{
    email youremail@myemail.com
    on_demand_tls {
                      ask http://localhost:3000/tls-check
                  }
}

*.yourpds.com, yourpds.com {
    tls {
            on_demand
        }
# You'll most likely just want from here to....
    @gatekeeper {
                    path /xrpc/com.atproto.server.getSession
                    path /xrpc/com.atproto.server.describeServer
                    path /xrpc/com.atproto.server.updateEmail
                    path /xrpc/com.atproto.server.createSession
                    path /xrpc/com.atproto.server.createAccount
                    path /@atproto/oauth-provider/~api/sign-in
                    path /gate/*
                }

    handle @gatekeeper {
                       #This is the address for PDS gatekeeper, default is 8080
                           reverse_proxy http://localhost:8080
                       }

    reverse_proxy http://localhost:3000
#..here. Copy and paste this replacing the reverse_proxy http://localhost:3000 line
}
