# main server: https://www.somersoft.com
# comment out this entire server block when installing cert for the first time
# certbot can use port 80 but SSL cert won't exist yet, so can't use 443
server {
server_name www.somersoft.com;
access_log /var/log/nginx/somersoft.com/somersoft.access.log;
error_log /var/log/nginx/somersoft.com/somersoft.error.log;
root /srv/www/somersoft.com;
include snippets/ssl.conf; # HTTPS IPv4 (SNI)
listen [2400:8901:e001:3d::103]:443 ssl http2; # HTTPS IPv6
include ssl/somersoft.com.conf;
include snippets/letsencrypt.conf;
include snippets/xenforo.conf;
}
# redirect naked domain https://somersoft.com => https://www.somersoft.com
# comment out this server block when installing cert for the first time
# certbot will use port 80 but SSL cert won't exist yet, so can't use 443
server {
server_name somersoft.com;
access_log /var/log/nginx/somersoft.com/somersoft-redirect.access.log;
error_log /var/log/nginx/somersoft.com/somersoft-redirect.error.log;
include snippets/ssl.conf; # HTTPS IPv4 (SNI)
listen [2400:8901:e001:3d::103]:443 ssl http2; # HTTPS IPv6
include ssl/somersoft.com.conf;
include snippets/letsencrypt.conf;
return 301 https://www.somersoft.com$request_uri;
}
# redirect naked and www domains from http to https ...
# http://somersoft.com => https://www.somersoft.com
# http://www.somersoft.com => https://www.somersoft.com
# when installing SSL certs for the first time, letssencrypt will actually use this server block to connect on port 80!
server {
server_name www.somersoft.com somersoft.com;
access_log /var/log/nginx/somersoft.com/somersoft-redirect.access.log;
error_log /var/log/nginx/somersoft.com/somersoft-redirect.error.log;
listen 80;
listen [2400:8901:e001:3d::103]:80; # IPv6
include snippets/letsencrypt.conf;
return 301 https://www.somersoft.com$request_uri;
}