events {

}

http {

	##
	# Basic Settings
	##

	sendfile on;
	tcp_nopush on;
	tcp_nodelay on;
	keepalive_timeout 65;
	types_hash_max_size 2048;

	include /etc/nginx/mime.types;
	default_type application/octet-stream;

	##
	# SSL Settings
	##

	ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
	ssl_prefer_server_ciphers on;

	##
	# Logging Settings
	##

	access_log /var/log/nginx/access.log;
	error_log /var/log/nginx/error.log;

	##
	# Gzip Settings
	##

	gzip on;


	##
	# Virtual Host Configs
	##

   server {
  	listen 80 default_server;
  	listen [::]:80 default_server;

  	server_name yourdomain.com www.yourdomain.com; # CHANGE ME
  	return 301 https://$server_name$request_uri;
  }

  server {
    server_name yourdomain.com;  # CHANGE ME

	  gzip on;


    location / {
      proxy_pass http://pigallery2:80; # forwarding to the other container, named 'pigallery2'
      proxy_http_version 1.1;
      proxy_set_header Upgrade $http_upgrade;
      proxy_set_header Connection 'upgrade';
      proxy_set_header Host $host;
      proxy_cache_bypass $http_upgrade;
    }


    listen 443 ssl default_server;
    listen [::]:443 ssl default_server;

    ssl_certificate /etc/letsencrypt/live/yourdomain.com/fullchain.pem; # CHANGE ME
    ssl_certificate_key /etc/letsencrypt/live/yourdomain.com/privkey.pem; # CHANGE ME
    include /etc/letsencrypt/options-ssl-nginx.conf;
  }
}