# -*-nginx-*-
server {
    server_name testrby.triton.fet.at;
    listen 80;
    listen 443 ssl;
    ssl_certificate /etc/letsencrypt/live/triton.fet.at/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/triton.fet.at/privkey.pem;

    location /.well-known {
        root /srv/welcome;
	allow all;
    }
    location / {
        return 302 https://www.testrby.trition.fet.at$request_uri;
    }
}

server {
    server_name www.testrby.triton.fet.at;
    listen 80;
    location /.well-known {
	allow all;
        root /srv/welcome;
    }
    location / {
        return 301 https://$host$request_uri;
    }
}

server {
    server_name www.testrby.triton.fet.at;
    listen 443 ssl;
    ssl_certificate /etc/letsencrypt/live/triton.fet.at/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/triton.fet.at/privkey.pem;
    auth_ldap "FET Login";
    auth_ldap_servers fet;

    location /.well-known {
        root /srv/welcome;
	allow all;
    }
    location / {
        proxy_pass http://mogok.local:3000;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
    }
    location /tc {
        rewrite ^/tc/(.*)$ /$1 break;
        proxy_pass http://triton-amp.local:8080;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
    }
    location /conf {
        rewrite ^/conf/(.*)$ /$1 break;
        proxy_pass http://mogok.local:8001;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
    }

}