Redirecting www

My initial HTTPS setup with Let's Encrypt was just a manually-requested, manually-installed certificate. It worked, but it couldn't be automatically renewed. It also only applied to, leaving out in the cold. Worse, it was impossible to connect to through HTTP because I enabled HTTP Strict Transport Security.

So, as of today, I've set up certbot so that it automatically renews my certificates, and I've added as a domain on the certificate. I've also updated my nginx configuration to redirect from to

Here's a fragment of my certbot renewal configuration file. Note that I had to add the installer line manually, but perhaps you won't have to.

# /etc/letsencrypt/renewal/site.conf

authenticator = nginx
installer = nginx

And here's a fragment of my nginx configuration:

# Redirect to
server {
    listen 443 ssl http2;
    return 301$request_uri;

# Redirect all HTTP traffic to HTTPS.
server {
    listen 80;
    return 301$request_uri;

I think the next step for the site will be to analyze incoming requests that fail. I don't want people clicking through to my site and seeing a 404 error message for previously-valid URL's!