diff --git a/roles/nginx_site/templates/site.conf.j2 b/roles/nginx_site/templates/site.conf.j2
index afc3dae..ecc4f64 100644
--- a/roles/nginx_site/templates/site.conf.j2
+++ b/roles/nginx_site/templates/site.conf.j2
@@ -47,7 +47,9 @@ server {
     listen 80;
     listen [::]:80;
     server_name {{ nginx_site_name }};
-{% if nginx_site_name != 'certbot.home.foo.sh' %}
+{% if nginx_site_name == 'certbot.home.foo.sh' and 'proxy' not in groups %}
+    root /srv/web/{{ nginx_site_name }};
+{% else %}
     location /.well-known/acme-challenge/ {
         proxy_pass http://certbot.home.foo.sh/.well-known/acme-challenge/;
     }
@@ -58,8 +60,6 @@ server {
         return 301 https://$host$request_uri;
 {% endif %}
     }
-{% else %}
-    root /srv/web/{{ nginx_site_name }};
 {% endif %}
 }
 {% endif %}