Answer the question
In order to leave comments, you need to log in
W
W
wargych2022-04-15 19:10:54
wargych, 2022-04-15 19:10:54
How to set up an http to https redirect in an nginx configuration with multiple domains?
Good afternoon!
There is a config below in the spoiler (in the first block, the server removed the content from the location so that it takes up less space).
All locations work fine, for the bot-test.example.ru domain, the service also opens normally via https (settings in the second server block).
I'm trying to make a redirect from http to https for all requests, or for individual domains, but so far it does not work. (third server block). Although it seems, everything is according to the official documentation.
What is wrong here and how to do it right?
I 've already tried everything from this link .
config
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
upstream botpress_server {
server botpress-server:3000;
}
# Disable sending the server identification
server_tokens off;
# Prevent displaying Botpress in an iframe (clickjacking protection)
add_header X-Frame-Options SAMEORIGIN;
# Prevent browsers from detecting the mimetype if not sent by the server.
add_header X-Content-Type-Options nosniff;
# Force enable the XSS filter for the website, in case it was disabled manually
add_header X-XSS-Protection "1; mode=block";
# Configure the cache for static assets
proxy_cache_path /srv/nginx_cache levels=1:2 keys_zone=my_cache:10m max_size=10g
inactive=60m use_temp_path=off;
# Set the max file size for uploads (make sure it is larger than the configured media size in botpress.config.json)
client_max_body_size 15M;
server {
listen 443 ssl;
server_name api-test.example.ru www.api-test.example.ru;
ssl_certificate cert.crt;
ssl_certificate_key key.crt;
root /var/www;
index index.html;
location / {
try_files $uri $uri/ =404;
}
location /pgadmin/ {
...
}
location /consul/ {
...
}
location /bus/ {
...
}
location /auth/ {
...
}
location /grafana/ {
...
}
# Proxy Grafana Live WebSocket connections.
location /grafana/api/live {
...
}
location /integration/mapping {
...
}
location /token {
...
}
}
server {
listen 443 ssl;
server_name bot-test.example.ru www.bot-test.example.ru;
ssl_certificate cert.crt;
ssl_certificate_key key.crt;
root /var/www;
index index.html;
# Enable caching of assets by NGINX to reduce load on the server
location ~ .*/assets/.* {
proxy_cache my_cache;
proxy_ignore_headers Cache-Control;
proxy_hide_header Cache-Control;
proxy_hide_header Pragma;
proxy_pass http://botpress-server:3000;
proxy_cache_valid any 30m;
proxy_set_header Cache-Control max-age=30;
add_header Cache-Control max-age=30;
}
# We need to add specific headers so the websockets can be set up through the reverse proxy
location /socket.io/ {
proxy_pass http://botpress-server:3000/socket.io/;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
}
# All other requests should be directed to the server
location / {
proxy_pass http://botpress-server:3000;
}
}
server {
server_name bot-test.example.ru www.bot-test.example.ru;
return 301 https://$server_name$request_uri;
}
}UPD: everything turned out to be easier, port 80 was closed outside of nginx.
Configuration with proposed solution from Drno works
Similar questions
A
W
V
Vitaly Makarov2018-12-28 21:28:46
How to protect yourself from DOS attacks on a server with Nginx?
3Reply
M
G
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question