This is in addition to my IOCAGE nginx setup.
Can't guarantee that this guide will help with another setup!

So from the previous guide, we just add another config file in sites-available

iocage exec www nano /usr/local/etc/nginx/sites-available/SUB.DOMAIN.SE

Add this in that file.


server {
    # Update this line to be your domain
    server_name URL.WITHSUBDOMAIN.EU;

    # These shouldn't need to be changed
    listen 80;
    return 301 https://$host$request_uri;
}

server {
    # Update this line to be your domain
    server_name URL:WITHSUBDOMAIN.EU;

    # Ensure these lines point to your SSL certificate and key
    ssl_certificate /usr/local/etc/letsencrypt/live/CERTIFICATENAME/fullchain.pem;
    ssl_certificate_key /usr/local/etc/letsencrypt/live/CERTIFICATENAME/privkey.pem;
    # Use these lines instead if you created a self-signed certificate
    # ssl_certificate /etc/nginx/ssl/cert.pem;
    # ssl_certificate_key /etc/nginx/ssl/key.pem;

    # Ensure this line points to your dhparams file
    ssl_dhparam /usr/local/etc/nginx/ssl/dhparams.pem;

    # These shouldn't need to be changed
    listen 443 ssl; # if your nginx version is >= 1.9.5 you can also add the "http2" flag here
    add_header Strict-Transport-Security "max-age=31536000; ";
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";
    ssl_prefer_server_ciphers on;
    ssl_session_cache shared:SSL:10m;

    proxy_buffering off;

    location / {
        proxy_pass http://INTERNALIP:INTERNALPORT_IFNEEDED;
        proxy_set_header Host $host;
        proxy_redirect http:// https://;
        proxy_http_version 1.1;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
    }
}

Then we add a symlink and restart nginx, now it should be ready

iocage exec www ln -s /usr/local/etc/nginx/sites-available/CONFIGFILE /usr/local/etc/nginx/sites-enabled/
iocage exec www service nginx restart

If you do the "ln" command (symlink) inside the jail (iocage console JAILNAME), you have the power of autocompletion, making sure that errors in typing is negated.