env/nginx/www.conf

server {
	server_name www www.${DOMAIN_NAME} ${DOMAIN_NAME};
	client_max_body_size 128m;

	sendfile on;
	tcp_nopush on;
	tcp_nodelay on;
	keepalive_timeout 65;
	types_hash_max_size 2048;
	#include /etc/nginx/mime.types;
	#default_type application/octet-stream;

	gzip on;
	gzip_disable "msie6";

	proxy_read_timeout 1800s;

	# required to avoid HTTP 411: see Issue #1486 (https://github.com/dotcloud/docker/issues/1486)
	chunked_transfer_encoding on;

	# delegated Matrix server
	location /.well-known/matrix {
		#return 302 https://${MATRIX_HOSTNAME}.${DOMAIN_NAME}$request_uri;
		proxy_pass https://${MATRIX_HOSTNAME}.${DOMAIN_NAME}$request_uri;
	}

	# separate Mastodon WEB_DOMAIN and LOCAL_DOMAIN
	location = /.well-known/host-meta {
		return 302 https://${MASTODON_HOSTNAME}.${DOMAIN_NAME}$request_uri;
	}
	location = /.well-known/webfinger {
		return 302 https://${MASTODON_HOSTNAME}.${DOMAIN_NAME}$request_uri;
	}

	# OpenID services
	location = /.well-known/openid-configuration {
		return 302 https://${KEYCLOAK_HOSTNAME}.${DOMAIN_NAME}$request_uri;
	}

	# tilde club home directories
	location ~ ^/~(.+?)(/.*)?$ {
		alias /home/$1/public_html$2;
		index index.html index.htm;
		autoindex on;
	}

	# /html files are served from the static html site
	location /html {
		root /var/www;
		autoindex off;
	}

	# default home page goes to hedgedoc document "Main_Page"; please add your own content!
	location = / {
		return 302 https://${DOMAIN_NAME}/Main_Page;
	}
	# rewrite /s/ links to the bare link
	location ~ ^/s/(.*) {
		return 302 https://${DOMAIN_NAME}/$1;
	}
	# normal pages go to hedgedoc static site (need to define ports in the env)
	# need to rewrite the CSP so that it allows reframing from the main site
	location / {
		proxy_cache mycache;
		add_header X-Cache-Status $upstream_cache_status;
		proxy_ignore_headers Cache-Control;

		proxy_hide_header Content-Security-Policy;
		add_header Content-Security-Policy "script-src 'self' 'unsafe-inline' 'unsafe-eval' *.${DOMAIN_NAME}; frame-src 'self' *.${DOMAIN_NAME}; object-src 'self'; base-uri 'self' *.${DOMAIN_NAME}";
		proxy_pass http://hedgedoc:3000/s$request_uri;
		proxy_cache_valid any 1m;

	}
	# while javascript and config stuff goes to non-static hedgedoc site
	location ~ ^/(js|build|config$) {
		proxy_cache mycache;
		add_header X-Cache-Status $upstream_cache_status;
		proxy_ignore_headers Cache-Control;
		proxy_cache_valid any 1m;

		proxy_pass http://hedgedoc:3000$request_uri;
	}

	include /etc/nginx/includes/ssl.conf;
}
nginx: handle unknown hostname with some style 2 years ago			`server {`
			`server_name www www.${DOMAIN_NAME} ${DOMAIN_NAME};`
			`client_max_body_size 128m;`

			`sendfile on;`
			`tcp_nopush on;`
			`tcp_nodelay on;`
			`keepalive_timeout 65;`
			`types_hash_max_size 2048;`
			`#include /etc/nginx/mime.types;`
			`#default_type application/octet-stream;`

			`gzip on;`
			`gzip_disable "msie6";`

			`proxy_read_timeout 1800s;`

			`# required to avoid HTTP 411: see Issue #1486 (https://github.com/dotcloud/docker/issues/1486)`
			`chunked_transfer_encoding on;`

			`# delegated Matrix server`
			`location /.well-known/matrix {`
			`#return 302 https://${MATRIX_HOSTNAME}.${DOMAIN_NAME}$request_uri;`
			`proxy_pass https://${MATRIX_HOSTNAME}.${DOMAIN_NAME}$request_uri;`
			`}`

			`# separate Mastodon WEB_DOMAIN and LOCAL_DOMAIN`
			`location = /.well-known/host-meta {`
			`return 302 https://${MASTODON_HOSTNAME}.${DOMAIN_NAME}$request_uri;`
			`}`
			`location = /.well-known/webfinger {`
			`return 302 https://${MASTODON_HOSTNAME}.${DOMAIN_NAME}$request_uri;`
			`}`

			`# OpenID services`
			`location = /.well-known/openid-configuration {`
			`return 302 https://${KEYCLOAK_HOSTNAME}.${DOMAIN_NAME}$request_uri;`
			`}`

			`# tilde club home directories`
			`location ~ ^/~(.+?)(/.*)?$ {`
			`alias /home/$1/public_html$2;`
			`index index.html index.htm;`
			`autoindex on;`
			`}`

			`# /html files are served from the static html site`
			`location /html {`
			`root /var/www;`
			`autoindex off;`
			`}`

			`# default home page goes to hedgedoc document "Main_Page"; please add your own content!`
			`location = / {`
			`return 302 https://${DOMAIN_NAME}/Main_Page;`
			`}`
			`# rewrite /s/ links to the bare link`
			`location ~ ^/s/(.*) {`
			`return 302 https://${DOMAIN_NAME}/$1;`
			`}`
			`# normal pages go to hedgedoc static site (need to define ports in the env)`
			`# need to rewrite the CSP so that it allows reframing from the main site`
			`location / {`
			`proxy_cache mycache;`
			`add_header X-Cache-Status $upstream_cache_status;`
			`proxy_ignore_headers Cache-Control;`

			`proxy_hide_header Content-Security-Policy;`
			`add_header Content-Security-Policy "script-src 'self' 'unsafe-inline' 'unsafe-eval' .${DOMAIN_NAME}; frame-src 'self' .${DOMAIN_NAME}; object-src 'self'; base-uri 'self' *.${DOMAIN_NAME}";`
			`proxy_pass http://hedgedoc:3000/s$request_uri;`
			`proxy_cache_valid any 1m;`

			`}`
			`# while javascript and config stuff goes to non-static hedgedoc site`
			`location ~ ^/(js\|build\|config$) {`
			`proxy_cache mycache;`
			`add_header X-Cache-Status $upstream_cache_status;`
			`proxy_ignore_headers Cache-Control;`
			`proxy_cache_valid any 1m;`

			`proxy_pass http://hedgedoc:3000$request_uri;`
			`}`

			`include /etc/nginx/includes/ssl.conf;`
			`}`