server {
        listen       443 ssl http2 reuseport backlog=131072 fastopen=256;
        listen       [::]:443 ssl http2 reuseport backlog=131072 fastopen=256;        
	server_name  domain.me;	
	ssl_certificate /etc/ssl/domain.me.pem;
	ssl_certificate_key /etc/ssl/domain.me.key;
	ssl_dhparam /etc/ssl/dhparams.pem;
	ssl_session_cache shared:le_nginx_SSL:1m;
	ssl_session_cache shared:SSL:50m;
	ssl_session_timeout 4h;
	ssl_session_tickets on;
	ssl_protocols TLSv1.3 TLSv1.2;
	ssl_ecdh_curve secp384r1;
	add_header Strict-Transport-Security 'max-age=63072000; includeSubdomains; preload' always;
	add_header X-Robots-Tag "noindex, nofollow" always;
	add_header X-Content-Type-Options "nosniff" always;
	add_header X-Xss-Protection "1; mode=block" always;
	resolver localhost valid=300s;
	ssl_buffer_size 8k;
	ssl_prefer_server_ciphers off;        
	location / {
        	proxy_redirect off;           
		proxy_pass https://youtube.com/;
        }
	location /aghome/ {
		proxy_pass http://127.0.0.1:8080/;
		proxy_redirect / /aghome/;
		proxy_cookie_path / /aghome/;
	}
        location /v2ray {
        	proxy_redirect off;
		proxy_buffering off;
		proxy_http_version 1.1;
        	proxy_pass http://localhost:8008/;
        	proxy_set_header Host $http_host;
        	proxy_set_header Upgrade $http_upgrade;
		proxy_set_header Connection "upgrade";
        }
}