[英]Configure Ngnix with Django and Gunicorn
我有下面的 Nginx 代碼。 它有點工作。
If I enter 'https://' to go to the site, the SSL kicks in. However, if I just enter www.thaifoodbypla.com, it does not re-direct to HTTPS, it just loads HTTP.
Nginx 配置:
upstream gunicorn{
# fail_timeout=0 means we always retry an upstream even if it failed
# to return a good HTTP response (in case the Unicorn master nukes a
# single worker for timing out).
# for UNIX domain socket setups:
server unix:/home/ubuntu/thaiFoodByPla/project.sock fail_timeout=0;
# for TCP setups, point these to your backend servers
# server 127.0.0.1:9000 fail_timeout=0;
}
server {
listen 80;
listen 443 ssl http2;
server_name www.thaifoodbypla.com;
ssl_certificate /etc/ssl/private/ssl-bundle.crt;
ssl_certificate_key /etc/ssl/private/briefing_key.pem;
# path for static files
root /home/ubuntu/thaiFoodByPla/project/project;
location / {
# checks for static file, if not found proxy to app
try_files $uri @proxy_to_app;
}
location @proxy_to_app {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# When Nginx is handling SSL it is helpful to pass the protocol information
# to Gunicorn. Many web frameworks use this information to generate URLs.
# Without this information, the application may mistakenly generate http
# URLs in https responses, leading to mixed content warnings or broken
# applications. In this case, configure Nginx to pass an appropriate header:
proxy_set_header X-Forwarded-Proto $scheme;
# pass the Host: header from the client right along so redirects
# can be set properly within the Rack application
proxy_set_header Host $http_host;
# we don't want nginx trying to do something clever with
# redirects, we set the Host: header above already.
proxy_redirect off;
# Try to serve static files from nginx, no point in making an
# *application* server like Unicorn/Rainbows! serve static files.
proxy_pass http://gunicorn;
}
我不知道該怎么辦。 我可以更改什么以使其自動轉發到 https://?
通過添加listen 80
nginx 將監聽 http 並將其直接提供給 gunicorn。
您可以通過刪除listen 80
並創建從端口80
到443
的重定向來解決該問題,如下所示:
server {
listen 443 ssl http2;
server_name www.thaifoodbypla.com;
ssl_certificate /etc/ssl/private/ssl-bundle.crt;
ssl_certificate_key /etc/ssl/private/briefing_key.pem;
# rest of this block
}
server {
# if a request is made on port 80 to your domain, it will be redirected
if ($host = www.thaifoodbypla.com) {
return 301 https://$host$request_uri;
}
listen 80;
server_name www.thaifoodbypla.com;
return 404;
}
這樣,所有在 80 端口到您域的請求都將被重定向到 https,如果域不匹配,則返回 404 響應。
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.