Looks good. Only a few thoughts:
-
Might not hurt to check for
www.instead, in case the subdomain is actuallywwwfooorwww2or something silly that should be separate. (Ninja edit: Actually, you can just check{label1}directly…) -
You can’t be sure that you’ll have only three labels. Things might get weird if there are more. I’d try something like this instead:
(tls) {
tls email@example.com {
max_certs 10
}
}
http://*.*.*, https://*.*.* {
import tls
redir 301 {
if {label1} is www
/ https://{label2}.{label3}{uri}
}
}
http://*.*.*.*, https://*.*.*.* {
import tls
redir 301 {
if {label1} is www
/ https://{label2}.{label3}.{label4}{uri}
}
}
http://*.*.*.*.*, https://*.*.*.*.* {
import tls
redir 301 {
if {label1} is www
/ https://{label2}.{label3}.{label4}.{label5}{uri}
}
}
That’ll catch all your longer sites (e.g. state gov / educational like to use a lot of labels) and handle them properly.