automation/deployer/roles/build/templates/synapse/nginx.host.j2

# Generated by ansible for site {{ site.url }} 
# At {{ site.subnet_site_ip }} on {{ site.subnet_cidr_address }}

server {
  listen 80;
  listen [::]:80;
  server_name {{ site.url }} www.{{ site.url }};

  # Let's Encrypt
  include snippets/letsencrypt.conf;

  location / {
{# Does this work as intended when redirect_to_ww is undefined? #}
{% if site.redirect_to_www %}
    return 301 https://www.{{ site.url }}$request_uri;
{% else %}
    return 301 https://{{ site.url }}$request_uri;
{% endif %}
  }
}

server {
  listen 443 ssl;
  listen [::]:443 ssl;
  server_name {{ site.url }} www.{{ site.url }};

  access_log  /var/log/nginx/{{ site.slug }}-access.log;
  error_log   /var/log/nginx/{{ site.slug }}-error.log;

{% if site.redirect_to_www %}
  # Redirect non-www to www
  if ($host = {{ site.url }}) {
    rewrite ^ https://www.{{ site.url }}$request_uri permanent;
  }
{% else %}
  # Redirect www to non-www
  if ($host = www.{{ site.url }}) {
    rewrite ^ https://{{ site.url }}$request_uri permanent;
  }
{% endif %}

  # Let's Encrypt
  include snippets/letsencrypt.conf;

  include snippets/ssl-params.conf;
  ssl_certificate /etc/letsencrypt/live/{{ site.url }}/fullchain.pem;
  ssl_certificate_key /etc/letsencrypt/live/{{ site.url }}/privkey.pem;
  
  include snippets/header-params_server.conf;
  location / {
    include snippets/header-params_location.conf;
  
    proxy_pass http://{{ site.subnet_site_ip }}:3000;
  }
}
working on synapse 2020-05-23 09:22:41 +00:00			`# Generated by ansible for site {{ site.url }}`
			`# At {{ site.subnet_site_ip }} on {{ site.subnet_cidr_address }}`

			`server {`
			`listen 80;`
			`listen [::]:80;`
			`server_name {{ site.url }} www.{{ site.url }};`

			`# Let's Encrypt`
			`include snippets/letsencrypt.conf;`

			`location / {`
			`{# Does this work as intended when redirect_to_ww is undefined? #}`
			`{% if site.redirect_to_www %}`
			`return 301 https://www.{{ site.url }}$request_uri;`
			`{% else %}`
			`return 301 https://{{ site.url }}$request_uri;`
			`{% endif %}`
			`}`
			`}`

			`server {`
			`listen 443 ssl;`
			`listen [::]:443 ssl;`
			`server_name {{ site.url }} www.{{ site.url }};`

			`access_log /var/log/nginx/{{ site.slug }}-access.log;`
			`error_log /var/log/nginx/{{ site.slug }}-error.log;`

			`{% if site.redirect_to_www %}`
			`# Redirect non-www to www`
			`if ($host = {{ site.url }}) {`
			`rewrite ^ https://www.{{ site.url }}$request_uri permanent;`
			`}`
			`{% else %}`
			`# Redirect www to non-www`
			`if ($host = www.{{ site.url }}) {`
			`rewrite ^ https://{{ site.url }}$request_uri permanent;`
			`}`
			`{% endif %}`

			`# Let's Encrypt`
			`include snippets/letsencrypt.conf;`

			`include snippets/ssl-params.conf;`
			`ssl_certificate /etc/letsencrypt/live/{{ site.url }}/fullchain.pem;`
			`ssl_certificate_key /etc/letsencrypt/live/{{ site.url }}/privkey.pem;`

			`include snippets/header-params_server.conf;`
			`location / {`
			`include snippets/header-params_location.conf;`

			`proxy_pass http://{{ site.subnet_site_ip }}:3000;`
			`}`
			`}`