server {
    listen 443 ssl;
    # kelder.zeus.ugent.be irc.zeus.ugent.be zeusgw.ugent.be endymion.ugent.be
    # all point to here
    server_name kelder.zeus.ugent.be zeusgw.ugent.be;

    #############
    # LOCATIONS #
    #############

    rewrite ^/$ https://zeus.ugent.be/ permanent;

    # This uses https://github.com/vvidic/mjpeg-proxy to proxy MJPG cameras so only one stream
    # per camera is opened
    location ~ ^/camera/(.*)$ {
        proxy_pass http://mjpeg-proxy.:8080/$1$is_args$args;
    }

    location /webcam/cgi/ptdc.cgi {
        add_header 'Access-Control-Allow-Origin' '*';
        try_files /tmp/freeze_camera @cammie_movement;
    }

    location @cammie_movement {
         # Cammie movement commands
         proxy_pass http://10.0.0.7/cgi/ptdc.cgi$is_args$args;
         expires off;
    }

    # Slotmachien
    location /lockbot {
        proxy_pass http://10.0.1.5/;
    }

	location /fingerprint {
		proxy_pass http://10.0.1.15/;
	}

    location /messages {
        proxy_pass http://10.0.0.9:3000/messages;
        proxy_set_header    X-Real-IP  $remote_addr;
        add_header 'Access-Control-Allow-Origin' '*';
        add_header 'Access-Control-Allow-Headers' 'X-Username';
    }

    location /loxsi/ {
	rewrite /loxsi/(.*) /$1  break;
	proxy_set_header    X-Real-IP  $remote_addr;
    	proxy_set_header    X-Forwarded-For $proxy_add_x_forwarded_for;
    	proxy_set_header    Host $http_host;
    	proxy_redirect      off;
	proxy_http_version 1.1;
	proxy_set_header Upgrade $http_upgrade;
	proxy_set_header Connection "Upgrade";
	proxy_pass http://10.0.20.20:8000/;
    }


    location /kelderapi/ {
        proxy_pass http://10.0.0.9:5000/kelderapi/;
    }

    location /socket.io/ {
        proxy_redirect off;
        proxy_pass_request_headers on;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header Host $http_host;
        proxy_set_header X-Forwarded-Host $host;
        proxy_set_header X-Forwarded-Server $host;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_http_version 1.1;
        proxy_set_header Host $host;
        proxy_pass http://10.0.0.9:3000/socket.io/;
    }

}

server {
    listen 80;
    listen [::]:80;

    server_name kelder.zeus.ugent.be zeusgw.ugent.be;

    location /.well-known/acme-challenge/ {
	root /var/www/certbot;
    }
	
    location / {
    	return 301 https://$host$request_uri;
    }
}