nginx + letsencrypt + mattermost sample

$ cat /etc/nginx/conf.d/mattermost_ssl.conf
server {
  listen 80;
       	server_name NAME

  location ^~ /.well-known/acme-challenge {
    default_type "text/plain";
    root /var/www/letsencrypt;
  }

  location '/' {
    return 301 https://NAME$request_uri;
  }
}

server {
  listen 443 ssl;
  server_name NAME
  ssl_certificate  /etc/letsencrypt/live/NAME/fullchain.pem
  ssl_certificate_key /etc/letsencrypt/live/NAME/privkey.pem;
  ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

  # opening for letsencrypt
  location ^~ /.well-known/acme-challenge {
    default_type "text/plain";
    root /var/www/letsencrypt;
  }

  location / {
      client_max_body_size 50M;
      proxy_set_header Upgrade $http_upgrade;
      proxy_set_header Connection "upgrade";
      proxy_set_header Host $http_host;
      proxy_set_header X-Real-IP $remote_addr;
      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
      proxy_set_header X-Forwarded-Proto $scheme;
      proxy_set_header X-Frame-Options SAMEORIGIN;
      proxy_pass http://127.0.0.1:8065;
  }
}