Eu corri assim:
Site principal:
server {
listen 80;
listen [::]:80 ipv6only=on;
server_name example.com www.example.com;
rewrite ^ https://example.com$request_uri? permanent;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2 ipv6only=on;
server_name www.example.com;
rewrite ^ https://example.com$request_uri? permanent;
}
server {
listen 443 ssl http2 default_server;
listen [::]:443 ssl http2 default_server;
ssl_certificate /usr/local/nginx/ssl/nginx.crt;
ssl_certificate_key /usr/local/nginx/ssl/nginx.key;
server_name example.com;
root /home/example/public_html;
index index.php;
[... all stuff ...]
}
Todos os outros sites
server {
server_name www.example.com example.com;
rewrite ^ https://example.com$request_uri? permanent;
}
server {
listen 443 ssl http2;
ssl_certificate /usr/local/nginx/ssl/nginx.crt;
ssl_certificate_key /usr/local/nginx/ssl/nginx.key;
server_name example.com;
root /home/example/public_html;
index index.php;
[... all stuff ...]
}