Update Nginx conf: redirect automatically requests to the right domain

2020-07-29 23:00:57 +02:00 · 2020-07-29 23:00:57 +02:00 · b49db39080
parent da1063862e
commit b49db39080
1 changed files with 28 additions and 15 deletions
--- a/ansible/roles/4-nginx/templates/nginx_note.conf
+++ b/ansible/roles/4-nginx/templates/nginx_note.conf
@ -3,8 +3,36 @@ upstream note{
    server unix:///var/www/note_kfet/note_kfet.sock; # file socket
 }

+# Redirect HTTP to nk20 HTTPS
+server {
+    listen 80 default_server;
+    listen [::]:80 default_server;
+
+    location / {
+        return 301 https://nk20-beta.crans.org$request_uri;
+    }
+}
+
+# Redirect all HTTPS to nk20 HTTPS
+server {
+    listen 443 ssl default_server;
+    listen [::]:443 ssl default_server;
+
+    location / {
+        return 301 https://nk20-beta.crans.org$request_uri;
+    }
+
+    ssl_certificate /etc/letsencrypt/live/nk20-beta.crans.org/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/nk20-beta.crans.org/privkey.pem;
+    include /etc/letsencrypt/options-ssl-nginx.conf;
+    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
+}
+
 # configuration of the server
 server {
+    listen 443 ssl;
+    listen [::]:443 ssl;
+
    # the port your site will be served on
    # the domain name it will serve for
    server_name nk20-beta.crans.org; # substitute your machine's IP address or FQDN
@ -28,23 +56,8 @@ server {
        include     /var/www/note_kfet/uwsgi_params; # the uwsgi_params file you installed
    }

-    listen 443 ssl;
    ssl_certificate /etc/letsencrypt/live/nk20-beta.crans.org/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/nk20-beta.crans.org/privkey.pem;
    include /etc/letsencrypt/options-ssl-nginx.conf;
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
-
-}
-
-server {
-    if ($host = nk20-beta.crans.org) {
-        return 301 https://$host$request_uri;
-    }
-
-
-    listen      80;
-    server_name nk20-beta.crans.org;
-    return 404;
-
-
 }