Как перенаправить не-www https порт XXX на www https порт XXX с помощью nginx? - PullRequest
0 голосов
/ 15 сентября 2018

Файл доступных сайтов Nginx приведен ниже.

Нам удалось перенаправить не-http http на www https через порт 80.

(http://example.com --> https://www.example.com)

Нам удалось перенаправить не-www https на www https через порт 80.

(https://example.com --> https://www.example.com)

Нам удалось перенаправить не-www http на www https через порт 3000.

(http://example.com:3000 --> https://www.example.com:3000)

Мы не можем перенаправить https без www на https www через порт 3000.

(https://example.com:3000 -/-> https://www.example.com:3000)

Не могупонять, где мы идем не так.

# You may add here your
# server {
#   ...
# }
# statements for each of your virtual hosts to this file

##
# You should look at the following URL's in order to grasp a solid understanding
# of Nginx configuration files in order to fully unleash the power of Nginx.
# http://wiki.nginx.org/Pitfalls
# http://wiki.nginx.org/QuickStart
# http://wiki.nginx.org/Configuration
#
# Generally, you will want to move this file somewhere, and start with a clean
# file but keep this around for reference. Or just disable in sites-enabled.
#
# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.
##

server {
    listen 80 ;

    root /var/www/html/EXAMPLE/html/;
    index index.php index.html index.htm;

    # Make site accessible from http://localhost/
    server_name www.EXAMPLE.com EXAMPLE.com;

    #####Added on request ###############
    proxy_read_timeout 360s;
    #######################################

    location / {
        # First attempt to serve request as file, then
        # as directory, then fall back to displaying a 404.
        try_files $uri $uri/ =404;
              proxy_max_temp_file_size 1924m;
        # Uncomment to enable naxsi on this location
        # include /etc/nginx/naxsi.rules;
    }
        server_tokens off;

    #location /someDirectory/ {
          #    rewrite (.*) /somefile.php?$args last;
       # }

    #error_page 404 /404.html;

    # redirect server error pages to the static page /50x.html
    #
#   error_page 500 502 503 504 /50x.html;
#   location = /50x.html {
#       root /usr/share/nginx/html;
#   }

    # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
    #
    location ~ \.php$ {
        try_files $uri =404;
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        ##########ADDED ON REQUEST#############
        fastcgi_param php_value "magic_quotes_gpc=On";
        ######ADDED TO FIX BUFFER TOO LARGE BUG##############
        fastcgi_buffers 16 16k; 
        fastcgi_buffer_size 32k;
                proxy_max_temp_file_size 1924m;
    #   # NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
    #
    #   # With php5-cgi alone:
    #   fastcgi_pass 127.0.0.1:9000;
    #   # With php5-fpm:
        fastcgi_pass unix:/var/run/php/php5.6-fpm.sock;
    # added below for truncated response issue fix
    #   fastcgi_read_timeout 300; 
        fastcgi_index index.php;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;
    }
     #location ~ \.mp4$ {
          #     rewrite (.*) /somefile.php?$args last;
       # }
    location /someDirectory/SubDir1/SubSub3/ {
         rewrite (.*) /somefile.php?$args last;
    }
    location /someDirectory/SubDir2/ {
            rewrite (.*) /somefile.php?$args last;
    }
    location /someDirectory/SubDir3/SubSub2/ {
            rewrite (.*) /somefile.php?$args last;
    }
    location /someDirectory/SubDir4/ {
            rewrite (.*) /somefile.php?$args last;
    }
    location /someDirectory/SubDir5/SubSub1/ {
            rewrite (.*) /somefile.php?$args last;
    }
    location /SomeOtherDir/ {
                #location ~ \.php$ {return 403;}
        }

    # deny access to .htaccess files, if Apache's document root
    # concurs with nginx's one
    #
    #location ~ /\.ht {
    #   deny all;
    #}
#XXX added below for tracking ping or status for php-fpm
       location ~ ^/(status|ping)$ {
#       access_log off;
       allow 127.0.0.1;
       allow XX.XXX.XXX.XXX;
       deny all;
##     allow all;
       fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
       include fastcgi_params;
#      fastcgi_pass 127.0.0.1:9000;
       fastcgi_pass unix:/var/run/php/php5.6-fpm.sock;
       }
}


