server {
	access_log /var/log/nginx/lol.zzls.xyz.access.log;
	server_name lol.zzls.xyz;
	include configs/general.conf;
	include configs/robotsNone.conf;

	# security headers
	add_header X-XSS-Protection          "1; mode=block" always;
	add_header X-Content-Type-Options    "nosniff" always;
	add_header Referrer-Policy           "no-referrer-when-downgrade" always;
	#add_header Content-Security-Policy   "default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';" always;
	add_header Permissions-Policy        "interest-cohort=()" always;
	add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" always;

	location / {
		proxy_pass http://127.0.0.1:40010;
		include configs/proxy.conf;
	}

	# QUIC
	include configs/http3.conf;

	listen 443 ssl;
	http2 on;

}
server {
	if ($host = lol.zzls.xyz) {
		return 301 https://$host$request_uri;
	}
	listen 80;
	server_name lol.zzls.xyz;
}