gistfile1.txt

server {
    server_name serverok.in www.serverok.in;
    root /var/www/html/;
    access_log /var/log/nginx/default_server.log;
    autoindex on;
    index index.php;

    location ~ ^/.well-known/ {
        allow all;
        access_log off;
        log_not_found off;
        autoindex on;
        #alias /var/www/html;
    }
    
    location / {
        proxy_set_header X-Real-IP  $remote_addr;
        proxy_set_header X-Forwarded-For $remote_addr;
        proxy_set_header Host $host;
        proxy_pass http://127.0.0.1:8080;
    }

    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/serverok.in/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/serverok.in/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}

Reverse Proxy to SSL backend on another server.

server {
    listen *:80;
    client_max_body_size 100M;
    proxy_read_timeout 600s;
    proxy_buffer_size   128k;
    proxy_buffers   4 256k;
    proxy_busy_buffers_size   256k;
    location / {
        proxy_set_header X-Real-IP  $remote_addr;
        proxy_set_header X-Forwarded-For $remote_addr;
        proxy_set_header Host $host;
        proxy_pass https://3.211.13.35:443;
    }

    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/serverok.in/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/serverok.in/privkey.pem; # managed by Certbot
}

Nginx Proxy How-to

https://serverok.in/nginx-proxy