server {
	if ($host = fxsync.example.com) { 
                return 301 https://$host$request_uri; 
        }

	listen 80; 
	listen [::]:80;
	server_name fxsync.example.com;

        access_log /var/log/nginx/fxsync.example.com-access.log;
        error_log /var/log/nginx/fxsync.example.com-error.log;
}

server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;

    server_name fxsync.example.com;

    location / {
            proxy_pass http://localhost:5000;
            proxy_set_header Host $http_host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto $scheme;
            proxy_redirect off;
            proxy_read_timeout 120;
            proxy_connect_timeout 10;
            gzip off;
    }

    ssl_certificate /etc/letsencrypt/live/fxsync.example.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/fxsync.example.com/privkey.pem; # managed by Certbot
}