Hi
I m using nginx to configure ssl accelerator.Have specified the
following in my configuration file to accomplish the same:
upstream dev1.magazine.com{
server dev1.magazine.com:8000;
}
server {
listen 443;
server_name 192.168.8.31;
ssl on;
ssl_certificate server.crt;
ssl_certificate_key server.key;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-FORWARDED_PROTO https;
proxy_redirect false;
if (!-f $request_filename) {
proxy_pass http://dev1.magazine.com;
}
root html;
index index.html index.htm;
}
Setting the above things in my configuration file, i have my request say
https://192.168.8.31 being translated to http://dev1.magazine.com on
port 8000, but the page returned is over http instead of that being
https. Please help.
Posted at Nginx Forum:
If anybody out there can help me out.
Posted at Nginx Forum:
On Wed, Apr 29, 2009 at 10:08:49AM -0400, lovewadhwa wrote:
listen 443;
if (!-f $request_filename) {
proxy_pass http://dev1.magazine.com;
}
root html;
index index.html index.htm;
}
Setting the above things in my configuration file, i have my request say https://192.168.8.31 being translated to http://dev1.magazine.com on port 8000, but the page returned is over http instead of that being https. Please help.
Probably, you need to rewrite redirects:
proxy_redirect http://dev1.magazine.com:8000/ /;
Also, it’s better to use this configuration
location / {
root html;
index index.html index.htm;
try_files $uri @magazine;
}
locaiton @magazine {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-FORWARDED_PROTO https;
proxy_pass http://dev1.magazine.com:8000;
}
without “if” and “upstream dev1.magazine.com”.
By default
proxy_pass http://dev1.magazine.com:8000;
also adds
proxy_redirect http://dev1.magazine.com:8000/ /;
Igor,
Can you explain why it’s better to use this format?
–J
Igor S. wrote:
Also, it’s better to use this configuration
location / {
root html;
index index.html index.htm;
try_files $uri @magazine;
}
locaiton @magazine {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-FORWARDED_PROTO https;
proxy_pass http://dev1.magazine.com:8000;
}
without “if” and “upstream dev1.magazine.com”.
By default
proxy_pass http://dev1.magazine.com:8000;
also adds
proxy_redirect http://dev1.magazine.com:8000/ /;
Hmm, that’s kinda hard to do with this block.
location / {
root /var/www/crm;
access_log off;
index index.php index.html;
fastcgi_param SCRIPT_FILENAME /var/www/crm/index.php;
if (-f $request_filename) {
expires 1d;
break;
}
try_files $uri $uri/ /index.php?q=$uri;
}
I don’t see a way to take out the if block which should serve with
specific conditions if the file exists.
On Fri, May 01, 2009 at 08:38:25AM +0200, Joe Bofh wrote:
expires 1d;
break;
}
try_files $uri $uri/ /index.php?q=$uri;
}
I don’t see a way to take out the if block which should serve with
specific conditions if the file exists.
location / {
root /var/www/crm;
access_log off;
index index.php index.html;
expires 1d;
try_files $uri $uri/ /index.php?q=$uri;
}
location ~ \.php$ {
access_log off;
fastcgi_param SCRIPT_FILENAME /var/www/crm/index.php;
fastcgi_pass ...
}
Thanks!
For the record, I have this now working with a bunch of different apps
such as sugarcrm.
location / {
root /var/www/crm;
access_log off;
index index.php index.html;
expires 1d;
try_files $uri $uri/ /index.php?q=$uri;
}
location ~ \.php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_buffer_size 128k;
fastcgi_buffers 4 256k;
fastcgi_param SCRIPT_FILENAME /var/www/crm$fastcgi_script_name;
include /usr/local/nginx/conf/fastcgi_params;
}
Igor,
While I have your attention, is there a better way to write status
blocks than the following? I figure this would be useful information for
everyone.
error_page 500 502 503 504 /500.html;
location = /500.html {
expires 5d;
root /var/www/crm;
}
error_page 404 /404/index.php;
location = /404/index.php {
expires 5d;
root /var/www/crm;
}
On Fri, May 01, 2009 at 10:15:44AM +0200, Joe Bofh wrote:
}
error_page 404 /404/index.php;
location = /404/index.php {
expires 5d;
root /var/www/crm;
}
- “expires” works only for 200, 204, 301, 302, and 304 responses.
- /404/index.php will be handled as static file.
- “root” may be set on server level, if it’s common for server.
On Fri, May 01, 2009 at 12:49:21AM +0200, Joe Bofh wrote:
Igor,
Can you explain why it’s better to use this format?
Due to unbethought implementation “if” may work not so as you expect.
Probably, the only natural usage is:
if (...) {
return 403;
}
and
if (...) {
rewrite ... last;
}
The following examples
if (...) {
rewrite ... break;
}
if (...) {
break;
}
have may drawbacks.
As to “upstream”, you do not need it for single upstream server and
using real host in proxy_pass allow to use default proxy_redirect.
With upstream you should add
proxy_redirect http://dev1.magazine.com:8000/ /;
because default proxy_redirect will be without port
proxy_redirect http://dev1.magazine.com/ /;