server {
    server_name photos.fongaboo.com immich.openkimono.local immich;

    # if ($host != 'photos.fongaboo.com') {
        # return 301 https://photos.fongaboo.com$request_uri;
    # }

    access_log /var/log/nginx/photos_combined_access.log;
    error_log  /var/log/nginx/photos_combined_error.log;

    # allow large file uploads
    client_max_body_size 50000M;

    # Set headers
    proxy_set_header Host              $host;
    proxy_set_header X-Real-IP         $remote_addr;
    proxy_set_header X-Forwarded-For   $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;

    # enable websockets: http://nginx.org/en/docs/http/websocket.html
    proxy_http_version 1.1;
    proxy_set_header   Upgrade    $http_upgrade;
    proxy_set_header   Connection "upgrade";
    proxy_redirect     off;

    # set timeout
    proxy_read_timeout 600s;
    proxy_send_timeout 600s;
    send_timeout       600s;

    # enable GET/HEAD/POST directives
    if ($request_method !~ ^(GET|HEAD|POST)$ ) {
        return 405;
    }

    location / {
        proxy_pass http://localhost:2283;
    }

    # useful when using Let's Encrypt http-01 challenge
    # location = /.well-known/immich {
    #     proxy_pass http://<backend_url>:2283;
    # }

    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/photos.fongaboo.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/photos.fongaboo.com/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot



    add_header Strict-Transport-Security "max-age=31536000" always; # managed by Certbot

}
server {
    listen 80;
    server_name photos.fongaboo.com immich.openkimono.local immich;

    access_log /var/log/nginx/photos_combined_access.log;
    error_log  /var/log/nginx/photos_combined_error.log;

    return 301 https://photos.fongaboo.com$request_uri;
}