server {
  listen 443 ssl;
  server_name dar-test.kss.us.com;
  ssl_certificate /etc/letsencrypt/live/dar-test.kss.us.com/fullchain.pem;
  ssl_certificate_key /etc/letsencrypt/live/dar-test.kss.us.com/privkey.pem;
  ssl_session_cache shared:SSL:1m;
  ssl_session_timeout 5m;
  ssl_ciphers HIGH:!aNULL:!MD5;
  ssl_prefer_server_ciphers on;

  root /home/ubuntu/deighton-ar/website;

  # Any route that starts with /api/ is for the backend
  location /api/ {
    error_page 502 503 504 $scheme://$server_name/500.json;

    proxy_pass http://127.0.0.1:3006/;
    proxy_buffering off;
    proxy_redirect off; # The backend doesn't redirect
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
    proxy_http_version 1.1;
    proxy_set_header X-Forwarded-Host $host;
    proxy_set_header X-Forwarded-Server $host;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  }

  # Any route containing a file extension
  location ~ ^.+\..+$ {
      try_files $uri =404;
  }

  # Any route that doesn't have a file extension
  location / {
    try_files $uri $uri/ /index.html;
  }
}