nginx.conf

# HTTPS server for timweber.name.
server {
	server_name timweber.name;
	# This include will exist on my server as soon as the Let's Encrypt cert has been retrieved automatically.
	# It contains a "listen 443 ssl" and other SSL paths and options. As long as it does not exist, certbot
	# can use this server block to provide the HTTP challenge response.
	include /etc/nginx/letsencrypt-snippet.active[.]conf;

	location / {
		root /srv/www/timweber.name/public;
	}
}

# Redirect timweber.name (HTTP) to HTTPS.
# nginx will ignore this block if the one above doesn't have SSL configured, since server_name and port will conflict.
server {
	listen 80;
	server_name timweber.name;
	return 301 https://timweber.name$request_uri;
}

# Additional redirects for www.timweber.name and (www.)tim-weber.name, with and without HTTPS.
server {
	listen 80;
	server_name www.timweber.name tim-weber.name www.tim-weber.name;
	include /etc/nginx/letsencrypt-snippet.active[.]conf;
	return 301 https://timweber.name$request_uri;
}