Welcome! Log In Create A New Profile

Advanced

Re: avoid redirect

Moshe Katz
December 02, 2018 05:58PM
Here is a sample working configuration from one of my servers. Note that it
uses separate `server` blocks for HTTP and HTTPS to make it easier to read.

server {
listen 80;
listen [::]:80;
server_name server.example.com;

location ~ /\.well-known {
root /path/to/site;
}

location / {
return 301 https://$host$request_uri;
}
}

server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name server.example.com;

root /path/to/site;

# rest of server config left our for brevity...
}

Doing it this way has a side benefit if you have many sites running on a
single server and you would like all of them to use LetsEncrypt and to be
redirected to HTTPS.
You can change the HTTP `server` block to look like this:

server {
listen 80 default_server;
listen [::]:80 default_server;

location ~ /\.well-known {
# ALL LetsEncrypt authorizations will be done in this
single shared folder.
# This means you can issue the certificate using the
LetsEncrypt command line
# and then create the `server` block which already includes
the correct path to the certificate.
root /var/www/html;
}

location / {
return 301 https://$host$request_uri;
}
}

You then only need to create HTTPS `server` blocks for each site, which
makes your configuration much simpler.

Moshe

--
Moshe Katz
-- kohenkatz@gmail.com
-- +1(301)867-3732


On Sun, Dec 2, 2018 at 5:09 PM Moshe Katz <kohenkatz@gmail.com> wrote:

> I believe you need to put the `return 301 ...` inside a location block
> too. Otherwise, it overrides all the location blocks.
>
> I'm on my phone now, but I'll try to share a sample file from one of my
> servers (that works as you want it) when I get back to my computer.
>
> Moshe
>
>
> On Sun, Dec 2, 2018, 5:03 PM Mik J via nginx <nginx@nginx.org wrote:
>
>> Hello,
>>
>> I'd like to be able to offer let's encrypt in port 80 only and redirect
>> everything else to port 443
>>
>> server {
>> listen 80;
>> listen [::]:80;
>> listen 443;
>> listen [::]:443;
>> server_name http://www.mydomain.org blog.mydomain.org;
>> location ^~ /.well-known/acme-challenge { default_type
>> "text/plain"; root /var/www/letsencrypt; }
>> location = /.well-known/acme-challenge/ { return 404; }
>> return 301 https:// mydomain.org;
>> }
>>
>> My problem is that everything is redirected and I cannot access a file in
>> /var/www/letsencrypt/.well-known/acme-challenge
>> When I comment the return 301 it works but I loose the redirection.
>>
>> It seems to me that nginx parses everything where I would expect it to
>> stop at
>> location ^~ /.well-known/acme-challenge { default_type "text/plain"; root
>> /var/www/letsencrypt; }
>>
>> Does anyone know the trick ?
>> _______________________________________________
>> nginx mailing list
>> nginx@nginx.org
>> http://mailman.nginx.org/mailman/listinfo/nginx
>
>
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
Subject Author Posted

avoid redirect

Mik J via nginx December 02, 2018 05:04PM

Re: avoid redirect

Moshe Katz December 02, 2018 05:10PM

Re: avoid redirect

Moshe Katz December 02, 2018 05:58PM

Re: avoid redirect

Mik J via nginx December 02, 2018 06:16PM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 91
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready