server {
    listen 443 ssl;
    listen [::]:443 ssl;

    server_name {{ stream_frontend_nginx_url }} stream.ese.ifsr.de;


    # Some systems require you to actually create this directory before starting nginx.
    # If this is the case on your system, you may need to move it outside `/tmp` and create the directory manually (not forgetting to give ownership
    # to www-data with chown).
    # Thanks to @joe for pointing this out in a comment!
    client_body_temp_path   /tmp/nginx-client-bodies;
    client_max_body_size    0;
    create_full_put_path    on;
    add_header Access-Control-Allow-Origin *;
    add_header Access-Control-Max-Age 3600;
    add_header Access-Control-Expose-Headers Content-Length;
    add_header Access-Control-Allow-Headers Range;
    root /var/www/{{ stream_frontend_nginx_url }}/;
    ssl_certificate /data/fullchain.pem; # managed by Certbot
    ssl_certificate_key /data/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot




}

server {
    if ($host = {{ stream_frontend_nginx_url }}) {
        return 301 https://$host$request_uri;
    } # managed by Certbot

    if ($host = stream.ese.ifsr.de) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


       listen 80;
       server_name {{ stream_frontend_nginx_url }} stream.ese.ifsr.de;
    return 404; # managed by Certbot


}