# Temporary nginx config — used ONLY during the initial certbot certificate
# request.  Once the cert is obtained, switch to ssl.conf and restart nginx.

server {
    listen 80;
    server_name _;

    # Certbot ACME challenge
    location /.well-known/acme-challenge/ {
        root /var/www/certbot;
    }

    # Return 503 for everything else so it's obvious this is not the real app
    location / {
        return 503 "SSL certificate is being provisioned. Try again in a minute.\n";
        add_header Content-Type text/plain;
    }
}