{{ ansible_managed | comment }}
# Default server configuration
#
server {
  listen 80 default_server;
  listen [::]:80 default_server ipv6only=on;

  root /var/www/default;

  server_name _;

  location ^~ /.well-known/acme-challenge/ {
    allow all;
    root /var/www/acme;
    try_files $uri =404;
  }

	location / {
		try_files $uri $uri/ =404;
	}

	location = /favicon.ico {
		log_not_found off;
		access_log off;
	}

	location = /robots.txt {
		allow all;
		log_not_found off;
		access_log off;
	}

	location ~* ^.+.(jpg|jpeg|gif|png|ico|css|zip|tgz|gz|rar|bz2|doc|xls|exe|pdf|ppt|txt|tar|mid|midi|wav|bmp|rtf|js)$ {
		expires 7d;
		log_not_found off;
		access_log off;
	}

	location ~ /\. {
		deny all;
		access_log off;
		log_not_found off;
	}

	location ~ /nginx_status {
		stub_status on;
		access_log   off;
		allow 127.0.0.1;
		deny all;
	}
}

server {
  listen 443 default_server;
  listen [::]:443 default_server;

  server_name _;

  include snippets/snakeoil.conf;

  return 444;
}