# mysite_nginx.conf

# the upstream component nginx needs to connect to
upstream privatebin-docker {
    server 127.0.0.1:9988;
}

# configuration of the server
server {
    # the port your site will be served on
    # the domain name it will serve for
    server_name privatebin.example.com
    charset     utf-8;

    # max upload size
    client_max_body_size 0;   # adjust to taste

    # Finally, send all non-media requests to the Privatebin server.
    # if you use cloudflare, please read this https://github.com/PrivateBin/PrivateBin/wiki/FAQ#user-content-how-to-make-privatebin-work-when-using-cloudflare-for-ddos-protection
    location / {
        proxy_pass http://privatebin-docker;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header Host $host;
        proxy_redirect off;
        client_max_body_size 0;   # adjust to taste
        add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
    }

    #add_header Permissions-Policy "geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()";
    add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;