I just wanted to drop this here for posterity. Everything seems to work for me at the moment but I'm open to suggestions on how to make it better!
# /etc/nginx/sites-available/pihole
server {
listen 80 default_server;
server_name _;
location / {
proxy_pass http://127.0.0.1:8080;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $http_host;
}
}
server {
listen 80;
server_name pihole.example.com;
# Snippet for Let's Encrypt certificate creation
location /.well-known/ {
default_type "text/plain";
allow all;
root /var/www/certbot;
}
location / {
return 301 https://$server_name$request_uri;
}
}
server {
listen 443 ssl;
server_name pihole.example.com;
ssl on;
ssl_certificate /etc/letsencrypt/live/pihole.example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/pihole.example.com/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/pihole.example.com/chain.pem;
location / {
proxy_pass http://127.0.0.1:8080/admin/;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $http_host;
access_log /var/log/nginx/pihole.access.log;
error_log /var/log/nginx/pihole.error.log error;
}
}