nginx: Unify http and https servers

Where http does not redirect to https. These are package mirrors and
the web key directory.

roles/arch32_mirror/templates/nginx.d.conf.j2

 server {
     listen       80;
     listen       [::]:80;
+    listen       443 ssl http2;
+    listen       [::]:443 ssl http2;
     server_name  {{ arch32_mirror_domain }} pool.mirror.archlinux32.org;
     root         {{ arch32_mirror_dir }};
 
@@ -9,18 +11,6 @@ server {
 
     include snippets/letsencrypt.conf;
 
-    autoindex on;
-}
-
-server {
-    listen       443 ssl http2;
-    listen       [::]:443 ssl http2;
-    server_name  {{ arch32_mirror_domain }};
-    root         {{ arch32_mirror_dir }};
-
-    access_log   /var/log/nginx/{{ arch32_mirror_domain }}/access.log reduced;
-    error_log    /var/log/nginx/{{ arch32_mirror_domain }}/error.log;
-
     ssl_certificate      /etc/letsencrypt/live/{{ arch32_mirror_domain }}/fullchain.pem;
     ssl_certificate_key  /etc/letsencrypt/live/{{ arch32_mirror_domain }}/privkey.pem;
     ssl_trusted_certificate /etc/letsencrypt/live/{{ arch32_mirror_domain }}/chain.pem;

roles/dbscripts/templates/nginx.d.conf.j2

 server {
     listen       80;
     listen       [::]:80;
-    server_name  {{ repos_domain }} {{repos_rsync_domain}};
-    root         /srv/ftp;
-
-    include snippets/letsencrypt.conf;
-
-    satisfy  any;
-
-    access_log   /var/log/nginx/{{ repos_domain }}/access.log reduced;
-
-    location /lastupdate {
-        allow all;
-    }
-
-	location / {
-		auth_basic            "Restricted";
-		auth_basic_user_file  auth/dbscripts.htpasswd;
-
-		autoindex  on;
-	}
-}
-
-server {
     listen       443 ssl http2;
     listen       [::]:443 ssl http2;
     server_name  {{ repos_domain }} {{repos_rsync_domain}};
     root         /srv/ftp;
 
+    include snippets/letsencrypt.conf;
+
     ssl_certificate      /etc/letsencrypt/live/{{ repos_domain }}/fullchain.pem;
     ssl_certificate_key  /etc/letsencrypt/live/{{ repos_domain }}/privkey.pem;
     ssl_trusted_certificate /etc/letsencrypt/live/{{ repos_domain }}/chain.pem;

roles/syncrepo/templates/nginx.d.conf.j2

 server {
     listen       80;
     listen       [::]:80;
-    server_name  {{ mirror_domain }};
-    root         /srv/ftp;
-
-    access_log   /var/log/nginx/{{ mirror_domain }}/access.log reduced;
-    error_log    /var/log/nginx/{{ mirror_domain }}/error.log;
-
-    include snippets/letsencrypt.conf;
-
-    autoindex on;
-}
-
-server {
     listen       443 ssl http2;
     listen       [::]:443 ssl http2;
     server_name  {{ mirror_domain }};
@@ -21,6 +9,8 @@ server {
     access_log   /var/log/nginx/{{ mirror_domain }}/access.log reduced;
     error_log    /var/log/nginx/{{ mirror_domain }}/error.log;
 
+    include snippets/letsencrypt.conf;
+
     ssl_certificate      /etc/letsencrypt/live/{{ mirror_domain }}/fullchain.pem;
     ssl_certificate_key  /etc/letsencrypt/live/{{ mirror_domain }}/privkey.pem;
     ssl_trusted_certificate /etc/letsencrypt/live/{{ mirror_domain }}/chain.pem;

roles/wkd/templates/nginx.d.conf.j2

 server {
     listen       80;
     listen       [::]:80;
-    server_name  {{ wkd_domain }};
-    root         {{ wkd_dir }};
-
-    access_log   /var/log/nginx/{{ wkd_domain }}/access.log reduced;
-    error_log    /var/log/nginx/{{ wkd_domain }}/error.log;
-
-    include snippets/letsencrypt.conf;
-
-    autoindex on;
-}
-
-server {
     listen       443 ssl http2;
     listen       [::]:443 ssl http2;
     server_name  {{ wkd_domain }};
@@ -21,6 +9,8 @@ server {
     access_log   /var/log/nginx/{{ wkd_domain }}/access.log reduced;
     error_log    /var/log/nginx/{{ wkd_domain }}/error.log;
 
+    include snippets/letsencrypt.conf;
+
     ssl_certificate      /etc/letsencrypt/live/{{ wkd_domain }}/fullchain.pem;
     ssl_certificate_key  /etc/letsencrypt/live/{{ wkd_domain }}/privkey.pem;
     ssl_trusted_certificate /etc/letsencrypt/live/{{ wkd_domain }}/chain.pem;