This section needs to be in inside your HTTP context ie - HTTP { }
server {
listen xxx.xxx.xxx.xxx:443 ssl http2;
server_name unifi.yourdomain.com;
ssl_certificate /etc/nginx/acme.sh/yourdomain.com/fullchain.pem;
ssl_certificate_key /etc/nginx/acme.sh/yourdomain.com/key.pem;
# Include global SSL settings
include /etc/nginx/conf.d/ssl;
location / {
proxy_pass https://xxx.xxx.xxx.xxx:8443/;
proxy_redirect https://xxx.xxx.xxx.xxx:8443/ /;
proxy_buffering off;
proxy_read_timeout 60s;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
}
}
This section needs to be outside the HTTP context and in your Stream Context ie - Stream { }
# Unifi STUN UDP Traffic
upstream unifi_stun {
server xxx.xxx.xxx.xxx:3478;
}
server {
listen 3478 udp;
proxy_pass unifi_stun;
proxy_responses 1;
error_log /var/log/nginx/unifi_stun.log;
}
# Unifi Inform Traffic
upstream unifi_inform {
server xxx.xxx.xxx.xxx:8080;
}
server {
listen 8080;
proxy_pass unifi_inform;
error_log /var/log/nginx/unifi_inform.log;
}