最初,我有一个简单的服务器块作为我的 WireGuard 隧道的代理,但后来我安装了 Let's Encrypt 并添加了自己的服务器块。
一切仍然运行良好,唯一的问题是尽管 Let's Encrypt 添加了 HTTP,但 HTTP 并未重定向到 HTTPS(但如果我在地址中手动输入 HTTPS,HTTPS 确实有效)。
我认为这是因为充当的原始服务器块会拦截proxy_pass之前的请求。尽管我无法以某种方式编辑它,使它们都能按预期工作。
这是我目前拥有的:
# original server block for WireGuard
server {
server_name mydomain www.mydomain ;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host-Real-IP $http_host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
proxy_pass http://10.8.0.22:80;
}
# added by Let's Encrypt
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/mydomain/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/mydomain /privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = www.mydomain) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = mydomain.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
server_name mydomain www.mydomain;
listen 80;
return 404; # managed by Certbot
}
我可以将两者合并吗?或者这甚至不是 HTTP 未重定向到 HTTPS 的问题?谢谢