# ===================== HTTP (Port 80) =====================
server {
  listen 80 default_server;
  listen [::]:80 default_server;
  server_name _;

  # ACME HTTP-01
  location ^~ /.well-known/acme-challenge/ {
    root /var/www/letsencrypt;
    allow all;
  }

  __HTTP_BODY__
}

# ===================== HTTPS (Port 443) ====================
__SSL_SERVER_BLOCK__