server {
	listen 443 ssl; # managed by Certbot
	listen [::]:443 ssl; # managed by Certbot

	server_name tyil.nl;

	ssl_certificate /etc/letsencrypt/live/tyil.nl/fullchain.pem;
	ssl_certificate_key /etc/letsencrypt/live/tyil.nl/privkey.pem;

	include /etc/nginx/conf.d/ssl.conf;
	include /etc/nginx/conf.d/certbot.conf;

	location ~ ^/.well-known/openpgpkey(.+)$ {
		add_header Access-Control-Allow-Origin *;

		root /var/wkd/nl.tyil;
		try_files $1 =404;
	}

	location / {
		return 301 https://www.tyil.nl$request_uri;
	}
}

server {
	listen 80;
	listen [::]:80;

	server_name tyil.nl;

	include /etc/nginx/conf.d/certbot.conf;

	location / {
		return 301 https://$host$request_uri;
	}
}