From d71201ac503afff0ae4a2150e82f0ae0619b830e Mon Sep 17 00:00:00 2001
From: Joseph Schorr <joseph.schorr@coreos.com>
Date: Thu, 6 Sep 2018 13:59:21 -0400
Subject: [PATCH] Forgot that we use proxy protocol for production, so we need
 a new block for v1.quay.io

---
 conf/nginx/nginx.conf.jnj | 21 ++++++++++++++++++++-
 1 file changed, 20 insertions(+), 1 deletion(-)

diff --git a/conf/nginx/nginx.conf.jnj b/conf/nginx/nginx.conf.jnj
index 36e976616..67d3374bb 100644
--- a/conf/nginx/nginx.conf.jnj
+++ b/conf/nginx/nginx.conf.jnj
@@ -47,7 +47,7 @@ http {
     server {
         include server-base.conf;
 
-        server_name v1.quay.io;
+        server_name v1-staging.quay.io;
 
         ssl_certificate ../stack/ssl.old.cert;
         ssl_certificate_key ../stack/ssl.old.key;
@@ -81,6 +81,25 @@ http {
         access_log /dev/stdout lb_logs;
     }
 
+    server {
+        server_name v1.quay.io;
+
+        ssl_certificate ../stack/ssl.old.cert;
+        ssl_certificate_key ../stack/ssl.old.key;
+
+        include server-base.conf;
+
+        listen 8443 ssl proxy_protocol;
+        ssl on;
+
+        # This header must be set only for HTTPS
+        add_header Strict-Transport-Security "max-age=63072000; preload";
+
+        real_ip_header proxy_protocol;
+
+        access_log /dev/stdout lb_logs;
+    }
+
     server {
         include vhost-traffic-status.conf;