# ConfiguraciĆ³n NGINX para api.amayo.dev (Backend Node.js) # UbicaciĆ³n: /etc/nginx/sites-available/api.amayo.dev server { listen 80; listen [::]:80; server_name api.amayo.dev; # Redirigir HTTP a HTTPS return 301 https://$server_name$request_uri; } server { listen 443 ssl; listen [::]:443 ssl; http2 on; server_name api.amayo.dev; # Certificados SSL (generados con certbot) ssl_certificate /etc/letsencrypt/live/api.amayo.dev/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/api.amayo.dev/privkey.pem; include /etc/letsencrypt/options-ssl-nginx.conf; ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # Logs access_log /var/log/nginx/api.amayo.dev.access.log; error_log /var/log/nginx/api.amayo.dev.error.log; # Proxy al servidor Node.js en puerto 3000 (el bot ejecuta server.ts) location / { # Manejar preflight OPTIONS if ($request_method = 'OPTIONS') { return 204; } proxy_pass http://127.0.0.1:3000; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection 'upgrade'; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_cache_bypass $http_upgrade; # Timeouts proxy_connect_timeout 60s; proxy_send_timeout 60s; proxy_read_timeout 60s; # CORS headers add_header Access-Control-Allow-Origin "https://docs.amayo.dev" always; add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS" always; add_header Access-Control-Allow-Headers "Authorization, Content-Type" always; add_header Access-Control-Allow-Credentials "true" always; add_header Access-Control-Max-Age 1728000 always; # Security headers add_header X-Frame-Options "SAMEORIGIN" always; add_header X-Content-Type-Options "nosniff" always; add_header X-XSS-Protection "1; mode=block" always; } }