From 2d860b04fce225b4aee1d014ab099229d15a579c Mon Sep 17 00:00:00 2001
From: Daniel Carrera <daniel.r.carrera@outlook.com>
Date: Thu, 25 Jun 2020 18:35:15 -0400
Subject: [PATCH] Do not HTTPS redirect Let'sEncrypt ACME challenge

---
 nginx.tmpl | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/nginx.tmpl b/nginx.tmpl
index 48ac467..273a557 100644
--- a/nginx.tmpl
+++ b/nginx.tmpl
@@ -514,7 +514,18 @@ server {
 	include /etc/nginx/vhost.d/default;
 	{{ end }}
 
-	return 301 http://{{ $first_host }}$request_uri;
+	# Do not HTTPS redirect Let'sEncrypt ACME challenge
+	location /.well-known/acme-challenge/ {
+		auth_basic off;
+		allow all;
+		root /usr/share/nginx/html;
+		try_files $uri =404;
+		break;
+	}
+	
+	location / {
+		return 301 https://{{ $first_host }}$request_uri;
+	}
 }
 
 {{ if (and (not $is_https) (exists "/etc/nginx/certs/default.crt") (exists "/etc/nginx/certs/default.key")) }}