如何使用 Nginx dockerized 在 default.conf 文件中将 HTTP 重定向到 HTTPS
[英]How to redirect HTTP to HTTPS in default.conf file with Nginx dockerized
问题描述
I have a Django project already using AWS SSL certificate from the Certificate Manager service.
我有一个 Django 项目已经在使用来自 Certificate Manager 服务的 AWS SSL 证书。 My application is accessible via HTTPS, however, it isn't redirecting automatically when accessing via HTTP.我的应用程序可以通过 HTTPS 访问,但是,当通过 HTTP 访问时,它不会自动重定向。
My Nginx default.conf file before redirect (works like a charm:):重定向前我的 Nginx default.conf 文件(效果很好:):
upstream django {
server my_app:8000;
}
server {
location / {
proxy_pass http://django;
}
}
After setting up the redirect:设置重定向后:
upstream django {
server my_app:8000;
}
server {
listen 80;
if ($http_x_forwarded_proto = 'http'){
return 301 https://$host$request_uri;
}
location / {
proxy_pass http://django;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
And here is my Django settings.py for this:这是我的 Django settings.py:
.
.
.
SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')
CORS_ORIGIN_ALLOW_ALL = True
CSRF_COOKIE_SECURE = True
SESSION_COOKIE_SECURE = True
SECURE_HSTS_SECONDS = 340505040
SECURE_SSL_REDIRECT = True
.
.
.
Then I'm getting http 400 (this is the Load Balancer Health Checker):然后我得到http 400 (这是负载均衡器健康检查器):
Edit 1编辑 1
With this new setup, I'm getting http 301 :通过这个新设置,我得到http 301 :
upstream django {
server my_app:8000;
}
server {
listen 80;
location / {
proxy_pass http://django/;
if ($http_x_forwarded_proto != 'https') {
rewrite ^ https://$host$request_uri? permanent;
}
}
}
I've been looking around and didn't find any example that helps me.我一直在环顾四周,没有找到任何对我有帮助的例子。 What can I try next?接下来我可以尝试什么?
1 个解决方案
解决方案1
0 2021-08-14 08:57:14
On NGINX config put all the sites on SSL only在 NGINX 上配置仅将所有站点放在 SSL 上
site on SSL网站 SSL
nginx/sites-available/sitex only listens to port 443 nginx/sites-available/sitex 只监听443端口
server {
# SSL configuration
#
listen 443 ssl ;
listen [::]:443 ssl ;
ssl_certificate /etc/letsencrypt/live/www.sitex.nl/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/www.sitex.cops.nl/privkey.pem; # managed by Certbot
server_name www.sitex.com; # managed by Certbot
access_log /var/log/nginx/sitex_access.log;
error_log /var/log/nginx/sitex_error.log;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
add_header Access-Control-Allow-Origin *;
proxy_pass http://127.0.0.1:8004;
}
}
All SSL/TLS requests to www.sitex.com are forwarded to localhost:8004.所有对www.sitex.com的 SSL/TLS 请求都被转发到 localhost:8004。
And the SiteX Docker Image is picking up on that port. SiteX Docker 图像正在该端口上获取。
nginx.conf nginx.conf
In the nginx.conf file the Virtual Hosts section is as follows nginx.conf文件中Virtual Hosts部分如下
##
# Virtual Host Configs
##
include /etc/nginx/all_http_to_https.conf;
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
all_http_to_https.conf all_http_to_https.conf
This file does the trick这个文件可以解决问题
server {
listen 80 default_server;
server_name _;
return 301 https://$host$request_uri;
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.