diff --git a/dist/nginx.conf b/dist/nginx.conf
index 5bc960e25..4608a3a16 100644
--- a/dist/nginx.conf
+++ b/dist/nginx.conf
@@ -17,25 +17,6 @@ server {
   listen 80;
   listen [::]:80;
   server_name example.com;
-  root /home/mastodon/live/public;
-  location /.well-known/acme-challenge/ { allow all; }
-  location / { return 301 https://$host$request_uri; }
-}
-
-server {
-  listen 443 ssl http2;
-  listen [::]:443 ssl http2;
-  server_name example.com;
-
-  ssl_protocols TLSv1.2 TLSv1.3;
-  ssl_ciphers HIGH:!MEDIUM:!LOW:!aNULL:!NULL:!SHA;
-  ssl_prefer_server_ciphers on;
-  ssl_session_cache shared:SSL:10m;
-  ssl_session_tickets off;
-
-  # Uncomment these lines once you acquire a certificate:
-  # ssl_certificate     /etc/letsencrypt/live/example.com/fullchain.pem;
-  # ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
 
   keepalive_timeout    70;
   sendfile             on;
@@ -131,11 +112,32 @@ server {
     tcp_nodelay on;
   }
 
+  location ^~ /api/v1/activity_log {
+    proxy_set_header Host $host;
+    proxy_set_header X-Real-IP $remote_addr;
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_set_header X-Forwarded-Proto https;
+    proxy_set_header Proxy "";
+    proxy_pass_header Server;
+
+    proxy_pass http://backend;
+    proxy_redirect off;
+    proxy_http_version 1.1;
+    proxy_set_header Upgrade $http_upgrade;
+    proxy_set_header Connection '';
+
+    proxy_cache off;
+    proxy_buffering off;
+    chunked_transfer_encoding off;
+
+    tcp_nodelay on;
+  }
+
   location @proxy {
     proxy_set_header Host $host;
     proxy_set_header X-Real-IP $remote_addr;
     proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-    proxy_set_header X-Forwarded-Proto $scheme;
+    proxy_set_header X-Forwarded-Proto https;
     proxy_set_header Proxy "";
     proxy_pass_header Server;