With that redirect uncommented I get the following error upon provisioning:
Could not access the challenge file for the hosts/domains: www.domain.com.
Let's Encrypt requires every domain/host be publicly accessible. Make sure
that a valid DNS record exists for www.domain.com and that they point to this
server's IP. If you don't want these domains in your SSL certificate, then
remove them from `site_hosts`. See https://roots.io/trellis/docs/ssl for more
There is a valid A record for the www record, pointing to the site’s IP (the same IP that the catchall record points to, which works).
Is there another location in Trellis config that I need to enter the “www” version of the URL?