# HTTP server block — used during SSL bootstrap and for ACME challenges
server {
    listen 80;
    server_name _;

    # ACME challenge for Let's Encrypt
    location /.well-known/acme-challenge/ {
        root /var/www/certbot;
    }

    # Nginx healthcheck endpoint
    location /nginx-health {
        access_log off;
        return 200 "healthy\n";
        add_header Content-Type text/plain;
    }

    # Before SSL is acquired, serve a placeholder
    location / {
        root /usr/share/nginx/html;
        try_files /setup-pending.html =404;
    }
}