Update MS installs to include HTTPS be default

Author: A5hleyRich

README.md

@@ -3,8 +3,8 @@
 This repository contains the Nginx configurations used within the series [Hosting WordPress Yourself](https://deliciousbrains.com/hosting-wordpress-setup-secure-virtual-server/). It contains best practices from various sources, including the [WordPress Codex](https://codex.wordpress.org/Nginx) and [H5BP](https://github.com/h5bp/server-configs-nginx). The following example sites are included:
 
 * fastcgi-cache.com - WordPress with [FastCGI caching](https://deliciousbrains.com/hosting-wordpress-yourself-server-monitoring-caching/#page-cache)
-* multisite-subdomain.com - WordPress Multisite install using subdomains
-* multisite-subdirectory.com - WordPress Multisite install using subdirectories
+* multisite-subdirectory.com - WordPress multisite install using subdirectories
+* multisite-subdomain.com - WordPress multisite install using subdomains
 * single-site.com - WordPress single site install
 * single-site-with-caching.com - WordPress single site install with FastCGI caching
 * single-site-no-ssl.com - WordPress single site install (no SSL or page caching)

sites-available/multisite-subdirectory.com

@@ -1,14 +1,18 @@
 server {
 	# Ports to listen on
-	listen 80;
-	listen [::]:80;
+	listen 443 ssl http2;
+	listen [::]:443 ssl http2;
 
 	# Server name to listen for
 	server_name multisite-subdirectory.com;
 
 	# Path to document root
 	root /sites/multisite-subdirectory.com/public;
 
+	# Paths to certificate files.
+	ssl_certificate /etc/letsencrypt/live/multisite-subdirectory.com/fullchain.pem;
+	ssl_certificate_key /etc/letsencrypt/live/multisite-subdirectory.com/privkey.pem;
+
 	# File to be used as index
 	index index.php;
 
@@ -22,6 +26,9 @@ server {
 	# Multisite subdirectory install
 	include global/server/multisite-subdirectory.conf;
 
+	# SSL rules
+	include global/server/ssl.conf;
+
 	location / {
 		try_files $uri $uri/ /index.php?$args;
 	}
@@ -36,6 +43,16 @@ server {
 	}
 }
 
+# Redirect http to https
+server {
+	listen 80;
+	listen [::]:80;
+	server_name multisite-subdirectory.com;
+
+	return 301 https://$host$request_uri;
+}
+
+
 # Redirect www to non-www
 server {
 	listen 80;

sites-available/multisite-subdomain.com

@@ -1,14 +1,18 @@
 server {
 	# Ports to listen on
-	listen 80;
-	listen [::]:80;
+	listen 443 ssl http2;
+	listen [::]:443 ssl http2;
 
 	# Server name to listen for
 	server_name multisite-subdomain.com *.multisite-subdomain.com;
 
 	# Path to document root
 	root /sites/multisite-subdomain.com/public;
 
+	# Paths to certificate files.
+	ssl_certificate /etc/letsencrypt/live/multisite-subdomain.com/fullchain.pem;
+	ssl_certificate_key /etc/letsencrypt/live/multisite-subdomain.com/privkey.pem;
+
 	# File to be used as index
 	index index.php;
 
@@ -19,6 +23,9 @@ server {
 	# Default server block rules
 	include global/server/defaults.conf;
 
+	# SSL rules
+	include global/server/ssl.conf;
+
 	location / {
 		try_files $uri $uri/ /index.php?$args;
 	}
@@ -33,6 +40,15 @@ server {
 	}
 }
 
+# Redirect http to https
+server {
+	listen 80;
+	listen [::]:80;
+	server_name multisite-subdomain.com *.multisite-subdomain.com;
+
+	return 301 https://$host$request_uri;
+}
+
 # Redirect www to non-www
 server {
 	listen 80;