update vhost templates: use of includes

nginx_vhost_template

@@ -1,5 +1,4 @@
 # redirect http to https
-
 server  {
          listen  [::]:80;
          server_name {{ second_domains }};
@@ -7,31 +6,17 @@ server  {
 }
 
 # conf for https
-
 server  {
         listen  [::]:443;
         server_name  {{ second_domains }};
 
-
-# conf for LE ACME
-        location ~ /.well-known/acme-challenge/ {
-                default_type "text/plain";
-                root         /var/lib/acme/challenges ;
-                }
-        location = /.well-known/acme-challenge/ {
-                return 404;
-                }
+        include /etc/nginx/includes/le-acme.conf;
+        include /etc/nginx/includes/ssl.conf ;
+        include /etc/nginx/includes/add-headers.conf ;
 
 # TLS conf
- ssl on;
- ssl_certificate /etc/nginx/sites/{{ main_domain }}/{{ main_domain }}.chained;
- ssl_certificate_key /etc/nginx/sites/{{ main_domain }}/{{ main_domain }}.key;
- ssl_session_timeout 5m;
- ssl_prefer_server_ciphers on;
- add_header Strict-Transport-Security max-age=2678400;
- ssl_dhparam /etc/nginx/dh4096.pem;
- ssl_session_cache shared:SSL:50m;
-
+        ssl_certificate /etc/nginx/sites/{{ main_domain }}/{{ main_domain }}.chained;
+        ssl_certificate_key /etc/nginx/sites/{{ main_domain }}/{{ main_domain }}.key;
 
 # reverse proxy
         location / {
@@ -42,5 +27,3 @@ server  {
                 proxy_set_header X-Forwarded-Ssl on;
                 }
 }
-
-