user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;

events {
	worker_connections 1024;
}

http {

    sendfile on;
    tcp_nopush on;
    types_hash_max_size 2048;
    include /etc/nginx/mime.types;
    default_type application/octet-stream;

    server {
        listen 80;
        server_name nsfw.wizardstech.ru;
        location /.well-known/acme-challenge {
            allow all;
			root /var/www/html;
		}
        location / {
            return 301 https://$host$request_uri;
        }

    }
    server {
        listen 443 ssl;
        server_name nsfw.wizardstech.ru;
        
        root /var/www/html;

        ssl_certificate /etc/letsencrypt/live/certfolder/fullchain.pem;
        ssl_certificate_key /etc/letsencrypt/live/certfolder/privkey.pem;

        location / {
            proxy_set_header Host $http_host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto $scheme;
            proxy_pass http://api:8000; 
        }
        location /.well-known/acme-challenge {
            allow all;
			root /var/www/html;
		}
        location /robots.txt {
            root /var/www/html;
        }
    }
}