From 0a6101a784f51f4316825f4403b514b5e847e0d1 Mon Sep 17 00:00:00 2001
From: Your Name <119736744+aborayan2022@users.noreply.github.com>
Date: Tue, 31 Mar 2026 17:57:50 +0200
Subject: [PATCH] fix: Add HTTPS configuration with SSL to nginx.dev.conf

---
 nginx/nginx.dev.conf | 31 ++++++++++++++++++++++++++++++-
 1 file changed, 30 insertions(+), 1 deletion(-)

diff --git a/nginx/nginx.dev.conf b/nginx/nginx.dev.conf
index a72a3fc..ad03f2c 100644
--- a/nginx/nginx.dev.conf
+++ b/nginx/nginx.dev.conf
@@ -2,9 +2,38 @@ upstream frontend {
     server frontend:5173;
 }
 
-# ── HTTP Development Server ──
+# ── HTTP → HTTPS Redirect ──
 server {
     listen 80 default_server;
+    server_name dociva.io www.dociva.io;
+
+    # Let's Encrypt challenge
+    location /.well-known/acme-challenge/ {
+        root /var/www/certbot;
+    }
+
+    # Redirect all other traffic to HTTPS
+    location / {
+        return 301 https://$host$request_uri;
+    }
+}
+
+# ── HTTPS Server ──
+server {
+    listen 443 ssl;
+    server_name dociva.io www.dociva.io;
+
+    # SSL Certificate
+    ssl_certificate /etc/letsencrypt/live/dociva.io/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/dociva.io/privkey.pem;
+
+    # SSL Configuration
+    ssl_protocols TLSv1.2 TLSv1.3;
+    ssl_ciphers HIGH:!aNULL:!MD5;
+    ssl_prefer_server_ciphers on;
+    ssl_session_cache shared:SSL:10m;
+    ssl_session_timeout 10m;
+
     client_max_body_size 100M;
     resolver 127.0.0.11 valid=30s ipv6=off;
     set $backend_upstream backend:5000;