Nginx

How to configure SSL for Joomla, which is running on a separate Freebsd-jail with Nginx + PHP-Fpm, in front of which there is another Nginx reverse proxy from the host?

Hello.
In general, we will start from the fact that I am a masochist and keep a host machine with Freebsd 12 at home on which I test all sorts of nonsense in jails. If you are not too lazy - help :)

Task: Deploy Joomla in a separate jail, attach reverse-proxy to nginx that works directly on the host, but via https.

Done: jail with Joomla, standard proxy_pass is configured for IP cells, the site opens on port: 80.
Also, certbot --nginx was connected to reverse-proxy, which corrected the config for SSL. Communication with the jail is still on port 80. SSL is disabled in Joomla settings.
the site is opened via hist.chifty.top via https

Problem: Plugins are not installed and the engine is not updated. Error connection timeout.
// I feel that the problem is that the script is still trying to download via http or something like that.

Config from reverse proxy:

user  www;
worker_processes  1;
error_log /var/log/nginx/error.log info;
events {
    worker_connections  1024;
}

http {
    include       mime.types;
    default_type  application/octet-stream;
#   access_log /var/log/nginx/access.log;
    sendfile        on;
    keepalive_timeout  65;

server {
        server_name hist.chifty.top;
        location / {
                proxy_pass http://192.168.222.8:80;
                proxy_set_header Host hist.chifty.top;
        }

    listen 443 ssl; # managed by Certbot
    ssl_certificate /usr/local/etc/letsencrypt/live/hist.chifty.top/fullchain.pem; # managed by Certbot
    ssl_certificate_key /usr/local/etc/letsencrypt/live/hist.chifty.top/privkey.pem; # managed by Certbot
    include /usr/local/etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /usr/local/etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
    if ($host = hist.chifty.top) {
        return 301 https://$host$request_uri;
    } # managed by Certbot
        server_name hist.chifty.top;
        listen 80;
    return 404; # managed by Certbot
}}

Config from jail:

user  www;
worker_processes  1;
error_log /var/log/nginx/error.log info;

events {
    worker_connections  1024;
}

http {
    include       mime.types;
    default_type  application/octet-stream;

    access_log /var/log/nginx/access.log;

    sendfile        on;
    keepalive_timeout  65;

    server {
        listen       80;
        server_name  hist.chifty.top;
        root /usr/local/www/hist;
        index index.php index.html index.htm;

        location / {
            try_files $uri $uri/ =404;
        }

        error_page      500 502 503 504  /50x.html;
        location = /50x.html {
            root /usr/local/www/nginx-dist;
        }

        location ~ \.php$ {
                try_files $uri =404;
                fastcgi_split_path_info ^(.+\.php)(/.+)$;
                fastcgi_pass unix:/var/run/php-fpm.sock;
                fastcgi_index index.php;
                fastcgi_param SCRIPT_FILENAME $request_filename;
                include fastcgi_params;
}
}
}

What did I miss?