# another virtual host using mix of IP-, name-, and port-based configuration
#
#server {
#   listen 8000;
#   listen somename:8080;
#   server_name somename alias another.alias;
#   root html;
#   index index.html index.htm;
#
#   location / {
#       try_files $uri $uri/ =404;
#   }
#}


# HTTPS server
#
server {
    listen 443;
    server_name EXAMPLE.com www.EXAMPLE.com;

    root /var/www/html/EXAMPLE/html/;
    index index.php index.html index.htm;

    ssl on;
    #ssl_certificate /etc/ssl/certs/ssl-cert-snakeoil.pem;
    #ssl_certificate_key /etc/ssl/private/ssl-cert-snakeoil.key;

    ssl_certificate /etc/letsencrypt/live/EXAMPLE.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/EXAMPLE.com/privkey.pem;

    ssl_session_timeout 5m;

    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers 'HASH_VALUE_WAS_HERE';
    ssl_prefer_server_ciphers on;


    #####Added on request ###############
    proxy_read_timeout 360s;
    #######################################

    location / {
        # First attempt to serve request as file, then
        # as directory, then fall back to displaying a 404.
        try_files $uri $uri/ =404;
                proxy_max_temp_file_size 1924m;
        # Uncomment to enable naxsi on this location
        # include /etc/nginx/naxsi.rules;
    }
        server_tokens off;

    #error_page 404 /404.html;

    # redirect server error pages to the static page /50x.html
    #
#   error_page 500 502 503 504 /50x.html;
#   location = /50x.html {
#       root /usr/share/nginx/html;
#   }

    # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
    #
    location ~ \.php$ {
        try_files $uri =404;
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        ######Added on Request#######
        fastcgi_param php_value "magic_quotes_gpc=On";
        ##### Added to fix header too large bug######
        #fastcgi_buffers 16 16k; 
        #fastcgi_buffer_size 32k;
 fastcgi_buffers 256 4k;
                fastcgi_buffer_size 256k;
        ######TILL HERE######
    #   # NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
    #
    #   # With php5-cgi alone:
    #   fastcgi_pass 127.0.0.1:9000;
    #   # With php5-fpm:
        fastcgi_pass unix:/var/run/php/php5.6-fpm.sock;
                proxy_max_temp_file_size 1924m;
    #XXX added below for truncated response issue fix
        #       fastcgi_read_timeout 300;
        fastcgi_index index.php;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;
    }
    # location /someDirectory/ {
             #rewrite (.*) /somefile.php?$args last;

        #}
    location /someDirectory/SubDir1/SubSub3/ {
         rewrite (.*) /somefile.php?$args last;
    }
    location /someDirectory/SubDir2/ {
             rewrite (.*) /somefile.php?$args last;
    }
    location /someDirectory/SubDir3/SubSub2/ {
            rewrite (.*) /somefile.php?$args last;
    }
    location /someDirectory/SubDir4/ {
            rewrite (.*) /somefile.php?$args last;
    }
    location /someDirectory/SubDir5/SubSub1/ {
            rewrite (.*) /somefile.php?$args last;
    }
    location /SomeOtherDir/ {
                location ~ \.php$ {return 403;}
        }


    # deny access to .htaccess files, if Apache's document root
    # concurs with nginx's one
    #
    #location ~ /\.ht {
    #   deny all;
    #}
#XXX added below for tracking ping or status for php-fpm
       location ~ ^/(status|ping)$ {
#       access_log off;
       allow 127.0.0.1;
       allow XX.XXX.XXX.XXX;
       deny all;
##     allow all;
       fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
       include fastcgi_params;
#      fastcgi_pass 127.0.0.1:9000;
       fastcgi_pass unix:/var/run/php/php5.6-fpm.sock;
       }
}

upstream EXAMPLE_Python {
  # fail_timeout=0 means we always retry an upstream even if it failed
  # to return a good HTTP response (in case the Unicorn master nukes a
  # single worker for timing out).
  server unix:/var/tmp/venv_Python/run/gunicorn.sock fail_timeout=0;
}

server {

    listen 8003;
    #server_name <your domain name>;

    client_max_body_size 4G;
    access_log /var/tmp/logs/nginx-access.log;
    error_log /var/tmp/logs/nginx-error.log;

    ssl on;
    #ssl_certificate /etc/ssl/certs/ssl-cert-snakeoil.pem;
    #ssl_certificate_key /etc/ssl/private/ssl-cert-snakeoil.key;

    ssl_certificate /etc/letsencrypt/live/EXAMPLE.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/EXAMPLE.com/privkey.pem;
    ssl_session_timeout 5m;

    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers 'SOME_HASH_VALUE_WAS_HERE';
    ssl_prefer_server_ciphers on;


    #####Added on request ###############
    proxy_read_timeout 360s;
    #######################################

    location / {

        # an HTTP header important enough to have its own Wikipedia entry:
        #   http://en.wikipedia.org/wiki/X-Forwarded-For
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;


        # enable this if and only if you use HTTPS, this helps Rack
        # set the proper protocol for doing redirects:
        # proxy_set_header X-Forwarded-Proto https;

        # pass the Host: header from the client right along so redirects
        # can be set properly within the Rack application
        proxy_set_header Host $http_host;

        # we don't want nginx trying to do something clever with
        # redirects, we set the Host: header above already.
        proxy_redirect off;

        # set "proxy_buffering off" *only* for Rainbows! when doing
        # Comet/long-poll stuff.  It's also safe to set if you're
        # using only serving fast clients with Unicorn + nginx.
        # Otherwise you _want_ nginx to buffer responses to slow
        # clients, really.
        # proxy_buffering off;

        # Try to serve static files from nginx, no point in making an
        # *application* server like Unicorn/Rainbows! serve static files.
        if (!-f $request_filename) {
            proxy_pass http://EXAMPLE_Python;
            break;
        }
    }

}

server {

    listen 3000;
    server_name www.EXAMPLE.com EXAMPLE.com;

  error_page  497 https://www.EXAMPLE.com:3000$request_uri;
    client_max_body_size 4G;
    access_log /var/tmp/logs/nginx-access.log;
    error_log /var/tmp/logs/nginx-error.log;
    root /var/www/html/EXAMPLE/frontendapp/build;
    index index.html;

    ssl on;
    #ssl_certificate /etc/ssl/certs/ssl-cert-snakeoil.pem;
    #ssl_certificate_key /etc/ssl/private/ssl-cert-snakeoil.key;

    ssl_certificate /etc/letsencrypt/live/EXAMPLE.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/EXAMPLE.com/privkey.pem;
    ssl_session_timeout 5m;

    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers 'Some_Hash_Value';
    ssl_prefer_server_ciphers on;


        #####Added on request ###############
    proxy_read_timeout 180s;
        #######################################

    location / {

        # an HTTP header important enough to have its own Wikipedia entry:
        #   http://en.wikipedia.org/wiki/X-Forwarded-For
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;


        # enable this if and only if you use HTTPS, this helps Rack
        # set the proper protocol for doing redirects:
        # proxy_set_header X-Forwarded-Proto https;

        # pass the Host: header from the client right along so redirects
        # can be set properly within the Rack application
        proxy_set_header Host $http_host;

        # we don't want nginx trying to do something clever with
        # redirects, we set the Host: header above already.
        proxy_redirect off;

        # set "proxy_buffering off" *only* for Rainbows! when doing
        # Comet/long-poll stuff.  It's also safe to set if you're
        # using only serving fast clients with Unicorn + nginx.
        # Otherwise you _want_ nginx to buffer responses to slow
        # clients, really.
        # proxy_buffering off;

        # Try to serve static files from nginx, no point in making an
        # *application* server like Unicorn/Rainbows! serve static files.
        # Try to serve static files from nginx, no point in making an
        # *application* server like Unicorn/Rainbows! serve static files.
        proxy_pass https://127.0.0.1:3000;


    location / {
            try_files $uri /index.html;
#            try_files $uri $uri/ =404;
    }
    }
}

1 Ответ

0 голосов
/ 15 сентября 2018
....
server {

listen 3000;
server_name www.EXAMPLE.com EXAMPLE.com;
return 301 $scheme://www.EXAMPLE.com:3000$request_uri;
....
Добро пожаловать на сайт PullRequest, где вы можете задавать вопросы и получать ответы от других членов сообщества.
...