#server {
#    listen 443 ssl http2;
#    listen [::]:443 ssl http2;

#    server_name libraryofcode.org;
#    ssl_certificate /etc/nginx/ssl/org.chain.crt;

#ssl_certificate_key /etc/nginx/ssl/org.key.pem;

#ssl_session_cache builtin:1000 shared:SSL:10m;

#ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

#ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;

#ssl_prefer_server_ciphers on;
#ssl_protocols TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
#        ssl_prefer_server_ciphers on;ssl_session_cache shared:SSL:10m;
        #ssl_ciphers ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384;
#        ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
#       ssl_dhparam /etc/nginx/dhparam.pem;
#        ssl_ecdh_curve secp384r1;
#        location / {

#proxy_set_header Host $host;

#proxy_set_header X-Real-IP $remote_addr;

#proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

#proxy_set_header X-Forwarded-Proto $scheme;

#proxy_pass http://localhost:4567;

#proxy_read_timeout 90;

#proxy_redirect https://www.libraryofcode.us/ https://libraryofcode.org;

#  }
#}

#server {
#    listen 443 ssl http2;
#    listen [::]:443 ssl http2;

#    server_name www.libraryofcode.org;
#    ssl_certificate /etc/nginx/ssl/org.chain.crt;

#ssl_certificate_key /etc/nginx/ssl/org.key.pem;

#ssl_session_cache builtin:1000 shared:SSL:10m;

#ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

#ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;

#ssl_prefer_server_ciphers on;
#ssl_protocols TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
#        ssl_prefer_server_ciphers on;ssl_session_cache shared:SSL:10m;
        #ssl_ciphers ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384;
#        ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
#       ssl_dhparam /etc/nginx/dhparam.pem;
#        ssl_ecdh_curve secp384r1;
#        location / {

#proxy_set_header Host $host;

#proxy_set_header X-Real-IP $remote_addr;

#proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

#proxy_set_header X-Forwarded-Proto $scheme;

#proxy_pass http://localhost:4567;

#proxy_read_timeout 90;

#proxy_redirect http://localhost:4567 https://www.libraryofcode.org;

#  }
#}

server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;

    server_name ecm.libraryofcode.us;
    ssl_certificate /etc/nginx/ssl/globalsign.chain.crt;

ssl_certificate_key /etc/nginx/ssl/globalsign.key.pem;

#ssl_session_cache builtin:1000 shared:SSL:10m;

#ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

#ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;

#ssl_prefer_server_ciphers on;
ssl_protocols TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
        ssl_prefer_server_ciphers on;ssl_session_cache shared:SSL:10m;
        ssl_ciphers ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384;
        ssl_dhparam /etc/nginx/dhparam.pem;
        ssl_ecdh_curve secp384r1;
        location / {

proxy_set_header Host $host;

proxy_set_header X-Real-IP $remote_addr;

proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";

proxy_pass https://localhost:7150;

proxy_read_timeout 90;

proxy_redirect https://localhost:7150 https://ecm.libraryofcode.us;

  }
}

#server {
#    listen 443 ssl http2;
#    listen [::]:443 ssl http2;

#    server_name directory.libraryofcode.us;
#    ssl_certificate /etc/nginx/ssl/globalsign.chain.crt;

#ssl_certificate_key /etc/nginx/ssl/globalsign.key.pem;
#ssl_protocols TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
#ssl_prefer_server_ciphers on;ssl_session_cache shared:SSL:10m;
#ssl_ciphers ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384;
#ssl_dhparam /etc/nginx/dhparam.pem;
#ssl_ecdh_curve secp384r1;

#location /lam {
#        index index.html;
#        alias /usr/share/ldap-account-manager;
#        autoindex off;
#
#        location ~ \.php$ {
#                fastcgi_split_path_info ^(.+\.php)(/.+)$;
#                fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
#                fastcgi_index index.php;
#                include fastcgi_params;
#        }
#
#        location ~ /lam/(tmp/internal|sess|config|lib|help|locale) {
#                deny all;
#                return 403;
#        }
#
#}
#}