nginx.conf

server {
    listen 80;
    server_name s.je www.s.je;
    return 301 https://s.je$request_uri;
}

server {
    listen 443 ssl http2;   
    server_name s.je www.s.je;
    root /websites/default/public;
    index index.php index.html index.htm;
    
    ssl_certificate /certs/s.je/fullchain.pem;
    ssl_certificate_key /certs/s.je/privkey.pem;    
    ssl_session_cache shared:SSL:10m;
    ssl_trusted_certificate /certs/s.je/chain.pem;
    ssl_stapling on;
    ssl_stapling_verify on;
    resolver 1.1.1.1;
    
    
    gzip on;
    gzip_disable "msie6";

    gzip_vary on;
    gzip_proxied any;
    gzip_comp_level 6;
    gzip_buffers 16 8k;
    gzip_http_version 1.1;
    gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
    
    location / {
        try_files $uri $uri/ /index.php?$query_string;
    }

    location ~ \.php$ {
        add_header Strict-Transport-Security "max-age=31536000;" always;
        add_header X-Frame-Options DENY;
        add_header X-Content-Type-Options nosniff;
        add_header X-XSS-Protection "1; mode=block";        
        try_files $uri $uri/ /index.php =404;
        fastcgi_pass php:9000;
        fastcgi_index index.php;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;     
    }
    
}

server {
    listen 80;
    server_name ~^(?<subdomain>.*)\.s\.je$;
    return 301 https://$subdomain.s.je$request_uri;
}

server {
    listen 443 ssl http2;
    server_name ~^(?<subdomain>.+)\.s\.je$;
    root /websites/$subdomain/public;
    index index.php index.html index.htm;
    
    ssl_certificate /certs/s.je-0001/fullchain.pem;
    ssl_certificate_key /certs/s.je-0001/privkey.pem;   
    ssl_session_cache shared:SSL:10m;
    ssl_trusted_certificate /certs/s.je-0001/chain.pem;
    ssl_stapling on;
    ssl_stapling_verify on;
    resolver 1.1.1.1;
    
    
    gzip on;
    gzip_disable "msie6";

    gzip_vary on;
    gzip_proxied any;
    gzip_comp_level 6;
    gzip_buffers 16 8k;
    gzip_http_version 1.1;
    gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
    
    
        
    location / {
        try_files $uri $uri/ /index.php?$query_string;
    }

    location ~ \.php$ {
        add_header Strict-Transport-Security "max-age=31536000;" always;
        add_header X-Frame-Options DENY;
        add_header X-Content-Type-Options nosniff;
        add_header X-XSS-Protection "1; mode=block";        
        try_files $uri $uri/ /index.php =404;
        fastcgi_pass php:9000;
        fastcgi_index index.php;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;     
    }
    
}


server {
    listen 80;
    server_name v.je www.v.je;
    return 301 https://v.je$request_uri;
}

server {
    listen 443 ssl http2;   
    server_name v.je www.v.je;
    root /websites/default/public;
    index index.php index.html index.htm;
    
    ssl_certificate /certs/v.je/fullchain.pem;
    ssl_certificate_key /certs/v.je/privkey.pem;    
    ssl_session_cache shared:SSL:10m;
    ssl_trusted_certificate /certs/v.je/chain.pem;
    ssl_stapling on;
    ssl_stapling_verify on;
    resolver 1.1.1.1;
    
    
    gzip on;
    gzip_disable "msie6";

    gzip_vary on;
    gzip_proxied any;
    gzip_comp_level 6;
    gzip_buffers 16 8k;
    gzip_http_version 1.1;
    gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
    
    location / {
        try_files $uri $uri/ /index.php?$query_string;
    }

    location ~ \.php$ {
        add_header Strict-Transport-Security "max-age=31536000;" always;
        add_header X-Frame-Options DENY;
        add_header X-Content-Type-Options nosniff;
        add_header X-XSS-Protection "1; mode=block";
        try_files $uri $uri/ /index.php =404;
        fastcgi_pass php:9000;
        fastcgi_index index.php;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;     
    }
    
}


server {
    listen 443 ssl http2;
    server_name mail.v.je;
    root /websites/default/public;
    index index.php index.html index.htm;

    ssl_certificate /certs/v.je-0001/fullchain.pem;
    ssl_certificate_key /certs/v.je-0001/privkey.pem;
    ssl_session_cache shared:SSL:10m;
    ssl_trusted_certificate /certs/v.je-0001/chain.pem;
    ssl_stapling on;
    ssl_stapling_verify on;
    resolver 1.1.1.1;

    gzip on;
    gzip_disable "msie6";

    gzip_vary on;
    gzip_proxied any;
    gzip_comp_level 6;
    gzip_buffers 16 8k;
    gzip_http_version 1.1;
    gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;

    location / {
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_pass http://maildev:1080;
    }
}

server {
    listen 80;
    server_name ~^(?<subdomain>.*)\.v\.je$;
    return 301 https://$subdomain.v.je$request_uri;
}

server {
    listen 443 ssl http2;
    server_name ~^(?<subdomain>.+)\.v\.je$;
    root /websites/$subdomain/public;
    index index.php index.html index.htm;
    
    ssl_certificate /certs/v.je-0001/fullchain.pem;
    ssl_certificate_key /certs/v.je-0001/privkey.pem;   
    ssl_session_cache shared:SSL:10m;
    ssl_trusted_certificate /certs/v.je-0001/chain.pem;
    ssl_stapling on;
    ssl_stapling_verify on;
    resolver 1.1.1.1;
    
    
    gzip on;
    gzip_disable "msie6";

    gzip_vary on;
    gzip_proxied any;
    gzip_comp_level 6;
    gzip_buffers 16 8k;
    gzip_http_version 1.1;
    gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
    
    
        
    location / {
        try_files $uri $uri/ /index.php?$query_string;
    }

    location ~ \.php$ {
        add_header Strict-Transport-Security "max-age=31536000;" always;
        add_header X-Frame-Options DENY;
        add_header X-Content-Type-Options nosniff;
        add_header X-XSS-Protection "1; mode=block";        
        try_files $uri $uri/ /index.php =404;
        fastcgi_pass php:9000;
        fastcgi_index index.php;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;     
    }
    
}