# This snippet is only here to redirect traffic to another domain on port 80,
# which is also forwarded for port 443 based on the SNI (which is handled
# differently because of the whole SNI story) 

# We don't explicitly redirect to HTTPS by default and let the forwarded server
# handle the redirection (or not depending on what's configured on the other
# server)

server {
    listen 80;
    listen [::]:80;
    server_name {{ sni_forward_domain }};

    location / {
        proxy_pass http://{{ sni_forward_ip }};

        proxy_set_header Host $host;
        proxy_set_header X-Original-URL $scheme://$http_host$request_uri;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Forwarded-Host $http_host;
        proxy_set_header X-Forwarded-Uri $request_uri;
        proxy_set_header X-Forwarded-Ssl on;
        proxy_set_header X-Forwarded-For $remote_addr;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header Connection "";

        real_ip_header X-Forwarded-For;
        real_ip_recursive on;

        send_timeout 5m;
        proxy_read_timeout 360;
        proxy_send_timeout 360;
        proxy_connect_timeout 360;
    }

    access_log /var/log/nginx/{{ sni_forward_domain }}-access.log;
    error_log /var/log/nginx/{{ sni_forward_domain }}-error.log;
}