stackoom
  简体   繁体   中英

Running Go server behind Nginx Reverse Proxy with SSL

 原文  2019-01-20 04:43:21       ssl/ go/ nginx

Question

I've done some digging through the interwebs and haven't been able to come across anything similar (at least near any solution that has worked out for me).

Essentially, I am running a Golang server locally on 127.0.0.1:1337 , I want this to be accessible globally so I use Nginx to forward traffic from https://api.example.com/ to my API to retrieve information.

With that being said, I have simply setup my Golang server to listen and serve on port 1337 and my Nginx configuration is setup to redirect all HTTP traffic (for all domains) to HTTPS: 

server {
    listen 80 default_server;

    server_name _; 
    return 301 https://$host$request_uri;
}

and then I redirect traffic to port 1337 here: 

server {
    server_name api.example.com;
    location / {
        proxy_pass http://127.0.0.1:1337;
    }

    listen 443 ssl;
    ssl_certificate_key /etc/nginx/ssl/private.key;
    ssl_certificate /etc/nginx/ssl/cert.crt;   
}

The issue with this is that I find myself to keep getting redirects from HTTPS to HTTP (as per wget ) and I end up getting a Too Many Redirects error.

If anyone can provide some guidance, I'd very much appreciate it!

1 answers

solution1
 0 ACCPTED  2019-01-20 07:34:54

server_name _; matches server name that can not find matches.

I have done that before.

See my nginx config to proxy api backend: 

# ssl
ssl_certificate      /etc/nginx/cert/live/ybilly.com/fullchain.pem;
ssl_certificate_key  /etc/nginx/cert/live/ybilly.com/privkey.pem;

# http to https
server {
  listen 80 default_server;
  listen [::]:80 default_server;
  server_name ybilly.com www.ybilly.com *.ybilly.com;
  return 301 https://$host$request_uri;
}

# api backend
server {
  listen 443 ssl http2;
  listen [::]:443 ssl http2;
  server_name *.ybilly.com;

  location / {
    add_header Access-Control-Allow-Origin *;
    add_header Access-Control-Allow-Methods 'GET, POST, OPTIONS';
    add_header Access-Control-Allow-Headers 'DNT,X-Mx-ReqToken,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization';
    proxy_set_header Host $host;
    proxy_set_header X-Real-Ip $remote_addr;
    proxy_set_header X-Forwarded-For $remote_addr;
    proxy_pass_header Set-Cookie;
    proxy_read_timeout                 900;
    proxy_buffers 32 4k;
    proxy_pass http://127.0.0.1:8080/;
  }

}

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How to run BeEF behind an nginx reverse proxy with SSL correctly JIRA Server with SSL Behind Apache Reverse Proxy Not Working Is it save to use a Tomcat Server behind a reverse proxy without SSL Wordpress with ssl and reverse proxy (nginx) If I'm using a reverse proxy on Nginx do I need an SSL certificate for the reverse proxy and the server? How can I securely detect SSL in CakePHP behind an nginx reverse proxy? What will happen if a SSL-configured Nginx reverse proxy pass to an web server without SSL? How to specify multiple server names in proxy_ssl_name in nginx reverse proxy configuration Adding an SSL (PORT 443) to an Nginx Reverse Proxy Server (PORT 80) - Nginx Config File Nextcloud on apache and nginx as reverse proxy + SSL
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM