A basic config for forcing HTTPS.

//Default website
server {
        listen 80 default_server;
        listen [::]:80 default_server;
	server_name ntalam.com www.ntalam.com;
	return https://ntalam.com$request_uri;
...
}

//Website 2
server {
	listen 80;
        listen [::]:80;
        server_name proxy.ntalam.com;
        return https://proxy.ntalam.com$request_uri;

...
}

//Reading from port 443
server {
	server_name ntalam.com www.ntalam.com;
	listen [::]:443 ssl ipv6only=on; # managed by Certbot
	listen 443 ssl; # managed by Certbot
	root /path/to/ntalam_com;
	



	location = /favicon.ico {
                log_not_found off;
                access_log off;
        }

        location = /robots.txt {
                allow all;
                log_not_found off;
                access_log off;
        }


    ssl_certificate /etc/letsencrypt/live/ntalam.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/ntalam.com/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}