diff --git a/cmd/nginx/podsync.conf b/cmd/nginx/podsync.conf
index 306a0da..73e61e0 100644
--- a/cmd/nginx/podsync.conf
+++ b/cmd/nginx/podsync.conf
@@ -10,26 +10,18 @@ server {
     listen 80;
     listen 443 ssl;
 
-    server_name www.podsync.net;
-
-    ssl_certificate SSL_CERT;
-    ssl_certificate_key SSL_KEY;
-
-    return 301 $scheme://podsync.net$request_uri;
-}
-
-server {
-    listen 80;
-    listen 443 ssl;
-
+    root /usr/share/nginx/html;
     server_name podsync.net;
 
-    root /usr/share/nginx/html;
-
-    location /.well-known/ {}
+    location ^~ /.well-known/acme-challenge {
+        root   /usr/share/nginx/html;
+        default_type text/plain;
+        allow all;
+    }
 
     ssl_certificate SSL_CERT;
     ssl_certificate_key SSL_KEY;
+    ssl_trusted_certificate SSL_CHAIN_CERT;
 
     add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload";