nginx之在 Dokku 上的 nginx.conf 中禁用 HTTPS 重定向

tuyile006 阅读:19 2024-05-10 16:29:43 评论:0

给了一个很好的机会,但似乎我在网上找到的任何文档都与某个用例相关,所以对于以前没有 nginx.conf 经验的人来说,这真的很痛苦!

我在 Dokku 上有一个 Ruby on Rails 服务器,其 nginx.conf 模板如下所示。当前所做的是重定向 http://请求以自动使用 https://。虽然我也需要它在没有重定向的情况下在 http://上工作。

server { 
  listen      [::]:80; 
  listen      80; 
  server_name getbeambox.com yourhotspot.net www.getbeambox.com; 
  access_log  /var/log/nginx/beambox-access.log; 
  error_log   /var/log/nginx/beambox-error.log; 
 
  return 301 https://$host:443$request_uri; 
 
} 
server { 
  listen      [::]:443 ssl spdy; 
  listen      443 ssl spdy; 
  server_name getbeambox.com yourhotspot.net www.getbeambox.com; 
  server_name getbeambox.com yourhotspot.net www.getbeambox.com; 
  access_log  /var/log/nginx/beambox-access.log; 
  error_log   /var/log/nginx/beambox-error.log; 
 
  ssl_certificate     /home/dokku/beambox/tls/server.crt; 
  ssl_certificate_key /home/dokku/beambox/tls/server.key; 
 
  keepalive_timeout   70; 
  add_header          Alternate-Protocol  443:npn-spdy/2; 
 
  location    / { 
 
    gzip on; 
    gzip_min_length  1100; 
    gzip_buffers  4 32k; 
    gzip_types    text/css text/javascript text/xml text/plain text/x-component application/javascript application/x-javascript application/json application/xml  application/rss+xm$ 
    gzip_vary on; 
    gzip_comp_level  6; 
 
    proxy_pass  http://beambox-5000; 
    proxy_http_version 1.1; 
    proxy_set_header Upgrade $http_upgrade; 
    proxy_set_header Connection "upgrade"; 
    proxy_set_header Host $http_host; 
    proxy_set_header X-Forwarded-Proto $scheme; 
    proxy_set_header X-Forwarded-For $remote_addr; 
    proxy_set_header X-Forwarded-Port $server_port; 
    proxy_set_header X-Request-Start $msec; 
  } 
  include /home/dokku/beambox/nginx.conf.d/*.conf; 
} 
 
upstream beambox-5000 { 
 
  server 172.17.0.3:5000; 
} 

任何人都可以指出我正确的方向吗?不会问我是否真的被卡住了:)

请您参考如下方法:

This是你要找的文件,虽然不是很清楚。

您需要做的第一件事是在应用程序存储库的根目录中创建并提交一个名为 nginx.config.sigil 的文件。 .然后你复制this file的内容并进行必要的调整。

我也是 nginx 的新手,但我能够找到进行重定向的行。这是我的工作文件的样子:

{{ range $port_map := .PROXY_PORT_MAP | split " " }} 
{{ $port_map_list := $port_map | split ":" }} 
{{ $scheme := index $port_map_list 0 }} 
{{ $listen_port := index $port_map_list 1 }} 
{{ $upstream_port := index $port_map_list 2 }} 
 
{{ if eq $scheme "http" }} 
server { 
  listen      [::]:{{ $listen_port }}; 
  listen      {{ $listen_port }}; 
  {{ if $.NOSSL_SERVER_NAME }}server_name {{ $.NOSSL_SERVER_NAME }}; {{ end }} 
  access_log  /var/log/nginx/{{ $.APP }}-access.log; 
  error_log   /var/log/nginx/{{ $.APP }}-error.log; 
  location    / { 
 
    gzip on; 
    gzip_min_length  1100; 
    gzip_buffers  4 32k; 
    gzip_types    text/css text/javascript text/xml text/plain text/x-component application/javascript application/x-javascript application/json application/xml  application/rss+xml font/truetype application/x-font-ttf font/opentype application/vnd.ms-fontobject image/svg+xml; 
    gzip_vary on; 
    gzip_comp_level  6; 
 
