########## allow let's Encrypt on port 80 for all domains server { listen 80; listen [::]:80; server_name ~. ; location /.well-known/acme-challenge { root /var/www/html; default_type text/plain; } location / { return 301 https://$host$uri; } } ###################### AyaNova website server { listen 443 ssl http2; listen [::]:443 ssl http2; server_name gztechworks.com www.gztechworks.com; # replace with your domain # replace your domain in both paths (subdomains use same cert and path) ssl_certificate /etc/letsencrypt/live/gztechworks.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/gztechworks.com/privkey.pem; location / { root /var/www/html/ayanova.com; index index.htm index.html; } } #################### API site server { listen 443 ssl http2; listen [::]:443 ssl http2; server_name api.gztechworks.com; # replace with your domain # replace your domain in both paths (subdomains use same cert) ssl_certificate /etc/letsencrypt/live/gztechworks.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/gztechworks.com/privkey.pem; location / { root /var/www/html/api.ayanova.com; index index.htm index.html; } } ################### PECKLIST server { listen 443 ssl http2; listen [::]:443 ssl http2; server_name peck.gztechworks.com; # replace your domain in both paths (subdomains use same cert) ssl_certificate /etc/letsencrypt/live/gztechworks.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/gztechworks.com/privkey.pem; location / { proxy_pass http://gztechworks.com:3000;# NOTE Will only work if has domain, localhost will not work, no idea why proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection keep-alive; proxy_set_header Host $host; proxy_cache_bypass $http_upgrade; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; } }