include /etc/nginx/includes/onlyoffice-http.conf;

## Normal HTTP host
server {
  listen 0.0.0.0:80;
  listen [::]:80 default_server;
  server_name _;
  server_tokens off;

  include /etc/nginx/snippets/letsencrypt-proxy.conf;
  ## Redirects all traffic to the HTTPS host
  root /nowhere; ## root doesn't have to be a valid path since we are redirecting
  rewrite ^ https://$host$request_uri? permanent;
}

#HTTP host for internal services
server {
  listen 127.0.0.1:80;
  listen [::1]:80;
  server_name localhost;
  server_tokens off;
  
  include /etc/nginx/snippets/letsencrypt-proxy.conf;
  include /etc/nginx/includes/onlyoffice-documentserver-common.conf;
  include /etc/nginx/includes/onlyoffice-documentserver-docservice.conf;
}

## HTTPS host
server {
  listen 0.0.0.0:443 ssl http2;
  listen [::]:443 ssl http2 default_server;
  server_tokens off;
  root /usr/share/nginx/html;

  ## Strong SSL Security
  ## https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html
  ssl on;
  include /etc/nginx/snippets/nginx-server-ssl.conf;
  # add_header X-Frame-Options SAMEORIGIN;
  add_header X-Content-Type-Options nosniff;
  include /etc/nginx/includes/onlyoffice-documentserver-*.conf;

}