server {
    listen 80;
    server_name registry.lesha.spb.ru;

    location /.well-known/acme-challenge/ {
        root /var/www/certbot;
        auth_basic off;
        try_files $uri =404;
    }

    location / {
        return 404;
    }
}

# Enable this block after the certificate has been issued.
# If you want HTTP -> HTTPS redirect after issuance, replace the HTTP
# `location / { return 404; }` above with `return 301 https://$host$request_uri;`.
#
# server {
#     listen 443 ssl;
#     http2 on;
#     server_name registry.lesha.spb.ru;
#
#     client_max_body_size 1024m;
#     proxy_read_timeout 900;
#     proxy_connect_timeout 10s;
#
#     ssl_certificate /etc/letsencrypt/live/registry.lesha.spb.ru/fullchain.pem;
#     ssl_certificate_key /etc/letsencrypt/live/registry.lesha.spb.ru/privkey.pem;
#
#     location /v2/ {
#         proxy_pass http://registry:5000;
#         proxy_set_header Host $http_host;
#         proxy_set_header X-Real-IP $remote_addr;
#         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#         proxy_set_header X-Forwarded-Proto https;
#         add_header Docker-Distribution-Api-Version registry/2.0 always;
#     }
#
#     location / {
#         return 404;
#     }
# }