From 2c20fa4a2fc0feeca5ec180f520adb64e4fa9969 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Greg=20Kar=C3=A9kinian?= <greg@karekinian.com>
Date: Fri, 18 Oct 2019 13:26:04 +0200
Subject: [PATCH] Fix the nginx vhost for akkounts-api

Listening on port 80 when there is no TLS cert prevented Let's Encrypt
to generate a cert
---
 .../templates/nginx_conf_akkounts-api.erb             | 11 ++---------
 1 file changed, 2 insertions(+), 9 deletions(-)

diff --git a/site-cookbooks/kosmos-akkounts/templates/nginx_conf_akkounts-api.erb b/site-cookbooks/kosmos-akkounts/templates/nginx_conf_akkounts-api.erb
index f01fa26..58b7eeb 100644
--- a/site-cookbooks/kosmos-akkounts/templates/nginx_conf_akkounts-api.erb
+++ b/site-cookbooks/kosmos-akkounts/templates/nginx_conf_akkounts-api.erb
@@ -1,23 +1,15 @@
 # Generated by Chef
+<% if File.exist?(@ssl_cert) && File.exist?(@ssl_key) -%>
 upstream _akkounts {
   server   localhost:<%= @port %>;
 }
 
-map $http_upgrade $connection_upgrade {
-  default upgrade;
-  '' close;
-}
-
 server {
-  <% if File.exist?(@ssl_cert) && File.exist?(@ssl_key) -%>
   listen 443 ssl http2;
   add_header Strict-Transport-Security "max-age=15768000";
 
   ssl_certificate <%= @ssl_cert %>;
   ssl_certificate_key <%= @ssl_key %>;
-  <% else -%>
-  listen 80;
-  <% end -%>
 
   server_name <%= @server_name %>;
 
@@ -33,3 +25,4 @@ server {
    }
 
 }
+<% end -%>