server {
    listen 80;
    listen [::]:80;
    server_name memos.fakeowl1.com;
   	
    # Certificates 
    location /.well-known/acme-challenge/ {
          root /var/www/certbot/;
    }
	
    # enforce https
    location / {
    	return 301 https://$server_name:443$request_uri;
    }
}

server {
	listen 443 ssl;
	listen [::]:443 ssl; 
	server_name memos.fakeowl1.com;

	ssl_certificate     /etc/letsencrypt/live/memos.fakeowl1.com-0001/fullchain.pem;
	ssl_certificate_key /etc/letsencrypt/live/memos.fakeowl1.com-0001/privkey.pem;
	
        # SSL Certificate configuration
	# Reverse proxy to the Memos application running on memos:5230
	location / {
		proxy_pass http://memos:5230; 
		proxy_set_header Host $host;
		proxy_set_header X-Real-IP $remote_addr;
		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
		# Enable gzip compression
		gzip on;
		gzip_types text/plain text/css application/json application/javascript;   
	}
}