我在DigitalOcean Ubuntu 16.04 Droplet上有一个Meteor 1.6站点,该站点使用Phusion Passenger和Nginx进行了部署。
我已经在服务器上设置了ssl。
http://mysite重定向到https://mysite,该站点可以正常运行。
然而,http://www.mysite重定向到https://mysite,显示的只是默认的Nginx页面“欢迎使用nginx!”。
我已按照教程进行操作,并尝试了其他论坛帖子中的内容,但找不到我的设置有什么问题。
DigitalOcean控制面板中的DNS记录:
A www.mysite.org directs to xxx.xx.xx.xx 3600
A mysite.org directs to xxx.xx.xx.xx 1800
然后按照本教程使用Certbot和LetsEncrypt配置ssl: https://www.digitalocean.com/community/tutorials/how-to-set-up-let-s-encrypt-with-nginx-server-blocks-on-ubuntu-16-04
并且按照本教程,我添加了一个服务器块将www重定向到普通域: https://www.digitalocean.com/community/tutorials/how-to-redirect-www-to-non-www-with-nginx-on-ubuntu-14-04
这是我的Nginx配置:
sudo nano /etc/nginx/sites-enabled/mysite.conf
server {
server_name mysite.org www.mysite.org;
...Meteor app config
# added by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/mysite.org/fullchain.pem$
ssl_certificate_key /etc/letsencrypt/live/mysite.org/privkey.p$
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
# added by me
server {
server_name www.mysite.org;
return 301 $scheme://mysite.org$request_uri;
}
# added by Certbot
server {
if ($host = mysite.org) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name mysite.org;
return 404; # managed by Certbot
}
我尝试将其添加到服务器重定向块中,但没有什么不同:
listen 80;
listen 443 ssl;
关于如何使www.mysite-> mysite重定向正常工作的任何想法?谢谢!
更新:我在不同的应用程序上尝试了flaixman的答案,在不同的Droplet上尝试了Django应用程序,并且有效。但是我仍然无法重定向到我的Meteor应用程序上工作。两个站点的A和CNAME记录配置方式都相同。
这是我基于flaixman的答案的流星配置:
server {
listen 80;
server_name example.org www.example.org;
return 301 https://example.org$request_uri;
}
server {
listen 443 ssl http2; #https of www*, 301 to right domain.
server_name www.example.org;
ssl_certificate /etc/letsencrypt/live/example.org/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/example.org/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
return 301 https://example.org$request_uri;
}
server {
listen 443 ssl http2;
server_name example.org;
ssl_certificate /etc/letsencrypt/live/example.org/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/example.org/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
# Tell Nginx and Passenger where your app's 'public' directory is
root /var/www/example/bundle/public;
# Turn on Passenger
passenger_enabled on;
# Tell Passenger that your app is a Meteor app
passenger_app_type node;
passenger_startup_file main.js;
# Tell your app where MongoDB is
passenger_env_var MONGO_URL mongodb://localhost:27017/example;
passenger_env_var MONGO_OPLOG_URL mongodb://localhost:27017/local;
# Tell your app what its root URL is
passenger_env_var ROOT_URL http://example.org;
}
在我的nginx错误日志/var/log/nginx/error.log中,我看到以下消息:
2019/01/17 17:30:52 [warn] 7786#7786: conflicting server name "www.example.org" on 0.0.0.0:80, ignored
2019/01/17 17:30:52 [warn] 7786#7786: conflicting server name "www.example.org" on 0.0.0.0:443, ignored
2019/01/17 17:30:52 [warn] 7789#7789: conflicting server name "www.example.org" on 0.0.0.0:80, ignored
2019/01/17 17:30:52 [warn] 7789#7789: conflicting server name "www.example.org" on 0.0.0.0:443, ignored
我希望这意味着我在conf文件中有一个重复的listen指令,但看不到任何内容?我已经检查过ls -a,并且文件夹中没有conf文件的第二个副本。
该错误可能与重定向失败有关,但我看不到是什么原因导致了该错误?
再次编辑:我终于在/ etc / nginx / sites-available / default中找到了重复的监听指令。不知道Certbot是否插入了它们,还是我自己设置服务器时将它们放回原处...总之,注释掉它们似乎已经解决了问题。 Phusion Passenger指令中用于设置服务器块的某些内容可能与LetsEncrypt指令冲突吗?无论如何,nginx错误日志!
答案 0 :(得分:0)
检查您的DNS设置。 您必须具有CNAME或A条目“ www”。
myvar = results['search-results']['entry'][0]['eid']
print (myvar)
或
www A ip
还需要在代码块中添加监听参数
www CNAME domain.com
编辑:基于评论。
将此添加到您的conf顶部
listen 443 ssl http2;
答案 1 :(得分:0)
Stackoverflow告诉我,mysite不是一个适合用作示例的域,因此我将所有内容都更改为“ example”而不是“ mysite”
我想您想要的就是将所有内容重定向到https example.org,不是吗?这是您的代码应如下所示:
来自http的请求,主机以www *还是不带www都没有关系。一切都将在没有www的情况下通过https重定向到主机。
server {
listen 80;
server_name example.org www.example.org;
return 301 https://example.org$request_uri;
}
如果主机是www *并且通过https进行访问,请重定向到不带www的https。顺便说一下,这里您将需要使用www.example.org的证书,因为没有证书,连接是不安全的。
server {
listen 443 ssl http2; #https of www*, 301 to right domain.
server_name www.example.org;
#are you sure those 2 paths are right? with the final $.
ssl_certificate /etc/letsencrypt/live/example.org/fullchain.pem$
ssl_certificate_key /etc/letsencrypt/live/example.org/privkey.p$
include /etc/letsencrypt/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
return 301 https://example.org$request_uri;
}
最后,如果它带有正确的方案和正确的主机,则可以执行您想要的任何事情。
server {
listen 443 ssl http2;
server_name example.org;
ssl_certificate /etc/letsencrypt/live/example.org/fullchain.pem$
ssl_certificate_key /etc/letsencrypt/live/example.org/privkey.p$
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
#do what you want to do here.
}
如果您对自己的解释有任何疑问或想念的地方,只需评论一下,我会尽快修复。