server {
	listen 443 ssl;

	root /var/www/html;
	index index.php index.html index.htm;

	# Make site accessible from http://localhost/
        server_name _;
        ssl_certificate     /etc/letsencrypt/live/##DOMAIN##/fullchain.pem;
        ssl_certificate_key /etc/letsencrypt/live/##DOMAIN##/privkey.pem;
        ssl_protocols       TLSv1 TLSv1.1 TLSv1.2;
        ssl_ciphers         HIGH:!aNULL:!MD5;

	# Make site accessible from http://localhost/
	server_name _;
	
	# Disable sendfile as per https://docs.vagrantup.com/v2/synced-folders/virtualbox.html
	sendfile off;

	# Add stdout logging

	error_log /dev/stdout info;
	access_log /dev/stdout;

	location / {
		# First attempt to serve request as file, then
		# as directory, then fall back to index.html
		try_files $uri $uri/ /index.php?q=$uri&$args;
	}

	#error_page 404 /404.html;

	# redirect server error pages to the static page /50x.html
	#
	error_page 500 502 503 504 /50x.html;
	location = /50x.html {
		root /var/www/html;
	}

	# pass the PHP scripts to FastCGI server listening on socket
	#
	location ~ \.php$ {
                try_files $uri =404;
		fastcgi_split_path_info ^(.+\.php)(/.+)$;
		fastcgi_pass unix:/var/run/php-fpm.sock;
		fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    		fastcgi_param SCRIPT_NAME $fastcgi_script_name;
		fastcgi_index index.php;
		include fastcgi_params;
	}

        location ~* \.(jpg|jpeg|gif|png|css|js|ico|xml)$ {
                expires           5d;
        }

	# deny access to . files, for security
	#
	location ~ /\. {
    		log_not_found off; 
    		deny all;
	}

}