example-nginx.conf

server {

  listen 80;
  set $url = "giv2giv.org";
  set $wwwurl = "${url}.giv2giv.org"
  server_name $url "www.${url}";
  return 301 "https://${url}${request_uri}";
  passenger_enabled off;
  limit_req zone=one burst=5;
}

server {

        set $url = "www.giv2giv.org";
        set $path = "/home/giv2giv/giv2giv.org";

        listen       443 default ssl;
        server_name  $url;
        passenger_enabled off;

        root $path;

        index index.html index.php index.htm;

        ssl                  on;
        ssl_certificate      /opt/nginx/ssl/www.giv2giv.org.bundle.crt;
        ssl_certificate_key  /opt/nginx/ssl/giv2giv.org.key;
        ssl_session_timeout  5m;
        #ssl_protocols  SSLv2 SSLv3 TLSv1;
        ssl_protocols  TLSv1 TLSv1.1 TLSv1.2;  # don’t use SSLv3 ref: POODLE
        ssl_ciphers  HIGH:!aNULL:!MD5;
        ssl_prefer_server_ciphers   on;

        limit_req zone=one burst=5;

        access_log  "${path}/nginx_logs/${url}-access.log";
        error_log   "${path}/nginx_logs/${url}-error.log";

        location / {
          try_files /app.html =404;
        }

        location /ui {
          try_files /$uri =404;
        }

        location /js {
          try_files /$uri =404;
        }

        location /css {
          try_files /$uri =404;
        }

        location /fonts {
          try_files /$uri =404;
        }

        location /images {
          try_files /$uri =404;
        }

        location /widget {
        
          if ($request_method = 'OPTIONS') {
           add_header 'Access-Control-Allow-Origin' '*';
           #
           # Om nom nom cookies
           #
           add_header 'Access-Control-Allow-Credentials' 'true';
           add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
           #
           # Custom headers and headers various browsers *should* be OK with but aren't
           #
           add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
           #
           # Tell client that this pre-flight info is valid for 20 days
           #
           add_header 'Access-Control-Max-Age' 1728000;
           add_header 'Content-Type' 'text/plain charset=UTF-8';
           add_header 'Content-Length' 0;
           return 204;
          }
          if ($request_method = 'POST') {
            add_header 'Access-Control-Allow-Origin' '*'; 
            add_header 'Access-Control-Allow-Credentials' 'true';
            add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
            add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
          }
         if ($request_method = 'GET') {
            add_header 'Access-Control-Allow-Origin' '*'; 
            add_header 'Access-Control-Allow-Credentials' 'true';
            add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
            add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
          }
  
          add_header Access-Control-Allow-Origin *;
          try_files /$uri =404;
          access_log  "${path}/nginx_logs/${url}-widget-access.log";
          error_log   "${path}/nginx_logs/${url}-widget-error.log";
        }

}