    proxy_pass  http://{{ $.APP }}-{{ $upstream_port }}; 
    proxy_http_version 1.1; 
    proxy_set_header Upgrade $http_upgrade; 
    proxy_set_header Connection "upgrade"; 
    proxy_set_header Host $http_host; 
    proxy_set_header X-Forwarded-Proto $scheme; 
    proxy_set_header X-Forwarded-For $remote_addr; 
    proxy_set_header X-Forwarded-Port $server_port; 
    proxy_set_header X-Request-Start $msec; 
  } 
  include {{ $.DOKKU_ROOT }}/{{ $.APP }}/nginx.conf.d/*.conf; 
} 
{{ else if eq $scheme "https"}} 
server { 
  listen      [::]:{{ $listen_port }} ssl {{ if eq $.SPDY_SUPPORTED "true" }}spdy{{ else if eq $.HTTP2_SUPPORTED "true" }}http2{{ end }}; 
  listen      {{ $listen_port }} ssl {{ if eq $.SPDY_SUPPORTED "true" }}spdy{{ else if eq $.HTTP2_SUPPORTED "true" }}http2{{ end }}; 
  {{ if $.SSL_SERVER_NAME }}server_name {{ $.SSL_SERVER_NAME }}; {{ end }} 
  {{ if $.NOSSL_SERVER_NAME }}server_name {{ $.NOSSL_SERVER_NAME }}; {{ end }} 
  access_log  /var/log/nginx/{{ $.APP }}-access.log; 
  error_log   /var/log/nginx/{{ $.APP }}-error.log; 
 
  ssl_certificate     {{ $.APP_SSL_PATH }}/server.crt; 
  ssl_certificate_key {{ $.APP_SSL_PATH }}/server.key; 
  ssl_protocols       TLSv1 TLSv1.1 TLSv1.2; 
 
  keepalive_timeout   70; 
  {{ if eq $.SPDY_SUPPORTED "true" }}add_header          Alternate-Protocol  {{ $.NGINX_SSL_PORT }}:npn-spdy/2;{{ end }} 
 
  location    / { 
 
    gzip on; 
    gzip_min_length  1100; 
    gzip_buffers  4 32k; 
    gzip_types    text/css text/javascript text/xml text/plain text/x-component application/javascript application/x-javascript application/json application/xml  application/rss+xml font/truetype application/x-font-ttf font/opentype application/vnd.ms-fontobject image/svg+xml; 
    gzip_vary on; 
    gzip_comp_level  6; 
 
    proxy_pass  http://{{ $.APP }}-{{ $upstream_port }}; 
    proxy_http_version 1.1; 
    proxy_set_header Upgrade $http_upgrade; 
    proxy_set_header Connection "upgrade"; 
    proxy_set_header Host $http_host; 
    proxy_set_header X-Forwarded-Proto $scheme; 
    proxy_set_header X-Forwarded-For $remote_addr; 
    proxy_set_header X-Forwarded-Port $server_port; 
    proxy_set_header X-Request-Start $msec; 
  } 
  include {{ $.DOKKU_ROOT }}/{{ $.APP }}/nginx.conf.d/*.conf; 
} 
{{ end }}{{ end }} 
 
{{ if $.DOKKU_APP_LISTENERS }} 
{{ range $upstream_port := $.PROXY_UPSTREAM_PORTS | split " " }} 
upstream {{ $.APP }}-{{ $upstream_port }} { 
{{ range $listeners := $.DOKKU_APP_LISTENERS | split " " }} 
{{ $listener_list := $listeners | split ":" }} 
{{ $listener_ip := index $listener_list 0 }} 
{{ $listener_port := index $listener_list 1 }} 
  server {{ $listener_ip }}:{{ $upstream_port }};{{ end }} 
} 
{{ end }}{{ end }} 


标签:nginx
声明

1.本站遵循行业规范,任何转载的稿件都会明确标注作者和来源;2.本站的原创文章,请转载时务必注明文章作者和来源,不尊重原创的行为我们将追究责任;3.作者投稿可能会经我们编辑修改或补充。

关注我们

一个IT知识分享的公众号