Nginx cors issue when using upstream

Question

I am pretty frustrated with this as I can not seem to figure out why this is happening.

I have a Django webapp that was working fine. When I tried changing the worker_connections I started getting CORS issues. I revereted the number and still get CORS issue.

My nginx config looks like below

upstream backend {
    #ip_hash;
    #server 38.106.79.195;
    server unix:/home/www/api.to/app.sock;
}

server {
    server_name api.pdf.to;

    client_max_body_size 10000m;
    gzip_disable "msie6";
    access_log off;
    error_log on;
    gzip_vary on;
    gzip on;
    gzip_proxied any;
    gzip_comp_level 6;
    gzip_buffers 16 8k;
    gzip_http_version 1.1;
    gzip_min_length 256;
    gzip_types application/javascript application/font-ttf ttf text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/vnd.ms-fontobject application/x-font-ttf font/opentype image/svg+xml image/x-icon;

    location /word/report.html {
       alias /var/log/nginx/report.html;
    }

    location / {
          add_header 'Access-Control-Allow-Origin' '*'  always;
          add_header 'Access-Control-Max-Age' '3600'  always;
          add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS' always;
          add_header 'Access-Control-Allow-Headers' '*' always;

          if ($request_method = OPTIONS ) {
              return 200;
          }


        proxy_pass http://backend;
        proxy_set_header Host $http_host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Scheme $scheme;
        proxy_set_header REMOTE_ADDR $remote_addr;
        proxy_read_timeout 1000; # this
    }


    location /static/downloads {
        alias /home/www/api.to/static/downloads/;
   add_header Content-disposition "attachment; filename=$1";
   default_type application/octet-stream;
  }





    location /static/ {
        alias /home/www/api.to/static/;
        expires 35d;
        add_header Pragma public;
        add_header Cache-Control "public, must-revalidate, proxy-revalidate";
        access_log off;
    }


    location /static/downloads {
        alias /home/www/api.to/static/downloads/;
   add_header Content-disposition "attachment; filename=$1";
   default_type application/octet-stream;
  }





    location /static/ {
        alias /home/www/api.to/static/;
        expires 35d;
        add_header Pragma public;
        add_header Cache-Control "public, must-revalidate, proxy-revalidate";
        access_log off;
    }


    listen 443 ssl http2; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/api.pdf.to-0001/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/api.pdf.to-0001/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot


}

I had CORS disabled in my django app and it was working fine, but after the reload it does not work. I had to add to my nginx

          add_header 'Access-Control-Allow-Origin' '*'  always;
          add_header 'Access-Control-Max-Age' '3600'  always;
          add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS' always;
          add_header 'Access-Control-Allow-Headers' '*' always;

          if ($request_method = OPTIONS ) {
              return 200;
          }

This makes it so it works when I send it to the local box, but if I Send it to the upstream box (which has the same nginx config) it gives me a 404 or CORS error.

Answer 1

After further progressing the problem, I posted this question, and later answer which also solves this one. https://superuser.com/a/1769407/535078