I’ve been having a really difficult time trying to get this to work. I’ve followed the documentation and tried numerous configurations through trellis, nginx template files and DNS settings. For the life of me I can’t get the www to successfully redirect to the non-www. Currently, the issue is that it’s picking up on the non-www SSL certification and flagging it as a security risk.
If I tab the redirects under canonical like it shows in the docs, I get a syntax error. If I try to canonical tags, I get a LE error on provision. I’ve also tried NGINX template files for the site:
www redirect to non-www is the default when the canonical and redirect params are set the way you have them setup in your config, there shouldn’t be any additional configs necessary. If you have your DNS setup properly (which it appears you do) then you need not alter anything else.
I suspect you may have provisioned your server before you setup your A Record for the www hostname.
Can you please remove your additional configs and run the LetsEncrypt task from the provision playbook again and output results here?
The error appears to have been in '/mnt/c/src/christina-website/trellis/group_vars/production/wordpress_sites.yml': line 9, column 7, but may
be elsewhere in the file depending on the exact syntax problem.
The offending line appears to be:
- canonical: cg-originals.com
redirects:
^ here
This doesn’t through any errors on provision, but I’m still not able to get the www to work. I did provision this server without taking the www into consideration if there are issues with pre-existing configurations. I’ve currently set the A name for the www but also tried to CNAME it to the non-www on the DNS and still had issues.
# try this
wordpress_sites:
cg-originals.com:
site_hosts:
- canonical: cg-originals.com
redirects:
- www.cg-originals.com
# conceptual representation of wordpress_sites
wordpress_sites: <-- a dict
example.com: <-- a dict, an item in the wordpress_sites dict
site_hosts: <-- a list (because its items are preceded by dashes)
- host_set_1 <-- a dict, an item in the site_hosts list
# conceptual representation of an item in site_hosts
host_set_1: <-- a dict, an item in the site_hosts list
canonical <-- a simple variable, an item in host_set_1 dict
redirects <-- a list, an item in the host_set_1 dict
- redirect_1 <-- a list item, an item in the redirects list
and now I’m able to run a full provision without any errors. However, there still seems to be an invalid cert name error popping up for the www domain. Here is my configuration for reference:
The problem is that once the cert is created, Trellis won’t adjust the domains it covers, at least not until roots/trellis#630 is merged. So, you’ll need to do the following: