diff --git a/roles/gitlab-and-nginx/defaults/main.json b/roles/gitlab-and-nginx/defaults/main.json
index c51d108..6bffbd7 100644
--- a/roles/gitlab-and-nginx/defaults/main.json
+++ b/roles/gitlab-and-nginx/defaults/main.json
@@ -1,5 +1,4 @@
 {
-	"var_gitlab_and_nginx_domain": "gitlab.example.org",
-	"var_gitlab_and_nginx_path": "/opt/gitlab",
-	"var_gitlab_and_nginx_tls": "enable"
+	"var_gitlab_and_nginx_domain": "element.example.org",
+	"var_gitlab_and_nginx_path": "/opt/element"
 }
diff --git a/roles/gitlab-and-nginx/templates/conf.j2 b/roles/gitlab-and-nginx/templates/conf.j2
index 1033ae6..4208162 100644
--- a/roles/gitlab-and-nginx/templates/conf.j2
+++ b/roles/gitlab-and-nginx/templates/conf.j2
@@ -29,11 +29,34 @@ map $http_referer $gitlab_ssl_filtered_http_referer {
 	~^(?<temp>.*)\? $temp;
 }
 
-boilerplate gitlab_common {
+server {
+	listen 80 default_server;
+	listen [::]:80 ipv6only=on default_server;
+	
+	server_name {{var_gitlab_and_nginx_domain}};
+	server_tokens off;
+	
+	return 301 https://$http_host$request_uri;
+	
+	access_log /var/log/nginx/gitlab_access.log gitlab_ssl_access;
+	error_log /var/log/nginx/gitlab_error.log;
+}
+
+server {
+	listen 0.0.0.0:443 ssl http2;
+	listen [::]:443 ipv6only=on ssl http2 default_server;
+	
+	server_name {{var_gitlab_and_nginx_domain}};
+	server_tokens off;
+	
+	ssl_certificate /etc/ssl/fullchains/{{var_gitlab_and_nginx_domain}}.pem;
+	ssl_certificate_key /etc/ssl/private/{{var_gitlab_and_nginx_domain}}.pem;
+	include /etc/nginx/ssl-hardening.conf;
+	
 	real_ip_header X-Real-IP;
 	real_ip_recursive off;
 	
-	access_log /var/log/nginx/gitlab_access.log;# gitlab_ssl_access;
+	access_log /var/log/nginx/gitlab_access.log gitlab_ssl_access;
 	error_log /var/log/nginx/gitlab_error.log;
 	
 	location / {
@@ -69,32 +92,3 @@ boilerplate gitlab_common {
 	}
 }
 
-server {
-	server_name {{var_gitlab_and_nginx_domain}};
-	server_tokens off;
-	
-	listen 80 default_server;
-	listen [::]:80 ipv6only=on default_server;
-	
-{% if (var_gitlab_and_nginx_tls == "force") %}
-	return 301 https://$http_host$request_uri;
-{% else %}
-	invoke gitlab_common;
-{% endif %}
-}
-
-{% if (var_gitlab_and_nginx_tls != "disable") %}
-server {
-	server_name {{var_gitlab_and_nginx_domain}};
-	server_tokens off;
-	
-	listen 0.0.0.0:443 ssl http2;
-	listen [::]:443 ipv6only=on ssl http2 default_server;
-	
-	ssl_certificate /etc/ssl/fullchains/{{var_gitlab_and_nginx_domain}}.pem;
-	ssl_certificate_key /etc/ssl/private/{{var_gitlab_and_nginx_domain}}.pem;
-	include /etc/nginx/ssl-hardening.conf;
-	
-	invoke gitlab_common;
-}
-{% endif %}