nginx.conf

server {
  listen                *:80;
  server_name           word.fish;

  client_max_body_size 2000M;    # allows file uploads up to XXX megabytes
  client_body_buffer_size 2000M; # this is for in memory uploading of images

  add_header X-Clacks-Overhead "GNU Terry Pratchett";
  add_header X-Clacks-Overhead "GNU Terry Pratchet";
  add_header Access-Control-Allow-Origin *;
  add_header 'Access-Control-Allow-Credentials' 'true';
  add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
  add_header 'Access-Control-Allow-Headers' 'Authorization,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';

  location /.well-known/acme-challenge/ {
      alias /var/www/.well-known/acme-challenge/;
  }

  location /images {
    alias /var/www/images;
  }

  location / {
    include /etc/nginx/uwsgi_params.par;
    uwsgi_pass uwsgi:3031;
  }

  location /static {
    alias /var/www/static;
  }

}

server {

        listen 443;
        server_name word.fish;

        root html;
        client_max_body_size 2000M;
        client_body_buffer_size 2000M;
        
        ssl on;
        ssl_certificate /etc/ssl/certs/chained.pem;
        ssl_certificate_key /etc/ssl/private/domain.key;
        ssl_session_timeout 5m;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        ssl_ciphers ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA;
        ssl_session_cache shared:SSL:50m;
        ssl_dhparam /etc/ssl/certs/dhparam.pem;
        ssl_prefer_server_ciphers on;

        location /images {
            alias /var/www/images;
        }

        location / {
            include /etc/nginx/uwsgi_params.par;
            uwsgi_pass uwsgi:3031;
        }

        location /static {
            alias /var/www/static;
        }
        
}