server {
        listen      9090;
        listen [::]:9090 ipv6only=on;


        set $cors '';
        if ($http_origin ~ '^https?\:\/\/(localhost|\d+\.\d+\.\d+.\d+|(www\.)?ispooge\.com|(www\.)?harlanji\.com|(www\.)?tinydatacenter\.com)\/?') {
                set $cors 'C';
        }

        set $cors_opts '';
        if ($request_method = 'OPTIONS') {
          set $cors_opts "${cors}O";
        }



        location / {


          if ($cors = 'C') {
                add_header 'Access-Control-Allow-Origin' "$http_origin" always;
                add_header 'Access-Control-Allow-Credentials' 'true' always;
                add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS' always;
                add_header 'Access-Control-Allow-Headers' 'Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With' always;
                # required to be able to read Authorization header in frontend
                #add_header 'Access-Control-Expose-Headers' 'Authorization' always;
           }
          if ($cors_opts = 'CO') {
                  add_header 'Access-Control-Max-Age' 60;
                  add_header 'Content-Type' 'text/plain charset=UTF-8';
                  add_header 'Content-Length' 0;
                  return 204;
          }

          root /var/www/html;
        }
    }