Old School blog served via https using nginx

nginx.conf

# This server {} block is used to re-direct port 80/http traffic to port 443/https. Pretty common 301 re-direct.
server {
    if ($host = static.trevormanternach.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot
  listen 80;
  server_name static.trevormanternach.com;
    return 404; # managed by Certbot
}

# This server {} is used to serve the index.html, code.js, and styles.css template files via https
server {
  server_name static.trevormanternach.com;
  root /var/www/drummer/;
  listen 443 ssl; # managed by Certbot
  ssl_certificate /etc/letsencrypt/live/static.trevormanternach.com/fullchain.pem; # managed by Certbot
  ssl_certificate_key /etc/letsencrypt/live/static.trevormanternach.com/privkey.pem; # managed by Certbot
  include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
  ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}

# Similar to the first block, this re-directs my main domain to https. Looks slightly different than the first, but they accomplish the same task.
server {
  listen 80;
  server_name trevormanternach.com;
  location '/.well-known/acme-challenge' {
    default_type "text/plain";
    root /var/www/trevormanternach.com/public_html;
  }
  location / {
    return  301 https://$server_name$request_uri;
  }
}

# This is the main domain server block. It just proxies all traffic to my oldschool url.
server {
  listen 443 ssl;
  server_name trevormanternach.com;
  ssl_certificate /etc/letsencrypt/live/trevormanternach.com-0002/fullchain.pem;
  ssl_certificate_key /etc/letsencrypt/live/trevormanternach.com-0002/privkey.pem;
  ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
  ssl_prefer_server_ciphers on;
  ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
  location / {
    proxy_pass http://oldschool.scripting.com/trvr/;
  }
}