Sample nginx conf with ssl enabled letsencrypt

ngnix.conf

server {
    listen 80;
    server_name suryaelite.com www.suryaelite.com;
    return 301 https://suryaelite.com$request_uri;
}

server {
    listen 443 ssl spdy;
    server_name www.suryaelite.com;
    return 301 https://suryaelite.com$request_uri;
    ssl_certificate /etc/letsencrypt/live/suryaelite.com-0001/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/suryaelite.com-0001/privkey.pem;
}

server {
    listen 443 ssl spdy;
    server_name suryaelite.com;

    access_log  /nginx/suryaelite.access.log;
    error_log   /var/log/nginx/suryaelite.error.log;
    rewrite_log on;

    root        /var/www/suryaelite/;
    index       index.php index.html index.htm;
    
    # SSL    
    ssl_certificate /etc/letsencrypt/live/suryaelite.com-0001/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/suryaelite.com-0001/privkey.pem;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_prefer_server_ciphers on;
    ssl_ciphers 'AAAAAA+AAAAAA:AAA+AAAAAA:AAAAAA+AAAAAA:AAAAAA+AAA';

	
    location / {
        try_files $uri $uri/ /index.php?$query_string;
    }

    location ~ /.well-known {
                allow all;
    }

    # Pass the PHP scripts to FastCGI server
    location ~ \.php$ {
        fastcgi_pass   unix:/var/run/php5-fpm.sock;
        fastcgi_index  index.php;
        fastcgi_intercept_errors on; # to support 404s for PHP files not found
        fastcgi_param  SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include        fastcgi_params;
    }

    # Static files.
    # Set expire headers, Turn off access log
    location ~* \favicon.ico$ {
        access_log off;
        expires 1d;
        add_header Cache-Control public;
    }

    location ~ ^/(img|cjs|ccss)/ {
        access_log off;
        expires 7d;
        add_header Cache-Control public;
    }

    # Deny access to .htaccess files,
    # git & svn repositories, etc
    location ~ /(\.ht|\.git|\.svn) {
        deny  all;
    }
}