# Custom nginx configuration for OpenCCB Learning
# Keep the learning frontend on port 3003 and expose LMS API via same-origin /lms-api.

location /lms-api/ {
    rewrite ^/lms-api/(.*)$ /$1 break;
    proxy_pass http://openccb-experience:3002;
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto;
    proxy_set_header Connection "";
    proxy_http_version 1.1;
}

location /cms-api/ {
    # CORS safety net at proxy level for CMS API.
    set $cors_origin "";
    if ($http_origin ~* "^https?://([a-z0-9-]+\\.)?norteamericano\\.(com|cl)$") {
        set $cors_origin $http_origin;
    }
    if ($http_origin ~* "^http://localhost(:[0-9]+)?$") {
        set $cors_origin $http_origin;
    }

    if ($request_method = OPTIONS) {
        add_header Access-Control-Allow-Origin $cors_origin always;
        add_header Vary "Origin, Access-Control-Request-Method, Access-Control-Request-Headers" always;
        add_header Access-Control-Allow-Methods "GET,POST,PUT,DELETE,OPTIONS,PATCH,HEAD" always;
        add_header Access-Control-Allow-Headers "content-type,authorization,x-requested-with,x-organization-id,range" always;
        add_header Access-Control-Max-Age 86400 always;
        add_header Content-Length 0 always;
        add_header Content-Type "text/plain; charset=utf-8" always;
        return 204;
    }

    add_header Access-Control-Allow-Origin $cors_origin always;
    add_header Vary "Origin" always;

    rewrite ^/cms-api/(.*)$ /$1 break;
    proxy_pass http://openccb-studio:3001;
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto;
    proxy_set_header Connection "";
    proxy_http_version 1.1;
    proxy_connect_timeout 60s;
    proxy_send_timeout 600s;
    proxy_read_timeout 600s;
    send_timeout 600s;
}