server {
  listen 80;
  listen [::]:80;
  server_name demo.taler.net
              bank.demo.taler.net
              shop.demo.taler.net
              donations.demo.taler.net
              survey.demo.taler.net
              auditor.demo.taler.net
              exchange.demo.taler.net;

  # 301-based ridirects allows the user agent to *change* the
  # method used in the second request.  This breaks all the API
  # using POST, as some user agents do the second request using
  # GET.  307 is meant to tell the user agent to not change the
  # method in the second request.
  if ($request_method = POST) { return 307 https://$host$request_uri; }
  return 301 https://$host$request_uri;

}


server {
  listen 443 ssl;
  listen [::]:443 ssl;
  server_name auditor.demo.taler.net;
  include conf.d/demo.redirects;
  include conf.d/talerssl;
  location / {
    rewrite ^/$ /en/ redirect;
    rewrite ^/(..)/$ /$1/index.html break;
    recursive_error_pages on;
    root /home/demo/auditor/demo;
  }
  include conf.d/favicon_robots;
}


server {
  listen 443 ssl;
  listen [::]:443 ssl;
  server_name demo.taler.net www.demo.taler.net;
  rewrite /javascript /javascript.html break;
  include conf.d/demo.redirects;
  include conf.d/talerssl;
  location / {
    rewrite ^/$ /en/ redirect;
    rewrite ^/(..)/$ /$1/index.html break;
    root /home/demo/landing/demo;
  }

  rewrite ^/block/track$ https://shop.demo.taler.net/backoffice redirect;

  include conf.d/favicon_robots;
}


server {
  listen 443 ssl;
  listen [::]:443 ssl;
  server_name exchange.demo.taler.net;
  root /dev/null;
  include conf.d/talerssl;

  location /admin {
    proxy_pass http://unix:/home/demo/sockets/exchange-admin.http;
    proxy_redirect off;
    proxy_set_header Host $host;
  }

  location / {
    proxy_pass http://unix:/home/demo/sockets/exchange.http:/;
    proxy_redirect off;
    proxy_set_header Host $host;
  }
}

server {
  listen 443 ssl;
  listen 80;
  listen [::]:443 ssl;
  listen [::]:80;
  server_name backend.demo.taler.net;
  include conf.d/test.redirects;
  include conf.d/talerssl;

  location / {
    proxy_pass http://unix:/home/demo/sockets/merchant.http:/;
    proxy_redirect off;
    proxy_set_header Host $host;
  }
}

server {
  listen 443 ssl;
  listen [::]:443 ssl;
  server_name shop.demo.taler.net;
  root /dev/null;
  include conf.d/demo.redirects;
  include conf.d/talerssl;

  location / {
    uwsgi_pass unix:/home/demo/sockets/shop.uwsgi;
    include /etc/nginx/uwsgi_params;
  }

  location /backend {
    rewrite /backend/(.*) /$1 break;
    proxy_pass http://unix:/home/demo/sockets/merchant.http:/;
    proxy_redirect off;
    proxy_set_header Host $host;
  }

  include conf.d/favicon_robots;
}


server {
  listen 443 ssl;
  listen [::]:443 ssl;
  server_name donations.demo.taler.net;
  include conf.d/demo.redirects;
  include conf.d/talerssl;

  location / {
    uwsgi_pass unix:/home/demo/sockets/donations.uwsgi;
    include /etc/nginx/uwsgi_params;
  }


  location /backend {
    rewrite /backend/(.*) /$1 break;
    proxy_pass http://unix:/home/demo/sockets/merchant.http:/;
    proxy_redirect off;
    proxy_set_header Host $host;
  }

  include conf.d/favicon_robots;
}

server {
  server_name survey.demo.taler.net;
  listen 443 ssl;
  listen [::]:443 ssl;
  include conf.d/test.redirects;
  include conf.d/talerssl;

  location / {
    uwsgi_pass unix:/home/demo/sockets/survey.uwsgi;
    include /etc/nginx/uwsgi_params;
  }
}

server {
  listen 443 ssl;
  listen [::]:443 ssl;
  server_name bank.demo.taler.net;
  include conf.d/demo.redirects;
  include conf.d/talerssl;

  location / {
    uwsgi_pass unix:/home/demo/sockets/bank.uwsgi;
    include /etc/nginx/uwsgi_params;
  }

  include conf.d/favicon_robots;
}