server {
  listen 80;
  listen [::]:80;
  server_name yourdomain.com;
  return 301 https://$server_name$request_uri;
}

server {
  listen 443 ssl http2;
  listen [::]:443 ssl http2;
  server_name yourdomain.com;

  ssl_protocols TLSv1.2 TLSv1.3;
  ssl_ciphers HIGH:!MEDIUM:!LOW:!aNULL:!NULL:!SHA;
  ssl_prefer_server_ciphers on;
  ssl_session_cache shared:SSL:10m;
  ssl_session_tickets off;

  # Uncomment these lines once you acquire a certificate:
  ssl_certificate     /etc/nginx/cert/yourdomain.com.pem;
  ssl_certificate_key /etc/nginx/cert/yourdomain.com.key;

  client_max_body_size 4G;

  location / {
    proxy_set_header Host $http_host;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection $connection_upgrade;
    proxy_redirect off;
    proxy_buffering off;
    proxy_pass http://127.0.0.1:8762;
  }

  location /static {
    # path for static files
    rewrite ^/static/(.*) /$1 break;
    root /home/dejavu/container/yourdomain.com/app/static/;
    expires 1y;
  }

  access_log  /var/log/nginx/yourdomain.com.access.log;
  error_log  /var/log/nginx/yourdomain.com.error.log;
}

map $http_upgrade $connection_upgrade {
  default upgrade;
  '' close;
}