server {
  listen 80;

  server_name _;

  return 302 https://$host$request_uri;
}


server {
  listen 443 ssl;
  server_name "${CHALLENGE_DOMAIN}";
  ssl_certificate /etc/nginx/server.cert;
  ssl_certificate_key /etc/nginx/server.key;

  location / {
    return 200 "${FLAG}";
  }
}

server {
  listen 443 ssl default_server;
  server_name _;

  ssl_certificate /etc/nginx/server.cert;
  ssl_certificate_key /etc/nginx/server.key;

  location / {
    return 200 'sorry, not here';
    add_header Content-Type text/plain;
  }
}