From 924f11412902061af13d88a01f98ebf3f9c4867f Mon Sep 17 00:00:00 2001
From: Tykayn <contact@cipherbliss.com>
Date: Wed, 21 Apr 2021 17:48:55 +0200
Subject: [PATCH] update example conf

---
 doc/nginx/base-framadate-api.conf | 36 ++++++-------------------------
 1 file changed, 7 insertions(+), 29 deletions(-)

diff --git a/doc/nginx/base-framadate-api.conf b/doc/nginx/base-framadate-api.conf
index aaf3cf1..c040f7c 100755
--- a/doc/nginx/base-framadate-api.conf
+++ b/doc/nginx/base-framadate-api.conf
@@ -1,9 +1,12 @@
+
 ############# start framadate server
 server {
     listen 443 ssl http2;
     listen [::]:443 ssl http2;
     server_name framadate-api.cipherbliss.com;
     root /home/www/tykayn/cipherbliss/framadate-api/public/;
+        try_files $uri /index.php$is_args$args;
+
     # Use Mozilla's guidelines for SSL/TLS settings
     # https://mozilla.github.io/server-side-tls/ssl-config-generator/
     # NOTE: some settings below might be redundant
@@ -14,34 +17,7 @@ server {
 
     location / {
      try_files $uri /index.php$is_args$args;
-     if ($request_method = 'OPTIONS') {
-        add_header 'Access-Control-Allow-Origin' '*';
-        add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, PUT, DELETE';
-        #
-        # Custom headers and headers various browsers *should* be OK with but aren't
-        #
-        add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range';
-        #
-        # Tell client that this pre-flight info is valid for 20 days
-        #
-        add_header 'Access-Control-Max-Age' 1728000;
-        add_header 'Content-Type' 'text/plain; charset=utf-8';
-        add_header 'Content-Length' 0;
-        return 204;
-     }
-     if ($request_method = 'POST') {
-        add_header 'Access-Control-Allow-Origin' '*';
-        add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
-        add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range';
-        add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range';
-     }
 
-       if ($request_method = 'GET') {
-            add_header 'Access-Control-Allow-Origin' '*';
-            add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
-            add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range';
-            add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range';
-         }
     }
     # optionally disable falling back to PHP script for the asset directories;
     # nginx will return a 404 error when files are not found instead of passing the
@@ -71,12 +47,14 @@ server {
         # for more information).
 
 
-       fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
-        fastcgi_param DOCUMENT_ROOT $realpath_root;
+       fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_param DOCUMENT_ROOT $document_root;
         # Prevents URIs that include the front controller. This will 404:
         # http://framadate-api.cipherbliss.com/index.php/some-path
         # Remove the internal directive to allow URIs like this
         internal;
+# tests: https://framadate-api.cipherbliss.com/index.php/api/v1/poll/
+# https://framadate-api.cipherbliss.com/api/v1/poll/   only this one should work without the internal directive
     }
 
     # return 404 for all other php files not matching the front controller