# redirect http to https
server  {
         listen  [::]:80;
         server_name {{ second_domains }};
         return  301 https://$server_name$request_uri;
}

# conf for https
server  {
        listen  [::]:443;
        server_name  {{ second_domains }};

        include /etc/nginx/includes/le-acme.conf;
        include /etc/nginx/includes/ssl.conf ;
        include /etc/nginx/includes/add-headers.conf ;

# TLS conf
        ssl_certificate /etc/nginx/sites/{{ main_domain }}/{{ main_domain }}.chained;
        ssl_certificate_key /etc/nginx/sites/{{ main_domain }}/{{ main_domain }}.key;

# reverse proxy
        location / {
                proxy_pass http://[{{ ip6_back }}];
                proxy_redirect off;
                proxy_set_header Host $host;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header X-Forwarded-Ssl on;
                }
}