server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    server_name ${server_name};

    ssl_certificate /var/lib/dehydrated/certs/${server_name}/fullchain.pem;
    ssl_certificate_key /var/lib/dehydrated/certs/${server_name}/privkey.pem;

    root /var/www/yourls/htdocs;

    location / {
        index index.php index.html index.htm;
        try_files $uri $uri/ /yourls-loader.php$is_args$args;
    }

    location ~ \.php$ {
        include params/fastcgi;
        fastcgi_index index.php;
        fastcgi_pass unix:/run/php/php${php_version}-fpm.sock;
    }

    # temp
        location ^~ /.well-known/acme-challenge/ {
        alias /var/www/certbot/;
    }
}


# FIXME: this is a temporary solution to allow the certbot challenge to work:
# - ssl_certificate
# - ssl_certificate_key