{
        email youremail@myemail.com
        on_demand_tls {
                ask http://localhost:3000/tls-check
        }
}

*.yourpds.com, yourpds.com {
        tls {
                on_demand
        }
        # You'll most likely just want from here to....
        @gatekeeper {
                path /xrpc/com.atproto.server.getSession
                path /xrpc/com.atproto.server.updateEmail
                path /xrpc/com.atproto.server.createSession
                path /xrpc/com.atproto.server.createAccount
                path /@atproto/oauth-provider/~api/sign-in
        }

        handle @gatekeeper {
                #This is the address for PDS gatekeeper, default is 8080
                reverse_proxy http://localhost:8080
        }

        reverse_proxy http://localhost:3000
        #..here. Copy and paste this replacing the reverse_proxy http://localhost:3000 line
}