diff --git a/roles/arch32_mirror/templates/nginx.d.conf.j2 b/roles/arch32_mirror/templates/nginx.d.conf.j2
index 8e8a16b1903c3202156fa3cf171a63b9536df0f6..6f118254962321a4942e132eddea3143cdaf7d7a 100644
--- a/roles/arch32_mirror/templates/nginx.d.conf.j2
+++ b/roles/arch32_mirror/templates/nginx.d.conf.j2
@@ -1,6 +1,8 @@
 server {
     listen       80;
     listen       [::]:80;
+    listen       443 ssl http2;
+    listen       [::]:443 ssl http2;
     server_name  {{ arch32_mirror_domain }} pool.mirror.archlinux32.org;
     root         {{ arch32_mirror_dir }};
 
@@ -9,18 +11,6 @@ server {
 
     include snippets/letsencrypt.conf;
 
-    autoindex on;
-}
-
-server {
-    listen       443 ssl http2;
-    listen       [::]:443 ssl http2;
-    server_name  {{ arch32_mirror_domain }};
-    root         {{ arch32_mirror_dir }};
-
-    access_log   /var/log/nginx/{{ arch32_mirror_domain }}/access.log reduced;
-    error_log    /var/log/nginx/{{ arch32_mirror_domain }}/error.log;
-
     ssl_certificate      /etc/letsencrypt/live/{{ arch32_mirror_domain }}/fullchain.pem;
     ssl_certificate_key  /etc/letsencrypt/live/{{ arch32_mirror_domain }}/privkey.pem;
     ssl_trusted_certificate /etc/letsencrypt/live/{{ arch32_mirror_domain }}/chain.pem;
diff --git a/roles/dbscripts/templates/nginx.d.conf.j2 b/roles/dbscripts/templates/nginx.d.conf.j2
index 8530e632ba8107b6d30239b834d4df23f8235918..428ced958efd5efc9aa8c131dc8f0fd47ec38fde 100644
--- a/roles/dbscripts/templates/nginx.d.conf.j2
+++ b/roles/dbscripts/templates/nginx.d.conf.j2
@@ -1,33 +1,13 @@
 server {
     listen       80;
     listen       [::]:80;
-    server_name  {{ repos_domain }} {{repos_rsync_domain}};
-    root         /srv/ftp;
-
-    include snippets/letsencrypt.conf;
-
-    satisfy  any;
-
-    access_log   /var/log/nginx/{{ repos_domain }}/access.log reduced;
-
-    location /lastupdate {
-        allow all;
-    }
-
-	location / {
-		auth_basic            "Restricted";
-		auth_basic_user_file  auth/dbscripts.htpasswd;
-
-		autoindex  on;
-	}
-}
-
-server {
     listen       443 ssl http2;
     listen       [::]:443 ssl http2;
     server_name  {{ repos_domain }} {{repos_rsync_domain}};
     root         /srv/ftp;
 
+    include snippets/letsencrypt.conf;
+
     ssl_certificate      /etc/letsencrypt/live/{{ repos_domain }}/fullchain.pem;
     ssl_certificate_key  /etc/letsencrypt/live/{{ repos_domain }}/privkey.pem;
     ssl_trusted_certificate /etc/letsencrypt/live/{{ repos_domain }}/chain.pem;
diff --git a/roles/syncrepo/templates/nginx.d.conf.j2 b/roles/syncrepo/templates/nginx.d.conf.j2
index 7b8436a5146f8d65cddd8c0c257ab03c67d9d77f..d4040347566c35fbfba713797b8b557b9a8d3503 100644
--- a/roles/syncrepo/templates/nginx.d.conf.j2
+++ b/roles/syncrepo/templates/nginx.d.conf.j2
@@ -1,18 +1,6 @@
 server {
     listen       80;
     listen       [::]:80;
-    server_name  {{ mirror_domain }};
-    root         /srv/ftp;
-
-    access_log   /var/log/nginx/{{ mirror_domain }}/access.log reduced;
-    error_log    /var/log/nginx/{{ mirror_domain }}/error.log;
-
-    include snippets/letsencrypt.conf;
-
-    autoindex on;
-}
-
-server {
     listen       443 ssl http2;
     listen       [::]:443 ssl http2;
     server_name  {{ mirror_domain }};
@@ -21,6 +9,8 @@ server {
     access_log   /var/log/nginx/{{ mirror_domain }}/access.log reduced;
     error_log    /var/log/nginx/{{ mirror_domain }}/error.log;
 
+    include snippets/letsencrypt.conf;
+
     ssl_certificate      /etc/letsencrypt/live/{{ mirror_domain }}/fullchain.pem;
     ssl_certificate_key  /etc/letsencrypt/live/{{ mirror_domain }}/privkey.pem;
     ssl_trusted_certificate /etc/letsencrypt/live/{{ mirror_domain }}/chain.pem;
diff --git a/roles/wkd/templates/nginx.d.conf.j2 b/roles/wkd/templates/nginx.d.conf.j2
index dd7615d5f7c5efe5aafc910c89641faf8445e7e3..b38f7947121621067c8fc45a266e74435e8fa554 100644
--- a/roles/wkd/templates/nginx.d.conf.j2
+++ b/roles/wkd/templates/nginx.d.conf.j2
@@ -1,18 +1,6 @@
 server {
     listen       80;
     listen       [::]:80;
-    server_name  {{ wkd_domain }};
-    root         {{ wkd_dir }};
-
-    access_log   /var/log/nginx/{{ wkd_domain }}/access.log reduced;
-    error_log    /var/log/nginx/{{ wkd_domain }}/error.log;
-
-    include snippets/letsencrypt.conf;
-
-    autoindex on;
-}
-
-server {
     listen       443 ssl http2;
     listen       [::]:443 ssl http2;
     server_name  {{ wkd_domain }};
@@ -21,6 +9,8 @@ server {
     access_log   /var/log/nginx/{{ wkd_domain }}/access.log reduced;
     error_log    /var/log/nginx/{{ wkd_domain }}/error.log;
 
+    include snippets/letsencrypt.conf;
+
     ssl_certificate      /etc/letsencrypt/live/{{ wkd_domain }}/fullchain.pem;
     ssl_certificate_key  /etc/letsencrypt/live/{{ wkd_domain }}/privkey.pem;
     ssl_trusted_certificate /etc/letsencrypt/live/{{ wkd_domain }}/chain.pem;