diff --git a/roles/php_website/templates/nginx_site.j2 b/roles/php_website/templates/nginx_site.j2
index d6ab61ed76ecba0cb7b815970ad4f3baadbff47e..d9a8f1486e660e50e92d92f18599276c1192cf66 100644
--- a/roles/php_website/templates/nginx_site.j2
+++ b/roles/php_website/templates/nginx_site.j2
@@ -1,10 +1,18 @@
 server {
     # Base settings.
-    listen 80;
     root {{ home }}/htdocs/;
     index {{ index }};
     server_name {{ fqdn }};
 
+    # HTTP (plaintext) configuration.
+    listen 80;
+
+    # HTTPS (TLS) configuration.
+    listen 443 ssl;
+    listen [::]:443 ssl;
+    ssl_certificate_key /etc/ssl/private/{{ https_tls_key | basename }};
+    ssl_certificate /etc/ssl/certs/{{ https_tls_certificate | basename }};
+
     {% if rewrites -%}
     # Generic URL rewrites.
     {% for rewrite in rewrites -%}