Fix the nginx vhost for akkounts-api

Listening on port 80 when there is no TLS cert prevented Let's Encrypt
to generate a cert
This commit is contained in:
Greg Karékinian 2019-10-18 13:26:04 +02:00
parent f8af66a532
commit 2c20fa4a2f

View File

@ -1,23 +1,15 @@
# Generated by Chef
<% if File.exist?(@ssl_cert) && File.exist?(@ssl_key) -%>
upstream _akkounts {
server localhost:<%= @port %>;
}
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
server {
<% if File.exist?(@ssl_cert) && File.exist?(@ssl_key) -%>
listen 443 ssl http2;
add_header Strict-Transport-Security "max-age=15768000";
ssl_certificate <%= @ssl_cert %>;
ssl_certificate_key <%= @ssl_key %>;
<% else -%>
listen 80;
<% end -%>
server_name <%= @server_name %>;
@ -33,3 +25,4 @@ server {
}
}
<% end -%>