diff --git a/manifests/init.pp b/manifests/init.pp
index f7e89fd1698e00c33c2c559a386ad008c7537add..cebe8c2c380029b8b9fccfefb425ec4eac9e1032 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -1,4 +1,34 @@
-class ai4ca {
+class ai4ca (
+  String $www_root = '/usr/share/nginx/html',
+  Array[String] $index_files = ['index.html'],
+) {
   include profiles::letsencrypt
   include nginx
+
+  nginx::resource::server { fact('networking.fqdn'):
+    ensure              => present,
+    www_root            => $www_root,
+    location_cfg_append => {
+      'rewrite' => '^ https://$server_name$request_uri? permanent',
+    },
+  }
+
+  nginx::resource::server { "${fact('networking.fqdn')} HTTPS":
+    ensure      => present,
+    listen_port => 443,
+    www_root    => $www_root,
+    index_files => $index_files,
+    ssl         => true,
+    ssl_cert    => fact("letsencrypt_certs.${fact('networking.fqdn')}.files.combined"),
+    ssl_key     => fact("letsencrypt_certs.${fact('networking.fqdn')}.files.key"),
+  }
+
+  firewalld_service {
+    'nginx http LiU':
+      zone    => 'liu',
+      service => 'http';
+    'nginx https LiU':
+      zone    => 'liu',
+      service => 'https';
+  }
 }