server {
  listen       80;
  server_name  mgmt.site.local;

  location / {
    try_files $uri @proxy;
    root   /usr/local/www/mgmt;
    add_header 'Access-Control-Allow-Origin' 'http://some.site.local';
  }
  location @proxy {
    auth_basic            "RTK MGMT Site";
    auth_basic_user_file   /usr/local/x/snmp/passwd;
    proxy_pass         http://localhost:3000;
    proxy_set_header   Host             $host;
    proxy_set_header X-Forwarded-Host $host;
    proxy_set_header   X-Real-IP        $remote_addr;
    proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;
    proxy_set_header        X-Forwarded-Proto $scheme;

  }
}