# valet stub: secure.proxy.valet.conf

server {
    listen 127.0.0.1:80;
    #listen 127.0.0.1:80; # valet loopback
    server_name my-proxy.test www.my-proxy.test *.my-proxy.test;
    return 301 https://$host$request_uri;
}

server {
    listen 127.0.0.1:443 ssl http2;
    #listen 127.0.0.1:443 ssl http2; # valet loopback
    server_name my-proxy.test www.my-proxy.test *.my-proxy.test;
    root /;
    charset utf-8;
    client_max_body_size 128M;
    http2_push_preload on;

    location /41c270e4-5535-4daa-b23e-c269744c2f45/ {
        internal;
        alias /;
        try_files $uri $uri/;
    }

    ssl_certificate "/Users/nicoverbruggen/.config/valet/Certificates/my-proxy.test.crt";
    ssl_certificate_key "/Users/nicoverbruggen/.config/valet/Certificates/my-proxy.test.key";

    access_log off;
    error_log "/Users/nicoverbruggen/.config/valet/Log/my-proxy.test-error.log";

    error_page 404 "/Users/nicoverbruggen/.composer/vendor/laravel/valet/server.php";

    location / {
        proxy_pass http://127.0.0.1:90;
        proxy_set_header   Host              $host;
        proxy_set_header   X-Real-IP         $remote_addr;
        proxy_set_header   X-Forwarded-For   $proxy_add_x_forwarded_for;
        proxy_set_header   X-Forwarded-Proto $scheme;
        proxy_set_header   X-Client-Verify   SUCCESS;
        proxy_set_header   X-Client-DN       $ssl_client_s_dn;
        proxy_set_header   X-SSL-Subject     $ssl_client_s_dn;
        proxy_set_header   X-SSL-Issuer      $ssl_client_i_dn;
        proxy_set_header   X-NginX-Proxy true;
        proxy_set_header   Upgrade $http_upgrade;
        proxy_set_header   Connection "upgrade";
        proxy_http_version 1.1;
        proxy_read_timeout 1800;
        proxy_connect_timeout 1800;
        chunked_transfer_encoding on;
        proxy_redirect off;
        proxy_buffering off;
    }

    location ~ /\.ht {
        deny all;
    }
}