If you want to allow for both http and https requests, but redirect new browsers capable of https to https version, here is simple nginx configuration snippet:
set $do_http_upgrade "$https$http_upgrade_insecure_requests";
location / {
if ($do_http_upgrade = "1") {
add_header Vary Upgrade-Insecure-Requests;
return 307 https://$host$request_uri;
}
root /var/www/your-website-root;
}
$https can be either "on" or empty, $http_upgrade_insecure_requests can be either "1" or empty → this means $do_http_upgrade will be set to "1" only in case request came in via http and browser set the Upgrade-Insecure-Requests header.