尝试使用nginx和unicorn将rails应用程序配置为SSL时，重定向错误太多

Question

我正在尝试使用Nginx和Unicorn配置带有SSL的Rails应用程序。 我想在本地设置它。 为此，我首先使用OpenSSL为Nginx创建了一个自签名证书。 我按照文档创建了自签名证书。 之后我在http块中配置了我的nginx.conf ，如下所示：

upstream unicorn_myapp {
    # This is the socket we configured in unicorn.rb
    server unix:root_path/tmp/sockets/unicorn.sock fail_timeout=0;
}

server {
    listen 80;
    server_name dev.myapp.com;
    rewrite ^/(.*) http://dev.myapp.com/$1 permanent;
}

server {
    listen                80;
    listen                443 ssl;
    server_name           dev.myapp.com;
    ssl                   on;
    ssl_certificate       /etc/nginx/ssl/server.pem;
    ssl_certificate_key   /etc/nginx/ssl/server.key;
    ssl_protocols         SSLv3 TLSv1;
    ssl_ciphers           ALL:-ADH:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP;
    ssl_session_cache     shared:SSL:10m;

    root root_path/public;

    location / {
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header Host $http_host;
        proxy_redirect off;

        if (!-f $request_filename) {
            proxy_pass http://unicorn_myapp;
            break;
        }
    }
}

我尝试在本地设置它，并在本地启动Unicorn。 我将127.0.0.1映射到/etc/hosts dev.myapp.com 。 但是在启动服务器之后，当我尝试ping应用程序时，它在Chrome中给出了以下错误：

This webpage has a redirect loop
Error 310 (net::ERR_TOO_MANY_REDIRECTS): There were too many redirects.

和Firefox中的以下错误：

The page isn't redirecting properly

nginix.access.log显示以下结果：

127.0.0.1 - - [18/Feb/2013:12:56:16 +0530] "GET / HTTP/1.1" 301 5 "-" "Mozilla/5.0 (X11;        Linux i686) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.79 Safari/537.4"
127.0.0.1 - - [18/Feb/2013:12:56:16 +0530] "-" 400 0 "-" "-"
127.0.0.1 - - [18/Feb/2013:12:56:16 +0530] "GET / HTTP/1.1" 301 5 "-" "Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.79 Safari/537.4"
127.0.0.1 - - [18/Feb/2013:12:56:16 +0530] "-" 400 0 "-" "-"
127.0.0.1 - - [18/Feb/2013:12:56:16 +0530] "GET / HTTP/1.1" 301 5 "-" "Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.79 Safari/537.4"
127.0.0.1 - - [18/Feb/2013:12:56:43 +0530] "-" 400 0 "-" "-"
127.0.0.1 - - [18/Feb/2013:12:56:43 +0530] "-" 400 0 "-" "-"
127.0.0.1 - - [18/Feb/2013:12:56:43 +0530] "-" 400 0 "-" "-"
127.0.0.1 - - [18/Feb/2013:12:56:43 +0530] "-" 400 0 "-" "-"
127.0.0.1 - - [18/Feb/2013:12:56:43 +0530] "GET / HTTP/1.1" 301 5 "-" "Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.79 Safari/537.4"
127.0.0.1 - - [18/Feb/2013:12:56:43 +0530] "-" 400 0 "-" "-"
127.0.0.1 - - [18/Feb/2013:12:56:43 +0530] "GET / HTTP/1.1" 301 5 "-" "Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.79 Safari/537.4"
127.0.0.1 - - [18/Feb/2013:12:56:43 +0530] "-" 400 0 "-" "-"
127.0.0.1 - - [18/Feb/2013:12:56:43 +0530] "GET / HTTP/1.1" 301 5 "-" "Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.79 Safari/537.4"
127.0.0.1 - - [18/Feb/2013:12:56:43 +0530] "-" 400 0 "-" "-"
127.0.0.1 - - [18/Feb/2013:12:56:43 +0530] "GET / HTTP/1.1" 301 5 "-" "Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.79 Safari/537.4"
127.0.0.1 - - [18/Feb/2013:12:56:43 +0530] "-" 400 0 "-" "-"
127.0.0.1 - - [18/Feb/2013:12:56:43 +0530] "GET / HTTP/1.1" 301 5 "-" "Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.79 Safari/537.4"
127.0.0.1 - - [18/Feb/2013:12:56:43 +0530] "-" 400 0 "-" "-"

任何人都可以帮我找到解决方案吗？

Answer 1

你错过了一个标题：

proxy_set_header X-Forwarded-Proto https;

让我引用一篇全面的文章 ，很好地解释了Rails如何在Nginx上处理H​​TTPS：

force_ssl依赖于HTTP_X_FORWARDED_PROTO HTTP标头来确定请求是否是HTTPS请求。 如果此设置未设置为https那么您将最终获得无限重定向循环，因为force_ssl始终认为转发的请求不是HTTPS。

Answer 2

复制评论中的答案，以便从“未答复”过滤器中删除此问题：

尝试将'重写^ /（。*）http：// ...'更改为'重写^ /（。*）https：// ...'并从第二个服务器块中删除listen 80

〜每个房子回答9