diff --git a/installation/ditto.conf b/installation/ditto.conf
index afdf65c..773573d 100644
--- a/installation/ditto.conf
+++ b/installation/ditto.conf
@@ -1,4 +1,4 @@
-# Nginx configuration for Ditto with IPFS.
+# Nginx configuration for Ditto.
 #
 # Edit this file to change occurences of "example.com" to your own domain.
 
@@ -6,10 +6,6 @@ upstream ditto {
   server 127.0.0.1:4036;
 }
 
-upstream ipfs_gateway {
-  server 127.0.0.1:8080;
-}
-
 server {
   listen 80;
   listen [::]:80;
@@ -18,21 +14,8 @@ server {
 }
 
 server {
-  # Uncomment these lines once you acquire a certificate:
-  # listen 443 ssl http2;
-  # listen [::]:443 ssl http2;
   server_name example.com;
 
-  ssl_protocols TLSv1.2 TLSv1.3;
-  ssl_ciphers HIGH:!MEDIUM:!LOW:!aNULL:!NULL:!SHA;
-  ssl_prefer_server_ciphers on;
-  ssl_session_cache shared:SSL:10m;
-  ssl_session_tickets off;
-
-  # Uncomment these lines once you acquire a certificate:
-  # ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
-  # ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
-
   keepalive_timeout 70;
   sendfile on;
   client_max_body_size 100m;
@@ -44,53 +27,42 @@ server {
   proxy_set_header Host $http_host;
   proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
 
+  root /opt/ditto/public;
+
+  location @spa {
+    try_files /index.html /dev/null;
+  }
+
+  location @frontend {
+    try_files $uri @ditto-static;
+  }
+
+  location @ditto-static {
+    root /opt/ditto/static;
+    try_files $uri @spa;
+  }
+
   location /packs {
     add_header Cache-Control "public, max-age=31536000, immutable";
     add_header Strict-Transport-Security "max-age=31536000" always;
     root /opt/ditto/public;
   }
 
-  location ~ ^/(instance|sw.js$|sw.js.map$) {
+  location ~ ^/(instance|sw\.js$|sw\.js\.map$) {
     root /opt/ditto/public;
+    try_files $uri =404;
   }
 
-  location /images {
+  location = /favicon.ico {
     root /opt/ditto/static;
+    try_files $uri =404;
   }
 
-  location / {
+  location ~ ^/(api|relay|oauth|manifest.json|nodeinfo|.well-known/(nodeinfo|nostr.json)) {
     proxy_pass http://ditto;
   }
-}
-
-server {
-  # Uncomment these lines once you acquire a certificate:
-  # listen 443 ssl http2;
-  # listen [::]:443 ssl http2;
-  server_name media.example.com;
-
-  ssl_protocols TLSv1.2 TLSv1.3;
-  ssl_ciphers HIGH:!MEDIUM:!LOW:!aNULL:!NULL:!SHA;
-  ssl_prefer_server_ciphers on;
-  ssl_session_cache shared:SSL:10m;
-  ssl_session_tickets off;
-
-  # Uncomment these lines once you acquire a certificate:
-  # ssl_certificate /etc/letsencrypt/live/media.example.com/fullchain.pem;
-  # ssl_certificate_key /etc/letsencrypt/live/media.example.com/privkey.pem;
-
-  keepalive_timeout 70;
-  sendfile on;
-  client_max_body_size 1m;
-  ignore_invalid_headers off;
-
-  proxy_http_version 1.1;
-  proxy_set_header Upgrade $http_upgrade;
-  proxy_set_header Connection "upgrade";
-  proxy_set_header Host $http_host;
-  proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
 
   location / {
-    proxy_pass http://ipfs_gateway;
+    try_files /dev/null @frontend;
   }
 }
diff --git a/installation/ipfs.service b/installation/ipfs.service
deleted file mode 100644
index e345097..0000000
--- a/installation/ipfs.service
+++ /dev/null
@@ -1,13 +0,0 @@
-[Unit]
-Description=IPFS Daemon
-Wants=network-online.target
-After=network-online.target
-
-[Service]
-Type=simple
-User=ditto
-ExecStart=/usr/local/bin/ipfs daemon
-Restart=on-failure
-
-[Install]
-WantedBy=multi-user.target
\ No newline at end of file