Update README, add nginx conf, add missing iOS privacy setting, add production iOS scheme

server/nginx.conf

@@ -0,0 +1,37 @@
+server {
+  listen 443 ssl;
+  server_name dar-test.kss.us.com;
+  ssl_certificate /etc/letsencrypt/live/dar-test.kss.us.com/fullchain.pem;
+  ssl_certificate_key /etc/letsencrypt/live/dar-test.kss.us.com/privkey.pem;
+  ssl_session_cache shared:SSL:1m;
+  ssl_session_timeout 5m;
+  ssl_ciphers HIGH:!aNULL:!MD5;
+  ssl_prefer_server_ciphers on;
+
+  root /home/ubuntu/deighton-ar/website;
+
+  # Any route that starts with /api/ is for the backend
+  location /api/ {
+    error_page 502 503 $scheme://$server_name/500.json;
+
+    proxy_pass http://127.0.0.1:3006/;
+    proxy_buffering off;
+    proxy_redirect off; # The backend doesn't redirect
+    proxy_set_header Upgrade $http_upgrade;
+    proxy_set_header Connection "upgrade";
+    proxy_http_version 1.1;
+    proxy_set_header X-Forwarded-Host $host;
+    proxy_set_header X-Forwarded-Server $host;
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+  }
+
+  # Any route containing a file extension
+  location ~ ^.+\..+$ {
+      try_files $uri =404;
+  }
+
+  # Any route that doesn't have a file extension
+  location / {
+    try_files $uri $uri/ /index.html;
+  }
+}