server {
        access_log /var/log/nginx/inv.zzls.xyz.access.log;
        error_log /var/log/nginx/inv.zzls.xyz.error.log;

        server_name inv.zzls.xyz;
        include configs/general.conf;

        location / {
                proxy_pass http://127.0.0.1:40015/;
                include configs/proxy.conf;
        }

        # Security headers
	# Invidious uses their own security headers
        # include configs/security.conf;

        # QUIC
        add_header Alt-Svc 'h3=":443"; ma=86400';

        listen 443 http3;
        listen 443 http2 ssl; # managed by Certbot
        ssl_certificate /etc/letsencrypt/live/inv.zzls.xyz/fullchain.pem; # managed by Certbot
        ssl_certificate_key /etc/letsencrypt/live/inv.zzls.xyz/privkey.pem; # managed by Certbot
        include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
        ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}
server {
        if ($host = inv.zzls.xyz) {
                return 301 https://$host$request_uri;
                } # managed by Certbot


                listen 80;

                server_name inv.zzls.xyz;
                return 404; # managed by Certbot


        }