server { # resolver 127.0.0.11 valid=30s; ## internal docker dns #listen [::]:3011 default ipv6only=on; ## listen for ipv6 listen 80; client_header_timeout 120s; client_body_timeout 120s; client_max_body_size 200m; # save logs here server_name sigyl.com; location / { return 301 https://$host$request_uri; } } server { # resolver 127.0.0.11 valid=30s; ## internal docker dns #listen [::]:3011 default ipv6only=on; ## listen for ipv6 # listen 444 listen 443 ssl; # this should allow large docs client_header_timeout 120s; client_body_timeout 120s; client_max_body_size 200m; ssl_certificate /etc/letsencrypt/live/sigyl.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/sigyl.com/privkey.pem; # save logs here #access_log /var/log/nginx/access.log compression; server_name sigyl.com; location /git/ { proxy_pass http://gitea:3000/; } location /blog/ { proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_buffering off; proxy_pass http://ghost:2368; } location /chat/sockjs { proxy_pass http://chat:3000sockjs; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "Upgrade"; proxy_set_header Host $host; } location /chat/sockjs/ { proxy_pass http://chat:3000sockjs/; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "Upgrade"; proxy_set_header Host $host; } location /chat/ { proxy_pass http://chat:3000; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forward-Proto http; proxy_set_header X-Nginx-Proxy true; proxy_redirect off; } } templating scripts from /etc/nginx/user.conf.d to /etc/nginx/conf.d Substituting variables