From f1baeda5d4bdc92f5a7419c99da3f4135229cbd3 Mon Sep 17 00:00:00 2001
From: Gilles Filippini <pini@pini.fr>
Date: Wed, 3 Jun 2020 10:14:08 +0000
Subject: [PATCH] Additional acme-challenge fix

For the case where HTTPS_METHOD=noredirect.
---
 nginx.tmpl | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/nginx.tmpl b/nginx.tmpl
index 2282b64..8bb79b9 100644
--- a/nginx.tmpl
+++ b/nginx.tmpl
@@ -355,6 +355,16 @@ server {
 	{{ if eq $network_tag "internal" }}
 	# Only allow traffic from internal clients
 	include /etc/nginx/network_internal.conf;
+	{{ else }}
+		{{ if (eq $https_method "noredirect") }}
+	location /.well-known/acme-challenge/ {
+		auth_basic off;
+		allow all;
+		root /usr/share/nginx/html;
+		try_files $uri =404;
+		break;
+	}
+		{{ end }}
 	{{ end }}
 
 	{{ if (exists (printf "/etc/nginx/vhost.d/%s" $host)) }}