Rails 5，Nginx，Puma，Rails管理員-ERR_TOO_MANY_REDIRECTS

Question

我想知道如何在Rails 5應用中強制執行SSL。 該應用程序在開發中運行良好。 在生產中，某些通過Rails admin通過SSL的POST請求不起作用。

如果通過production.rb強制實施SSL，則瀏覽器將返回：

"ERR_TOO_MANY_REDIRECTS"

並且，如果將“ force_ssl”設置為false，則通過rails admin返回的一些“ POST”請求將返回：

HTTP Origin header (https://www.example.com) didn't match request.base_url (http://www.example.com)

提前致謝。

這些是應用程序設置：

production.rb

  # ...
  config.force_ssl = true
  # ...

nginx.conf

upstream puma {
  server unix:///home/bgc/apps/domain/shared/tmp/sockets/domain-puma.sock;
}

server {
  listen 80;
  listen 443 ssl;
  server_name domain.com;

  ssl_certificate /etc/letsencrypt/live/domain.com/fullchain.pem; # managed by Certbot
  ssl_certificate_key /etc/letsencrypt/live/domain.com/privkey.pem; # managed by Certbot
  include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
  ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot 
  ssl_protocols TLSv1.2;
  ssl_prefer_server_ciphers on;
  ssl_ciphers AES256+EECDH:AES256+EDH:!aNULL;


  root /home/bgc/apps/domain/current/public;
  access_log /home/bgc/apps/domain/current/log/nginx.access.log;
  error_log /home/bgc/apps/domain/current/log/nginx.error.log info;


  location ^~ /assets/ {
    gzip_static on;
    expires max;
    add_header Cache-Control public;
  }

  try_files $uri/index.html $uri @puma;
  location @puma {
    proxy_set_header X-Forwarded-Proto https;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header Host $http_host;
    proxy_redirect off;
    proxy_pass http://puma;
  }

  error_page 500 502 503 504 /500.html;
  client_max_body_size 10M;
  keepalive_timeout 10;
}

Answer 1

原因很簡單。 當您將Nginx服務器與ssl一起使用時，它已經為您整理了ssl。 如果從production.rb中刪除config.force_ssl = true ，它將進行排序。