Roots Discourse

How to set up domain redirects in Trellis

I pushed a website live last week (trellis/bedrock/sage) on DO.

the website is live, with SSL correctly active.

I set up some redirect rules with safe-redirect-manager plugin, I used this because it was on the trellis fav plugin, all good with this, everything is working as expected.

only today, the client told me that he has multiples domains, and he would like to redirect to the main domain.
so for example: redirects to redirects to

I read the docs, and from my understanding the only thing that I need to do, it is to list all the domains under redirects in /production/wordpress_sites.yml like this.
is it correct?
    - canonical:

then I will need to update the DNS record A of these domains and point to the right IP for every host listed.

then I guess that the last thing, it will need to re-provision the production server.

are the above steps correct for my scope?

is there something that I need to be aware of, that I didn’t mention?

many thanks

One thing: When you have specified IPv6 records (AAAA) Let’s Encrypt will use these first for the challenge. So either have correct AAAA records or none at all.

Thanks @strarsis, I was not aware of the AAAA record, I had to google it.

so basically I have to check if there is an AAAA record in place, if yes, I will need to point this to the same IP as the main record A, is this right?

are all the other steps correct?

Yes. When you have changed existing DNS records you may also want to check their DNS propagation and wait some minutes before re-applying the playbook (and performing the Let’s Encrypt validation). Temporarily changing the TTL may also be a good idea to speed up propagation.

ok sure, I will check if the propagation is finished, and only after, I will re-provision the production server.

Do I need to deactivate the SSL or I can leave it active when I will do this?

is there a tag just for this (for example --tags nginx-includes) or I will need to run the whole “ansible-playbook server.yml -e env=production”?

Deactivation of SSL (of the old site/currently self-signed cert) shouldn’t be necessary.
There are the letsencrypt tag, maybe it already suffices for setting up Let’s Encrypt?
When in doubt, just run the whole playbook, it may take longer, but it may also reduce surprises.

This topic was automatically closed after 42 days. New replies are no longer allowed.