我有两个不同的应用程序在两个不同的端口上运行。端口80上运行的HTTP
应用程序成功将所有HTTPS
个请求重定向到18010
,但在端口upstream cms-backend {
server 127.0.0.1:8010 fail_timeout=0;
}
server {
listen 18010;
server_name "";
return 301 https://$server_name:18010$request_uri;
}
server {
# CMS configuration file for nginx, templated by ansible
# Proxy to a remote maintanence page
# error pages
error_page 504 /server/server-error.html;
error_page 502 /server/server-error.html;
error_page 500 /server/server-error.html;
listen 443 ssl;
listen [::]:443 ssl;
include snippets/ssl-cabacademie.conf;
include snippets/ssl-params.conf;
# Prevent invalid display courseware in IE 10+ with high privacy settings
add_header P3P 'CP="Open edX does not have a P3P policy."';
# Nginx does not support nested condition or or conditions so
# there is an unfortunate mix of conditonals here.
server_name "";
access_log /edx/var/log/nginx/access.log p_combined;
error_log /edx/var/log/nginx/error.log error;
# CS184 requires uploads of up to 4MB for submitting screenshots.
# CMS requires larger value for course assest, values provided
# via hiera.
client_max_body_size 100M;
rewrite ^(.*)/favicon.ico$ /static/images/favicon.ico last;
# Blackholes an archive of python library files that instructors
# may provide for sandboxed python problem types, the internal
# directive will result in nginx emitting an nginx 404. Users
# will not be redirected to the application 404 page.
location ~* python_lib.zip {
internal;
}
# Common settings used across nginx configurations
# Disables server version feedback on pages and in headers
server_tokens off;
location @proxy_to_cms_app {
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Port $server_port;
proxy_set_header X-Forwarded-For $remote_addr;
# newrelic-specific header records the time when nginx handles a request.
proxy_set_header X-Queue-Start "t=${msec}";
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_pass http://cms-backend;
}
location / {
try_files $uri @proxy_to_cms_app;
}
# No basic auth security on the github_service_hook url, so that github can use it for cms
location /github_service_hook {
try_files $uri @proxy_to_cms_app;
}
# No basic auth security on the heartbeat url, so that ELB can use it
location /heartbeat {
try_files $uri @proxy_to_cms_app;
}
# static pages for server status
location ~ ^/server/(?P<file>.*) {
root /edx/var/nginx/server-static;
try_files /$file =404;
}
location ~ ^/static/(?P<file>.*) {
root /edx/var/edxapp;
try_files /staticfiles/$file /course_static/$file =404;
# return a 403 for static files that shouldn't be
# in the staticfiles directory
location ~ ^/static/(?:.*)(?:\.xml|\.json|README.TXT) {
return 403;
}
# http://www.red-team-design.com/firefox-doesnt-allow-cross-domain-fonts-by-default
location ~ "/static/(?P<collected>.*\.[0-9a-f]{12}\.(eot|otf|ttf|woff|woff2)$)" {
expires max;
add_header Access-Control-Allow-Origin *;
try_files /staticfiles/$collected /course_static/$collected =404;
}
# Set django-pipelined files to maximum cache time
location ~ "/static/(?P<collected>.*\.[0-9a-f]{12}\..*)" {
expires max;
# Without this try_files, files that have been run through
# django-pipeline return 404s
try_files /staticfiles/$collected /course_static/$collected =404;
}
# Set django-pipelined files for studio to maximum cache time
location ~ "/static/(?P<collected>[0-9a-f]{7}/.*)" {
expires max;
# Without this try_files, files that have been run through
# django-pipeline return 404s
try_files /staticfiles/$collected /course_static/$collected =404;
}
# Expire other static files immediately (there should be very few / none of these)
expires epoch;
}
}
上运行的第二个应用程序在配置了Letsencrypt SSL时出错。
这是服务器阻止文件 -
{!! Form::open(array('url' => 'service/tripbuddy', 'method' => 'POST', 'id' => 'frm_trip_package')) !!}
每当访问浏览器时都会出现此错误 -