The docs for NGNIX suggest “If is evil”:
https://www.nginx.com/resources/wiki/start/topics/depth/ifisevil/
So yeah I’d believe your changes might be right since the “if” does not work like it appears…
One note, the config file here uses environment vars — that’s actually a feature specific in the ngnix container, not in a “normal” ngnix package on Linux.
And the X.509 client certificates support add a lot of unnecessary config if you’re not using it, too. Now X.509 should work & allows you to hide the router’s password behind a certificate — but it’s complex.