在Dokku上禁用nginx.conf中的HTTPS重定向

时间:2016-09-30 18:07:08

标签: nginx dokku

给出了一个很好的镜头,但似乎我发现在线的任何文件都与某个用例有关,所以对于没有以前nginx.conf经验的人来说真是太痛苦了!

我在Dokku上有一个Ruby on Rails服务器,下面是nginx.conf模板。目前这样做是重定向http://请求自动使用https://。虽然我需要它在http://上工作,但没有重定向。

server {
  listen      [::]:80;
  listen      80;
  server_name getbeambox.com yourhotspot.net www.getbeambox.com;
  access_log  /var/log/nginx/beambox-access.log;
  error_log   /var/log/nginx/beambox-error.log;

  return 301 https://$host:443$request_uri;

}
server {
  listen      [::]:443 ssl spdy;
  listen      443 ssl spdy;
  server_name getbeambox.com yourhotspot.net www.getbeambox.com;
  server_name getbeambox.com yourhotspot.net www.getbeambox.com;
  access_log  /var/log/nginx/beambox-access.log;
  error_log   /var/log/nginx/beambox-error.log;

  ssl_certificate     /home/dokku/beambox/tls/server.crt;
  ssl_certificate_key /home/dokku/beambox/tls/server.key;

  keepalive_timeout   70;
  add_header          Alternate-Protocol  443:npn-spdy/2;

  location    / {

    gzip on;
    gzip_min_length  1100;
    gzip_buffers  4 32k;
    gzip_types    text/css text/javascript text/xml text/plain text/x-component application/javascript application/x-javascript application/json application/xml  application/rss+xm$
    gzip_vary on;
    gzip_comp_level  6;

    proxy_pass  http://beambox-5000;
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
    proxy_set_header Host $http_host;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_set_header X-Forwarded-For $remote_addr;
    proxy_set_header X-Forwarded-Port $server_port;
    proxy_set_header X-Request-Start $msec;
  }
  include /home/dokku/beambox/nginx.conf.d/*.conf;
}

upstream beambox-5000 {

  server 172.17.0.3:5000;
}

有人能指出我正确的方向吗?不会问我是不是真的被卡住了。)

1 个答案:

答案 0 :(得分:1)

This是您正在寻找的文件,尽管它并不是非常清楚。

您需要做的第一件事是在应用程序的名为nginx.config.sigil的仓库的根目录中创建并提交一个文件。然后将this file的内容复制到其中并进行必要的调整。

我也是nginx的新手,但我能够找到正在进行重定向的行。这是我的工作文件的样子:

{{ range $port_map := .PROXY_PORT_MAP | split " " }}
{{ $port_map_list := $port_map | split ":" }}
{{ $scheme := index $port_map_list 0 }}
{{ $listen_port := index $port_map_list 1 }}
{{ $upstream_port := index $port_map_list 2 }}

{{ if eq $scheme "http" }}
server {
  listen      [::]:{{ $listen_port }};
  listen      {{ $listen_port }};
  {{ if $.NOSSL_SERVER_NAME }}server_name {{ $.NOSSL_SERVER_NAME }}; {{ end }}
  access_log  /var/log/nginx/{{ $.APP }}-access.log;
  error_log   /var/log/nginx/{{ $.APP }}-error.log;
  location    / {

    gzip on;
    gzip_min_length  1100;
    gzip_buffers  4 32k;
    gzip_types    text/css text/javascript text/xml text/plain text/x-component application/javascript application/x-javascript application/json application/xml  application/rss+xml font/truetype application/x-font-ttf font/opentype application/vnd.ms-fontobject image/svg+xml;
    gzip_vary on;
    gzip_comp_level  6;

    proxy_pass  http://{{ $.APP }}-{{ $upstream_port }};
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
    proxy_set_header Host $http_host;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_set_header X-Forwarded-For $remote_addr;
    proxy_set_header X-Forwarded-Port $server_port;
    proxy_set_header X-Request-Start $msec;
  }
  include {{ $.DOKKU_ROOT }}/{{ $.APP }}/nginx.conf.d/*.conf;
}
{{ else if eq $scheme "https"}}
server {
  listen      [::]:{{ $listen_port }} ssl {{ if eq $.SPDY_SUPPORTED "true" }}spdy{{ else if eq $.HTTP2_SUPPORTED "true" }}http2{{ end }};
  listen      {{ $listen_port }} ssl {{ if eq $.SPDY_SUPPORTED "true" }}spdy{{ else if eq $.HTTP2_SUPPORTED "true" }}http2{{ end }};
  {{ if $.SSL_SERVER_NAME }}server_name {{ $.SSL_SERVER_NAME }}; {{ end }}
  {{ if $.NOSSL_SERVER_NAME }}server_name {{ $.NOSSL_SERVER_NAME }}; {{ end }}
  access_log  /var/log/nginx/{{ $.APP }}-access.log;
  error_log   /var/log/nginx/{{ $.APP }}-error.log;

  ssl_certificate     {{ $.APP_SSL_PATH }}/server.crt;
  ssl_certificate_key {{ $.APP_SSL_PATH }}/server.key;
  ssl_protocols       TLSv1 TLSv1.1 TLSv1.2;

  keepalive_timeout   70;
  {{ if eq $.SPDY_SUPPORTED "true" }}add_header          Alternate-Protocol  {{ $.NGINX_SSL_PORT }}:npn-spdy/2;{{ end }}

  location    / {

    gzip on;
    gzip_min_length  1100;
    gzip_buffers  4 32k;
    gzip_types    text/css text/javascript text/xml text/plain text/x-component application/javascript application/x-javascript application/json application/xml  application/rss+xml font/truetype application/x-font-ttf font/opentype application/vnd.ms-fontobject image/svg+xml;
    gzip_vary on;
    gzip_comp_level  6;

    proxy_pass  http://{{ $.APP }}-{{ $upstream_port }};
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
    proxy_set_header Host $http_host;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_set_header X-Forwarded-For $remote_addr;
    proxy_set_header X-Forwarded-Port $server_port;
    proxy_set_header X-Request-Start $msec;
  }
  include {{ $.DOKKU_ROOT }}/{{ $.APP }}/nginx.conf.d/*.conf;
}
{{ end }}{{ end }}

{{ if $.DOKKU_APP_LISTENERS }}
{{ range $upstream_port := $.PROXY_UPSTREAM_PORTS | split " " }}
upstream {{ $.APP }}-{{ $upstream_port }} {
{{ range $listeners := $.DOKKU_APP_LISTENERS | split " " }}
{{ $listener_list := $listeners | split ":" }}
{{ $listener_ip := index $listener_list 0 }}
{{ $listener_port := index $listener_list 1 }}
  server {{ $listener_ip }}:{{ $upstream_port }};{{ end }}
}
{{ end }}{{ end }}