diff --git a/templates/.nginx_stream_block.conf.j2.swp b/templates/.nginx_stream_block.conf.j2.swp
deleted file mode 100644
index a696806..0000000
Binary files a/templates/.nginx_stream_block.conf.j2.swp and /dev/null differ
diff --git a/templates/nginx.conf.j2 b/templates/nginx.conf.j2
new file mode 100644
index 0000000..447bf6f
--- /dev/null
+++ b/templates/nginx.conf.j2
@@ -0,0 +1,68 @@
+user www-data;
+worker_processes auto;
+pid /run/nginx.pid;
+include /etc/nginx/modules-enabled/*.conf;
+
+events {
+	worker_connections 768;
+}
+
+http {
+
+	sendfile on;
+	tcp_nopush on;
+	tcp_nodelay on;
+	keepalive_timeout 65;
+	types_hash_max_size 2048;
+	server_tokens off;
+
+    log_format custom '$remote_user [$time_local]'
+                  '"$request" $status $body_bytes_sent'
+                  '"$http_referer" "$http_user_agent"'
+                  '"$request_time" "$upstream_connect_time"';
+    access_log /var/log/nginx/access.log custom;
+
+	include /etc/nginx/mime.types;
+	default_type application/octet-stream;
+
+	ssl_certificate         {{ ssl_path }}/fullchain.pem;
+	ssl_certificate_key     {{ ssl_path }}/privkey.pem;
+	ssl_protocols TLSv1.2 TLSv1.3;
+	ssl_prefer_server_ciphers on;
+	ssl_ciphers {{ ssl_ciphers }};
+
+	access_log /var/log/nginx/access.log;
+	error_log /var/log/nginx/error.log;
+
+	gzip on;
+    	
+	proxy_cache_path /tmp/nginx.cache.d keys_zone=default_proxy_cache:10m;
+
+	include /etc/nginx/conf.d/*.conf;
+	include /etc/nginx/sites-enabled/*;
+    include http_include.conf;
+
+    server{
+        listen 80 default;
+        listen [::]:80 default;
+
+        # disable logging
+        access_log off;
+
+        include locations/acme-challenge.conf;
+        location /{
+        	return 302 https://$host$request_uri;
+        }
+    }
+}
+
+stream {
+
+	ssl_certificate         {{ ssl_path}}/fullchain.pem;
+	ssl_certificate_key     {{ ssl_path }}/privkey.pem;
+	ssl_protocols TLSv1.2 TLSv1.3;
+	ssl_prefer_server_ciphers on;
+	ssl_ciphers {{ ssl_ciphers }};
+
+    include stream_include.conf;
+}
diff --git a/templates/nginx_server_block.conf.j2 b/templates/nginx_server_block.conf.j2
index 94f93df..b958f64 100644
--- a/templates/nginx_server_block.conf.j2
+++ b/templates/nginx_server_block.conf.j2
@@ -5,11 +5,12 @@ server{
     listen 443 ssl;
     listen [::]:443 ssl;
 
-    {% if servernames %}
-    server_name {% for s in servernames %} {{ s }} {% endfor %};
-    {% endif %}
+    {% if servernames %}server_name{% for s in servernames %} {{ s }}{% endfor %};{% endif %}
 
-    include locations/acme-challenge.conf;
-    
-    proxy_pass http://{{ targetip }}:{{ targetport }};
+    include acme-challenge.conf;
+
+    location / {    
+        proxy_pass http://{{ targetip }}:{{ targetport }};
+    }
 }
+
diff --git a/templates/nginx_stream_block.conf.j2 b/templates/nginx_stream_block.conf.j2
index b605509..9c25e09 100644
--- a/templates/nginx_stream_block.conf.j2
+++ b/templates/nginx_stream_block.conf.j2
@@ -1,10 +1,12 @@
 server {
 
     # {{ comment }}
-
     listen {{ portstring }} {% if udp %} udp {% endif %}{% if ssl %} ssl {% endif %};
-    proxy_pass {{ targetip }}:$server_port;
-    {% if transparent %} proxy_bind $remote_addr transparent; {% endif }
+
     proxy_timeout 10s;
     proxy_responses 1;
+    proxy_pass {{ targetip }}:$server_port;
+
+    {% if transparent %} proxy_bind $remote_addr transparent; {% endif %}
 }
+