node.js - AWS EB - 将所有流量重定向到https

我的nodejs应用程序部署在AWS EB上。我已经配置了https服务器，它运行正常。现在，我需要使用www将每个非https请求重定向到https。作为前缀，像这样：

GET example.com => https://www.example.com

我使用的是nginx，我的EB实例是一个没有负载均衡器的单个实例。

我在.ebextensions文件夹中使用此代码

创建了一个配置文件

Resources:
  sslSecurityGroupIngress:
    Type: AWS::EC2::SecurityGroupIngress
    Properties:
      GroupId: {"Fn::GetAtt" : ["AWSEBSecurityGroup", "GroupId"]}
      IpProtocol: tcp
      ToPort: 443
      FromPort: 443
      CidrIp: 0.0.0.0/0

files:
  /etc/nginx/conf.d/999_nginx.conf:
    mode: "000644"
    owner: root
    group: root
    content: |

      upstream nodejsserver {
        server 127.0.0.1:8081;
        keepalive 256;
      }

      # HTTP server

      server {
        listen       8080;
        server_name  localhost;
        return        301 https://$host$request_uri;
      }

      # HTTPS server

      server {
        listen       443;
        server_name  localhost;

        ssl                  on;
        ssl_certificate      /etc/pki/tls/certs/server.crt;
        ssl_certificate_key  /etc/pki/tls/certs/server.key;

        ssl_session_timeout  5m;

        ssl_protocols  TLSv1 TLSv1.1 TLSv1.2;
        ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";
        ssl_prefer_server_ciphers   on;

        location / {
          proxy_pass  http://nodejsserver;
          proxy_set_header   Connection "";
          proxy_http_version 1.1;
          proxy_set_header        Host                $host;
          proxy_set_header        X-Real-IP           $remote_addr;
          proxy_set_header        X-Forwarded-For     $proxy_add_x_forwarded_for;
          proxy_set_header        X-Forwarded-Proto   https;
        }
      }

  /etc/pki/tls/certs/server.crt:
    mode: "000400"
    owner: root
    group: root
    content: |
      -----BEGIN CERTIFICATE-----
      my crt
      -----END CERTIFICATE-----

  /etc/pki/tls/certs/server.key:
    mode: "000400"
    owner: root
    group: root
    content: |
      -----BEGIN RSA PRIVATE KEY-----
      my key
      -----END RSA PRIVATE KEY-----

  /etc/nginx/conf.d/gzip.conf:
    content: |
      gzip on;
      gzip_comp_level 9;
      gzip_http_version 1.0;
      gzip_types text/plain text/css image/png image/gif image/jpeg application/json application/javascript application/x-javascript text/javascript text/xml application/xml application/rss+xml application/atom+xml application/rdf+xml;
      gzip_proxied any;
      gzip_disable "msie6";

commands:
   00_enable_site:
    command: 'rm -f /etc/nginx/sites-enabled/*'

我确定aws正在考虑我的配置，因为de ssl工作正常。但http块不起作用..没有重定向。

也许我的问题是重写EB的原始nginx配置，你知道如何实现这个吗？

你可以帮帮我吗？我尝试了很多东西..

谢谢

AWS EB - 将所有流量重定向到https

1 个答案: