# -*-nginx-*-

server	{
    listen		80;
    server_name www.mail.fet.at mail.fet.at fet.htu.tuwien.ac.at;
    root	/srv/pxy/mail.fet.at;  
    location /.well-known {
	allow all;
    }
    location / {
        return 301 https://$host$request_uri;
    }
}

server {
    listen 443 ssl;
    server_name www.mail.fet.at mail.fet.at fet.htu.tuwien.ac.at;
#    server_name fet.at www.fet.at 128.131.95.208;
    ssl_certificate /etc/letsencrypt/live/www.mail.fet.at/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/www.mail.fet.at/privkey.pem;

#    ssl_certificate /etc/letsencrypt/live/fet.at/fullchain.pem;
#    ssl_certificate_key /etc/letsencrypt/live/fet.at/privkey.pem;

 #   auth_ldap "FET Login";
 #   auth_ldap_servers fet;
    root /srv/pxy/mail.fet.at;
    
#    root /srv/welcome;
    location / {
        proxy_bind $host:443;
        proxy_pass http://192.168.95.11:80;
#        proxy_redirect https://$host:8000/ https://$host:443/;
#        proxy_redirect https://mail.fet.at:8000/ https://mail.fet.at:443/;
#        proxy_redirect https://$host:8000/ https://$host:443/;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X_FORWARDED_SSL on;
        proxy_set_header HTTP_X_FORWARDED_SSL on;
        proxy_set_header X-Forwarded-For $remote_addr;
#        index index.html;
    }
    location /http {
        index index.html;
        rewrite_log on;
        #rewrite ^/http(.*) $1 break;
        alias /srv/www/mail/static;
    }
    location = / {
        return 302 https://mail.fet.at/mail/;
    }
    location /.well-known {
    	allow all;
    }

}