server {
    listen 80;
    listen [::]:80;
    server_name madone.seaturtle.pw;

    return 301 https://madone.seaturtle.pw$request_uri;
}

server {
    listen 443 ssl;
    listen [::]:443 ssl;
    server_name madone.seaturtle.pw;

    # ssl conf
    include /config/nginx/ssl.conf;

    client_max_body_size 1M;

    # Purposefully do not proxy main site because there's no reason somone
    #  should be using this domain name
    location / {
        return 301 https://example.com;
    }

    # Proxy syncthing
    location /syncthing/ {
        auth_basic "not today buddy";
        auth_basic_user_file /config/nginx/syncthing-htpasswd;
        proxy_set_header X-Real_IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-proto $scheme;
        proxy_pass http://syncthing:8384/;
    }

    # Proxy weechat
    location /weechat {
        proxy_pass http://172.17.0.1:9001;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_read_timeout 8h;
    }
    
    # Serve misc files
    location /files {
        alias /files-docker;
        autoindex on;
    }

    # Serve syncthing files
    location /sync {
        auth_basic "nope definitely not today buddy";
        auth_basic_user_file /config/nginx/sync-htpasswd;
        alias /sync-docker;
        autoindex on;
    }

    # Proxy everything else???
}