server {
	server_name money.theribbles.org;

	listen 443 ssl; # managed by Certbot
	ssl_certificate /etc/letsencrypt/live/theribbles.org/fullchain.pem; # managed by Certbot
	ssl_certificate_key /etc/letsencrypt/live/theribbles.org/privkey.pem; # managed by Certbot
	include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
	ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

	location ~ /oauth2/ {
		proxy_pass http://127.0.0.1:10031;
		include /etc/nginx/proxy.conf;
		proxy_set_header X-Auth-Request-Redirect $request_uri;
	}
	location = /oauth2/auth {
		internal;
		proxy_pass http://127.0.0.1:10031;
		include /etc/nginx/proxy.conf;
		proxy_set_header Content-Length "";
		proxy_pass_request_body off;
		proxy_set_header X-Original-URI $request_uri;
	}
	location ~ {
		proxy_pass http://127.0.0.1:10060;
		include /etc/nginx/proxy.conf;
		include /etc/nginx/auth.conf;
	}
	error_page 401 = /oauth2/sign_in;

}

server {
	if ($host = money.theribbles.org) {
		return 301 https://$host$request_uri;
	} # managed by Certbot


	server_name money.theribbles.org;
	listen 80;
	return 404; # managed by Certbot
}