diff --git a/roles/wsgi_website/templates/nginx_site.j2 b/roles/wsgi_website/templates/nginx_site.j2
index fa96494fceba87997bb257b2019d6ecfc9fd1dde..abdcd17812fdd87b0b093520e166ecba34fbc0b9 100644
--- a/roles/wsgi_website/templates/nginx_site.j2
+++ b/roles/wsgi_website/templates/nginx_site.j2
@@ -1,10 +1,17 @@
 server {
-    listen 80;
-
+    # Base settings.
     root {{ home }}/htdocs/;
-
     server_name {{ fqdn }};
 
+    # HTTP (plaintext) configuration.
+    listen 80;
+
+    # HTTPS (TLS) configuration.
+    listen 443 ssl;
+    listen [::]:443 ssl;
+    ssl_certificate_key /etc/ssl/private/{{ https_tls_key | basename }};
+    ssl_certificate /etc/ssl/certs/{{ https_tls_certificate | basename }};
+
     {% if rewrites -%}
     # Site rewrites.
     {% for rewrite in rewrites -%}