server {
	listen 80;
	listen [::]:80;
	server_name localhost;
	# Redirect HTTP to HTTPS
	return 301 https://$host$request_uri;
}

server {
	# SSL configuration
	#
	listen 443 ssl;
	listen [::]:443;
    ssl_certificate /etc/nginx/ssl/localhost.crt;
    ssl_certificate_key /etc/nginx/ssl/localhost.key;
	#
	# Note: You should disable gzip for SSL traffic.
	# See: https://bugs.debian.org/773332
	gzip off;
	#
	# Read up on ssl_ciphers to ensure a secure configuration.
	# See: https://bugs.debian.org/765782

	root /var/www/moodle;

	# Add index.php to the list if you are using PHP
	index index.php index.html index.htm;

	server_name localhost;

	access_log /var/log/nginx/moodle-access.log;
	error_log /var/log/nginx/moodle-error.log;

	# Activate HSTS (HTTP Strict Transport Security)
	# Note: reinclude if in a location a header is set
	include snippets/hsts.conf;

	# Allow favicon.ico, robots.txt, .well-known/
	# Deny *.txt, *.log, .*/*.php, .*, *.json, .lock, *.ht
	include snippets/allowed.conf;
	include snippets/denied.conf;

	location / {
		# First attempt to serve request as file, then
		# as directory, then fall back to displaying a 404.
		try_files $uri $uri/ =404;
	}

	# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
	#
	location ~ [^/]\.php(/|$) {
		fastcgi_split_path_info ^(.+\.php)(/.+)$;
		fastcgi_index index.php;
		fastcgi_pass unix:/run/php/php7.2-fpm.sock;
		include fastcgi_params;
		fastcgi_param PATH_INFO $fastcgi_path_info;
		fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
	}
}