{% if ACTIVATE_NOTES %}
{% if ACTIVATE_HTTPS %}
server {
    server_name notes.{{ LMS_HOST }};
    listen 80;
    return 301 https://$server_name$request_uri;
}
{% endif %}

server {
  listen {{ "443 ssl" if ACTIVATE_HTTPS else "80" }};
  server_name notes.localhost notes.{{ LMS_HOST }};

  {% if ACTIVATE_HTTPS %}
  ssl_certificate /etc/letsencrypt/live/notes.{{ LMS_HOST }}/fullchain.pem;
  ssl_certificate_key /etc/letsencrypt/live/notes.{{ LMS_HOST }}/privkey.pem;
  {% endif %}

  # Disables server version feedback on pages and in headers
  server_tokens off;

  location / {
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_set_header X-Forwarded-Port $server_port;
    proxy_set_header X-Forwarded-For $remote_addr;
    proxy_set_header Host $http_host;
    proxy_redirect off;

    # Docker resolver
    resolver 127.0.0.11 valid=10s;
    set $upstream notes;
    proxy_pass http://$upstream:8000;
  }
}
{% endif %}

{% if ACTIVATE_PORTAINER %}
{% if ACTIVATE_HTTPS %}
server {
    server_name portainer.{{ LMS_HOST }};
    listen 80;
    return 301 https://$server_name$request_uri;
}
{% endif %}

server {
  listen {{ "443 ssl" if ACTIVATE_HTTPS else "80" }};
  server_name portainer.localhost portainer.{{ LMS_HOST }};

  {% if ACTIVATE_HTTPS %}
  ssl_certificate /etc/letsencrypt/live/portainer.{{ LMS_HOST }}/fullchain.pem;
  ssl_certificate_key /etc/letsencrypt/live/portainer.{{ LMS_HOST }}/privkey.pem;
  {% endif %}

  # Disables server version feedback on pages and in headers
  server_tokens off;

  location / {
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_set_header X-Forwarded-Port $server_port;
    proxy_set_header X-Forwarded-For $remote_addr;
    proxy_set_header Host $http_host;
    proxy_redirect off;

    # Docker resolver
    resolver 127.0.0.11 valid=10s;
    set $upstream portainer;
    proxy_pass http://$upstream:9000;
  }
}
{% endif %}