<% ssl_on = nginx.ssl.cert && nginx.ssl.cert_key %> <% if ssl_on %> server { server_name <%= rc.hostname %>; listen 80; return 301 https://$host$request_uri; } <% end %> server { gzip_static on; server_name <%= rc.hostname %>; error_log <%= nginx.logs.errors %> info; access_log <%= nginx.logs.access %> combined; location / { root <%= nginx.root %>; } <% if ssl_on %> listen 443 ssl; add_header Strict-Transport-Security "max-age=31536000" always; ssl_certificate <%= nginx.ssl.cert %>; ssl_certificate_key <%= nginx.ssl.cert_key %>; <% else %> listen 127.0.0.1:80; <% end %> }