1 files changed, 23 insertions, 13 deletions

diff --git a/debian/etc/nginx/sites-available/taler-merchant b/debian/etc/nginx/sites-available/taler-merchant
index 82aaa306..8de78a88 100644
--- a/debian/etc/nginx/sites-available/taler-merchant
+++ b/debian/etc/nginx/sites-available/taler-merchant
@@ -1,19 +1,29 @@
-location ~ /taler-merchant/private/ {
-    if ($http_authorization !~ "(?i)ApiKey %SECURITYTOKEN%") {
-       return 401;
-    }
-    proxy_pass http://unix:/var/lib/taler-merchant/httpd/merchant.sock;
-    proxy_redirect off;
-    proxy_set_header Host $host;
-    proxy_set_header X-Forwarded-Host "example.com";
-    proxy_set_header X-Forwarded-Proto "https";
-}
+server {
+    # NOTE:
+    # - urgently consider configuring TLS instead
+    # - maybe keep a forwarder from HTTP to HTTPS
+    listen 80;
+
+    # NOTE:
+    # - Comment out this line if you have no IPv6
+    listen [::]:80;
+
+    # NOTE:
+    # - replace with your actual server name
+    server_name localhost;
 
-location /taler-merchant/ {
-         proxy_pass http://unix:/var/lib/taler-merchant/httpd/merchant.sock;
+    location / {
+         proxy_pass http://unix:/var/run/taler/merchant-httpd/merchant-http.sock;
          proxy_redirect off;
          proxy_set_header Host $host;
+
+         # NOTE:
+         # - put your actual DNS name here
          proxy_set_header X-Forwarded-Host "example.com";
-         proxy_set_header X-Forwarded-Proto "https";
+
+         # NOTE:
+         # - uncomment the following line if you are using HTTPS
+         # proxy_set_header X-Forwarded-Proto "https";
+    }
 
 }
\ No newline at end of file