server {

    listen a.b.c.4:80;
    server_name matrix.mydomain.de;
    return 301 https://$host$request_uri;

}

server {
    listen              a.b.c.4:443 ssl;
    server_name         matrix.mydomain.de;
    ssl_certificate     /etc/ssl/private/matrix.mydomain.de/bundle.pem;
    ssl_certificate_key /etc/ssl/private/matrix.mydomain.de/matrix.mydomain.de.key;
    ssl_protocols       TLSv1.2 TLSv1.3;
    ssl_ciphers         HIGH:!aNULL:!MD5;
    root /var/www/empty;

  location / {
      proxy_pass http://127.0.0.1:8008;
  }

  location /.well-known/matrix/server {
    return 200 '{"m.server": "matrix.mydomain.de:443"}';
    add_header Content-Type application/json;
   }

  location /.well-known/matrix/client {
    return 200 '{"m.homeserver": {"base_url": "https://matrix.mydomain.de"}}';
    add_header Content-Type application/json;
    add_header "Access-Control-Allow-Origin" *;
  }

}