events {

}

http {
  server {
    listen 8081;

    location ~ ^/_matrix/client/(r0|v3)/rooms/([^/]*)/report/(.*)$ {
      # Abuse reports should be sent to Mjölnir.
      # The r0 endpoint is deprecated but still used by many clients.
      # As of this writing, the v3 endpoint is the up-to-date version.

      # Add CORS, otherwise a browser will refuse this request.
      add_header 'Access-Control-Allow-Origin' '*' always; # Note: '*' is for testing purposes. For your own server, you probably want to tighten this.
      add_header 'Access-Control-Allow-Credentials' 'true' always;
      add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS' always;
      add_header 'Access-Control-Allow-Headers' 'Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since' always;
      add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range' always;
      add_header 'Access-Control-Max-Age' 1728000; # cache preflight value for 20 days

      # Alias the regexps, to ensure that they're not rewritten.
      set $room_id $2;
      set $event_id $3;
      proxy_pass http://127.0.0.1:8082/api/1/report/$room_id/$event_id;
    }
    location / {
      # Everything else should be sent to Synapse.
      proxy_pass http://127.0.0.1:9999;
    }
  }
}