Allow disabling SSL too...

nginx-site-available/config.tf

@@ -10,6 +10,7 @@ locals {
     certificate      = var.certificate
     basic_auth       = var.basic_auth
     auth_file        = var.basic_auth != null ? "${var.hostname}-auth.conf" : ""
+    allow_ssl        = var.allow_ssl
     allow_non_ssl    = var.allow_non_ssl
     redirect_non_ssl = var.redirect_non_ssl
     timeout_seconds  = var.timeout_seconds

nginx-site-available/inputs.tf

@@ -25,6 +25,10 @@ variable "basic_auth" {
   })
   default = null
 }
+variable "allow_ssl" {
+  type    = bool
+  default = true
+}
 variable "allow_non_ssl" {
   type    = bool
   default = false

nginx-site-available/nginx_template.conf

@@ -24,12 +24,14 @@ server {
 server {
 %{if allow_non_ssl~}
   # Non-SSL Traffic is allowed
-  listen                        ${http_port~}
+  listen                        ${http_port~};
   listen                        [::]:${http_port};
 %{endif~}
+%{if allow_ssl~}
   # SSL Traffic is allowed
   listen                        ${https_port} ssl;
   listen                        [::]:${https_port} ssl;
+%{endif~}
   server_name                   ${hostname};
   access_log                    /var/log/nginx/${hostname}.access.log;
   error_log                     /var/log/nginx/${hostname}.error.log;