upstream fw {
    # depending on your setup, you may want to update this
    server 0.0.0.0:5678;
}
map $http_upgrade $connection_upgrade {
    default upgrade;
    ''      close;
}

server {
    server_name conc.ert.space;
    client_max_body_size 512M;

    # HSTS
    add_header Strict-Transport-Security "max-age=31536000";

    location / {
        include /etc/nginx/funkwhale_proxy.conf;
        proxy_pass   http://fw/;
    }

    listen [::]:443 ssl; # managed by Certbot
    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/ert.space/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/ert.space/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}



server {
    if ($host = conc.ert.space) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    listen 80;
    listen [::]:80;
    server_name conc.ert.space;
    return 404; # managed by Certbot


}