nginx https www redirect to non-www using let's encrypt certbot
You use separate server blocks for each of the four variations of http/s and www/non-www. You never use "if" statements if you can do things another way - Nginx If is Evil.
# http server, static websites
server {
server_name example.com;
listen 443 ssl http2;
ssl_certificate /var/lib/acme/certs/***CERT_DIRECTORY/fullchain;
ssl_certificate_key /var/lib/acme/certs/***CERT_DIRECTORY/privkey;
root /var/www/***rootdir;
}
# This server simply redirects the requested to the https version of the page
server {
listen 80;
server_name www.example.com example.com;
# Let's Encrypt certificates with Acmetool
location /.well-known/acme-challenge/ {
alias /var/www/.well-known/acme-challenge/;
}
location / {
return 301 https://example.com$request_uri;
}
}
server {
listen 443 ssl http2;
server_name www.example.com;
ssl_certificate /var/lib/acme/certs/***CERT_DIRECTORY/fullchain;
ssl_certificate_key /var/lib/acme/certs/***CERT_DIRECTORY/privkey;
return 301 https://example.com$request_uri;
}