From 8b5f92394940add81114f266a15dafe67485b163 Mon Sep 17 00:00:00 2001
From: Asif Bacchus <asif@bacchus.cloud>
Date: Fri, 4 Jan 2019 03:00:07 -0700
Subject: [PATCH] added LE processing, updated error pages

---
 availableSites/redirectHTTPS.conf    | 13 +++++++++
 availableSites/redirectHTTPS_LE.conf | 42 ++++++++++++++++++++++++++++
 2 files changed, 55 insertions(+)
 create mode 100644 availableSites/redirectHTTPS_LE.conf

diff --git a/availableSites/redirectHTTPS.conf b/availableSites/redirectHTTPS.conf
index fa37b86..62b04f2 100644
--- a/availableSites/redirectHTTPS.conf
+++ b/availableSites/redirectHTTPS.conf
@@ -12,4 +12,17 @@ server {
 
     # redirect to properly formed HTTPS request
     return 301 https://$host$request_uri;
+
+    # error pages
+    error_page 404 /404.html;
+    location = /404.html {
+        root /usr/share/nginx/html;
+        internal;
+    }
+
+    error_page 500 502 503 504 /50x.html;
+    location = /50x.html {
+        root /usr/share/nginx/html;
+        internal;
+    }
 }
diff --git a/availableSites/redirectHTTPS_LE.conf b/availableSites/redirectHTTPS_LE.conf
new file mode 100644
index 0000000..4cf0617
--- /dev/null
+++ b/availableSites/redirectHTTPS_LE.conf
@@ -0,0 +1,42 @@
+#######
+### NGINX server configuration
+### Redirect to secure connection
+### Process LetsEncrypt verification requests
+#######
+
+server {
+    listen 80;
+    listen [::]:80;
+
+    # specify server name(s)
+    include /etc/nginx/snippets/server_names.conf;
+
+    # redirect to properly formed HTTPS request
+    location / {
+        return 301 https://$host$request_uri;
+    }
+
+    # process LetsEncrypt requests
+    location ^~ /.well-known/acme-challenge {
+        # log requests to review issued certs or for security auditing
+        access_log /var/log/nginx/LetsEncrypt_access.log main;
+        error_log /var/log/nginx/LetsEncrypt_error.log warn;
+
+        default_type text/plain;
+        root /usr/share/nginx/html/letsencrypt;
+        autoindex on;
+    }
+
+    # error pages
+    error_page 404 /404.html;
+    location = /404.html {
+        root /usr/share/nginx/html;
+        internal;
+    }
+
+    error_page 500 502 503 504 /50x.html;
+    location = /50x.html {
+        root /usr/share/nginx/html;
+        internal;
+    }
+}