server {
    listen              443 ssl http2;
    listen              [::]:443 ssl http2;
    server_name         lolisafe.tld;

    # SSL
    ssl_certificate     /etc/nginx/ssl/lolisafe.tld.crt;
    ssl_certificate_key /etc/nginx/ssl/lolisafe.tld.key;

    # security
    include             nginxconfig.io/security.conf;

    # logging
    access_log          /var/log/nginx/lolisafe.tld.access.log;
    error_log           /var/log/nginx/lolisafe.tld.error.log warn;

    # uploaded files
    location / {
        add_header Access-Control-Allow-Origin *;
        root /usr/lolisafe/uploads;
        try_files $uri @proxy;
    }

    # reverse proxy
    location @proxy {
        proxy_pass http://lolisafe:9999;
        include    nginxconfig.io/proxy.conf;
    }

    # additional config
    include nginxconfig.io/general.conf;
}

# HTTP redirect
server {
    listen 80;
    listen [::]:80;
    return 301 https://$server_name$request_uri;
}