server {
    listen 80;
    listen 443 ssl;
    server_name __domain__ __aliases__;
    root __path__;

    ssl on;
    ssl_certificate __certificate__;
    ssl_certificate_key __private_key__;

    add_header X-Frame-Options "SAMEORIGIN";
    add_header X-Content-Type-Options "nosniff";

    index index.php;

    charset utf-8;

    location / {
        proxy_pass http://127.0.0.1:__port__/;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_set_header X-Forwarded-For $remote_addr;
    }

    location = /favicon.ico { access_log off; log_not_found off; }
    location = /robots.txt  { access_log off; log_not_found off; }

    error_page 404 /index.php;

    location ~ /\.(?!well-known).* {
        deny all;
    }

    include conf.d/__domain___redirects;
}