1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
server {
    # Redirect the HTTP traffic (port 80) to HTTPS (port 443) with a 301 redirect
    listen                      80;
    server_name                 foo.example.com;
    return 301                  https://$host$request_uri;
}

server {
    # Listen on port 443 with SSL
    listen                      443 ssl;
    server_name                 foo.example.com;
    
    # SSL Certificate data (path to the certificates that we created before)
    ssl_certificate             /etc/letsencrypt/live/foo.example.com/fullchain.pem;
    ssl_certificate_key         /etc/letsencrypt/live/foo.example.com/privkey.pem;
    
    # SSL encryption details
    ssl_session_cache           shared:SSL:1m;
    ssl_session_timeout         10m;
    ssl_protocols               TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers                 HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;
    ssl_prefer_server_ciphers   on;
    client_max_body_size        20M;
    
    # Place where the HTML files are
    root /var/www/foo.exmaple.com/html; # The path to the website files
    index index.html index.htm; # Files to display by default
}