1st commit: add vh_le.py script (mode test) with templates and conf files

nginx_vhost_template

@@ -0,0 +1,46 @@
+# redirect http to https
+
+server  {
+         listen  [::]:80;
+         server_name {{ second_domains }};
+         return  301 https://$server_name$request_uri;
+}
+
+# conf for https
+
+server  {
+        listen  [::]:443;
+        server_name  {{ second_domains }};
+
+
+# conf for LE ACME
+        location ~ /.well-known/acme-challenge/ {
+                default_type "text/plain";
+                root         /var/lib/acme/challenges ;
+                }
+        location = /.well-known/acme-challenge/ {
+                return 404;
+                }
+
+# TLS conf
+ ssl on;
+ ssl_certificate /etc/nginx/sites/{{ main_domain }}/{{ main_domain }}.chained;
+ ssl_certificate_key /etc/nginx/sites/{{ main_domain }}/{{ main_domain }}.key;
+ ssl_session_timeout 5m;
+ ssl_prefer_server_ciphers on;
+ add_header Strict-Transport-Security max-age=2678400;
+ ssl_dhparam /etc/nginx/dh4096.pem;
+ ssl_session_cache shared:SSL:50m;
+
+
+# reverse proxy
+        location / {
+                proxy_pass http://[{{ ip6_back }}];
+                proxy_redirect off;
+                proxy_set_header Host $host;
+                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+                proxy_set_header X-Forwarded-Ssl on;
+                }
+}
+
+