server { listen 443 ssl http2; listen [::]:443 ssl http2; server_name ghost.org; root /var/www/ghost/system/nginx-root; ssl_certificate /etc/ssl/comodo/ghost.org.cer; ssl_certificate_key /etc/ssl/comodo/ghost.org.key; include /var/www/ghost/system/files/ssl-params.conf; location / { proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Real-IP $remote_addr; proxy_set_header Host $http_host; proxy_pass http://127.0.0.1:2368; } location ~ /.well-known { allow all; } client_max_body_size 50m; }