;
        client_max_body_size 40m;
        ssl_certificate /etc/letsencrypt/live/api.leaderboard.agsolutions.dev/fullchain.pem;
        ssl_certificate_key /etc/letsencrypt/live/api.leaderboard.agsolutions.dev/privkey.pem;
        include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot

        location /make_pull_request {
            limit_except POST OPTIONS {
                deny all;

            }
            proxy_pass_header Server;
            proxy_set_header Host $http_host;
            proxy_redirect off;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Scheme $scheme;
            proxy_pass http://app_servers;

            if ($request_method = 'OPTIONS') {
                add_header 'Access-Control-Allow-Origin' '*';
                add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
                add_header 'Access-Control-Allow-Headers' 'Origin, X-Requested-With, Content-Type, Accept, Authorization';
                add_header 'Access-Control-Max-Age' 86400;
                add_header 'Content-Type' 'text/plain charset=UTF-8';
                add_header 'Content-Length' 0;
                return 204;
            }

            add_header 'Access-Control-Allow-Origin' $http_origin always;
            add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
            add_header 'Access-Control-Allow-Headers' 'Origin, X-Requested-With, Content-Type, Accept, Authorization';

        }
    }
}