server {
    listen 443 ssl;
    server_name pihole.abhinavsarkar.net;

    ssl_certificate /etc/nginx/certs/fullchain1.pem;
    ssl_certificate_key /etc/nginx/certs/privkey1.pem;

    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_prefer_server_ciphers on;
    ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';

    proxy_set_header X-Real-IP  $remote_addr; # pass on real client IP

    location / {
            proxy_pass http://pihole;
    }
}

server {
    listen 80;
    server_name pihole.abhinavsarkar.net;
    return 301 https://$host$request_uri;
}

server {
    listen 80 default_server;
    location / {
            proxy_pass http://pihole;
    }
}