From b746c457cebfb9da340557cc79cadce7d994ebb7 Mon Sep 17 00:00:00 2001
From: Naomi Carrigan <commits@nhcarrigan.com>
Date: Thu, 3 Jul 2025 20:29:28 -0700
Subject: [PATCH] feat: time for another sync got some cool stuff in here

---
 configs/gitea.conf |   3 +-
 configs/prod.conf  | 102 +++++++++++++++++++++++++++++++++++++++++----
 2 files changed, 94 insertions(+), 11 deletions(-)

diff --git a/configs/gitea.conf b/configs/gitea.conf
index e9409c6..b6d10b0 100644
--- a/configs/gitea.conf
+++ b/configs/gitea.conf
@@ -4,9 +4,8 @@ server {
   ssl_certificate /etc/letsencrypt/live/git.nhcarrigan.com/fullchain.pem;
   ssl_certificate_key /etc/letsencrypt/live/git.nhcarrigan.com/privkey.pem;
 
-  client_max_body_size 100M;
-
   location / {
+    client_max_body_size 1000M; 
     proxy_set_header Host $host;
     proxy_pass http://127.0.0.1:3000;
     proxy_redirect off;
diff --git a/configs/prod.conf b/configs/prod.conf
index 8441ff4..f0f1cab 100644
--- a/configs/prod.conf
+++ b/configs/prod.conf
@@ -183,7 +183,7 @@ server {
   ssl_certificate_key /etc/letsencrypt/live/chat.nhcarrigan.com/privkey.pem;
 
   location / {
-    return 301 https://forum.nhcarrigan.com;
+    return 301 https://discord.gg/KKe7BaEnQB;
   }
 }
 
@@ -255,15 +255,26 @@ server {
   ssl_certificate /etc/letsencrypt/live/forms.nhcarrigan.com/fullchain.pem;
   ssl_certificate_key /etc/letsencrypt/live/forms.nhcarrigan.com/privkey.pem;
 
-  root /home/nhcarrigan/forms/client/dist/client/browser;
+    # Upgrade websocket requests and route the api backend
+    location ~ ^/(api|ws)/ {
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_http_version 1.1;
+        proxy_set_header Host $host;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection "upgrade";
+        proxy_pass http://127.0.0.1:11111;
+    }
 
-  location / {
-    index index.html;
-    try_files $uri $uri/ /index.html;
-  }
-
-  location ~* \.(js|css)$ {
-    try_files $uri $uri/ @rewrite;
+    location / {
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header Host $http_host;
+        proxy_http_version 1.1;
+    proxy_pass http://127.0.0.1:11111;
+    proxy_redirect off;
   }
 }
 
@@ -306,6 +317,31 @@ server {
   }
 }
 
+server {
+  listen 443 ssl;
+  server_name hikari.nhcarrigan.com;
+  ssl_certificate /etc/letsencrypt/live/hikari.nhcarrigan.com/fullchain.pem;
+  ssl_certificate_key /etc/letsencrypt/live/hikari.nhcarrigan.com/privkey.pem;
+
+  root /home/nhcarrigan/hikari/client/dist/client/browser;
+  index index.html;
+
+  location /api/ {
+    proxy_pass http://127.0.0.1:20000/;
+    proxy_set_header Host $host;
+    proxy_set_header X-Real-IP $remote_addr;
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_set_header X-Forwarded-Proto $scheme;
+
+    # This removes /api from the forwarded URL
+    rewrite ^/api/(.*)$ /$1 break;
+  }
+
+  location / {
+    try_files $uri $uri/ /index.html;
+  }   
+}
+
 server {
   listen 443 ssl;
   server_name hooks.nhcarrigan.com;
@@ -469,6 +505,11 @@ server {
     index index.html;
   }
 
+  location /ads.txt {
+    add_header Content-Type text/plain;
+    return 200 "google.com, pub-3569924701890974, DIRECT, f08c47fec0942fa0";
+  }
+
   location /games {
     try_files /games.html =404;
   }
@@ -489,6 +530,11 @@ server {
   location / {
     index index.html;
   }
+
+  location /ads.txt {
+    add_header Content-Type text/plain;
+    return 200 "google.com, pub-3569924701890974, DIRECT, f08c47fec0942fa0";
+  }
 }
 
 server {
@@ -499,6 +545,11 @@ server {
 
   root /home/nhcarrigan/portfolio/site;
 
+  location /ads.txt {
+    add_header Content-Type text/plain;
+    return 200 "google.com, pub-3569924701890974, DIRECT, f08c47fec0942fa0";
+  }
+
   location / {
     index index.html;
   }
@@ -523,6 +574,11 @@ server {
   location / {
     index index.html;
   }
+
+  location /ads.txt {
+    add_header Content-Type text/plain;
+    return 200 "google.com, pub-3569924701890974, DIRECT, f08c47fec0942fa0";
+  }
 }
 
 server {
@@ -537,6 +593,20 @@ server {
   }
 }
 
+server {
+  listen 443 ssl;
+  server_name products.nhcarrigan.com;
+  ssl_certificate /etc/letsencrypt/live/products.nhcarrigan.com/fullchain.pem;
+  ssl_certificate_key /etc/letsencrypt/live/products.nhcarrigan.com/privkey.pem;
+
+  root /home/nhcarrigan/products;
+
+  location / {
+    index index.html;
+    try_files $uri $uri/ /index.html;
+  }
+}
+
 server {
   listen 443 ssl;
   server_name quality.nhcarrigan.com;
@@ -742,3 +812,17 @@ server {
     try_files /koikatsu.html =404;
   }
 }
+
+# This MUST be at the bottom so that dedicated subdomains are parsed first!
+
+server {
+    listen 443 ssl;
+    server_name ~^(?<subdomain>.+)\.naomi\.lgbt$;
+
+    ssl_certificate     /etc/letsencrypt/live/naomi.lgbt-0001/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/naomi.lgbt-0001/privkey.pem;
+
+    location / {
+        return 301 https://$subdomain.nhcarrigan.com$request_uri;
+    }
+}