upstream php {
        server {{ item.listen }};
}

server {
        listen {{ http_port }};
        ## Your website name goes here.
        server_name {{ item.virthost }};
        ## Your only path reference.
        root {{ item.doc_root }};

        {% if nginx_block_dotfiles %}
        location ~ /\.(?!well-known).* {
                deny all;
                access_log off;
                log_not_found off;
                return 404;
        }
        {% endif %}

        {% if letsencrypt_acme_install %}
        include /etc/nginx/snippets/letsencrypt-proxy.conf;
        {% endif %}

        ## This should be in your http block and if it is, it's not needed here.
        index index.php;


        # redirect server error pages to the static page /50x.html
        #
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
                root   /usr/share/nginx/html;
        }

        location = /favicon.ico {
                log_not_found off;
                access_log off;
        }

        location = /robots.txt {
                allow all;
                log_not_found off;
                access_log off;
        }

        # don't send the nginx version number in error pages and Server header
        server_tokens off;

        {% if nginx_client_body_temp_dir is defined %}
        client_body_temp_path {{ nginx_client_body_temp_dir }} 1 2;
        {% endif %}

        location / {
                return 301 https://{{ item.virthost }}$request_uri;
        }

}

server {
        listen {{ https_port }} ssl http2;
        ## Your website name goes here.
        server_name {{ item.virthost }} {{ item.virthost_aliases }};
        ## Your only path reference.
        root {{ item.doc_root }};

        {% if letsencrypt_acme_install %}
        include /etc/nginx/snippets/nginx-server-ssl.conf;
        {% endif %}

        ## This should be in your http block and if it is, it's not needed here.
        index index.php;

        {% if nginx_block_dotfiles %}
        location ~ /\. {
                deny all;
                access_log off;
                log_not_found off;
                return 404;
        }
        {% endif %}

        {% if haproxy_ips is defined %}
        # We are behind haproxy
        {% for ip in haproxy_ips %}
        set_real_ip_from {{ ip }};
        {% endfor %}
        real_ip_header X-Forwarded-For;
        {% endif %}

        # redirect server error pages to the static page /50x.html
        #
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
                root   /usr/share/nginx/html;
        }

        location = /favicon.ico {
                log_not_found off;
                access_log off;
        }

        location = /robots.txt {
                allow all;
                log_not_found off;
                access_log off;
        }

        # don't send the nginx version number in error pages and Server header
        server_tokens off;

        {% if nginx_client_body_temp_dir is defined %}
        client_body_temp_path {{ nginx_client_body_temp_dir }} 1 2;
        {% endif %}

        location / {
                # This is cool because no php is touched for static content.
                # include the "?$args" part so non-default permalinks doesn't break when using query string
                try_files $uri $uri/ /index.php?$args;
        }

        location ~ \.php$ {
                include fastcgi.conf;
                fastcgi_intercept_errors on;
                fastcgi_pass php;
        }

        location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
                expires max;
                log_not_found off;
        }
}