apache2 在 vagrant box 中将 http 重定向到 https

apache2 在 vagrant box 中将 http 重定向到 https

我正在尝试在 vagrant 中实现 apache2 http 重定向到 https。下面是我的Vagrantfile脚本bootstrap.sh。在 vagrant box 的情况下,我无法弄清楚我在这里做错了什么。我正在使用 ubuntu 16.04 vagrant 镜像。

VAGRANTFILE_API_VERSION = "2"

Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
  config.vm.box = "ubuntu/xenial64"
  config.vm.hostname = "suffire"
  config.vm.network :forwarded_port, guest: 80, host: 8080, protocol: "tcp"
  config.vm.network :forwarded_port, guest: 443, host: 8443, protocol: "tcp"
  config.vm.network :private_network, ip: "10.0.1.10"
  config.vm.provision :shell, path: "bootstrap.sh"
end

Bootstrap 脚本如下。

#!/usr/bin/env bash

# ---------------------------------------
#          Virtual Machine Setup
# ---------------------------------------

# Adding multiverse sources.
cat > /etc/apt/sources.list.d/multiverse.list << EOF
deb http://archive.ubuntu.com/ubuntu trusty multiverse
deb http://archive.ubuntu.com/ubuntu trusty-updates multiverse
deb http://security.ubuntu.com/ubuntu trusty-security multiverse
EOF


# Updating packages
apt-get update

sudo sed -ie 's/^mesg/#mesg/' /root/.profile

# ---------------------------------------
#          Apache Setup
# ---------------------------------------

# Installing Packages
apt-get install -y apache2 libapache2-mod-fastcgi git-core
apt-get install -y php7.0 libapache2-mod-php7.0 php7.0-cli php7.0-common php7.0-mbstring php7.0-gd php7.0-intl php7.0-xml php7.0-mysql php7.0-mcrypt php7.0-zip php-pecl-http php-pecl-http-dev

# Add ServerName to httpd.conf
httpd=$(cat <<EOF
ServerName localhost
RewriteEngine on
RewriteCond     %{SERVER_PORT} ^80$
RewriteRule     ^(.*)$ https://%{SERVER_NAME}%{REQUEST_URI} [L,R]
EOF
)

echo $httpd > /etc/apache2/conf-available/httpd.conf 

cert=$(cat <<EOF
-----BEGIN CERTIFICATE-----
MIIDajCCAlICCQCMQMQZdfLh/DANBgkqhkiG9w0BAQsFADB3MQswCQYDVQQGEwJJ
TjELMAkGA1UECAwCTUgxDTALBgNVBAcMBFBVTkUxDDAKBgNVBAoMA0FCQzEMMAoG
A1UECwwDWFlaMRAwDgYDVQQDDAdBQkMgWFlaMR4wHAYJKoZIhvcNAQkBFg9hYmNA
ZXhhbXBsZS5jb20wHhcNMTcwOTA0MTgzNDU4WhcNMTgwOTA0MTgzNDU4WjB3MQsw
CQYDVQQGEwJJTjELMAkGA1UECAwCTUgxDTALBgNVBAcMBFBVTkUxDDAKBgNVBAoM
A0FCQzEMMAoGA1UECwwDWFlaMRAwDgYDVQQDDAdBQkMgWFlaMR4wHAYJKoZIhvcN
AQkBFg9hYmNAZXhhbXBsZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDWpvgzNBK6CkKv88hqtUDl/bXI9k4dC+2t5fjRc3BaiYtE8kltNXabDHqc
FeKzirzNwOI5v4gezK9MrZR+2iyWppaobCUdWGlFS+GUZJRIkV2wkgFI8uTr7XOB
Kz0W2/tBSXnlW6BeHQ6ktBADVgJjaKw5STXhQkptjCizmDBmnkdmJi99e9EH7JGc
IwM/pQHZ2PTBNZPMbe5DEfxP1zDYfxdWnTrnboTGy40F9+dDQUxSCCbDvgWZ6LGw
S4VKG/am2zP/dGmbCkpFYN/fRra5Wm50uZ4dYqmqhJpn+nJAnf0kvo6dx+SDcqeZ
4lsEpCNEUpxtP3WyWS/IxZj3qyvrAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAHn3
Jf+AzJ5NQTgkbNi5uXuegLf+i+Qv6g616eU6t1n/oOmuNwb0p1hmomzHSyRvT07J
FEd5z7Qsp7jdT9yqYODjGMYEP2CHXzn7MZ+Ioe+qKnEcYlRWjjMtgoGG7CIrOgMB
WN35Pz4ea+yYC+Ite56lK7SpUtm7ySOPAjIx7fuuW9PKtfWZCVRugwgBaGtoHPYi
6CinLG38qHBtCV4SfWQv7qB3w8oTCE3Y22EIdplCrj0PiPaoxEAP61Bebm1WHWTC
O1Zqe9u6pgBnakQqYm7jfBv680KJp1fawfbhKOv0UMMSIe5+xLwXu1T9+aC69Gte
npK4kzK/XWznuDDZ2Zk=
-----END CERTIFICATE-----
EOF
)

newkey=$(cat <<EOF
-----BEGIN RSA PRIVATE KEY-----
MIIEpQIBAAKCAQEA1qb4MzQSugpCr/PIarVA5f21yPZOHQvtreX40XNwWomLRPJJ
bTV2mwx6nBXis4q8zcDiOb+IHsyvTK2UftoslqaWqGwlHVhpRUvhlGSUSJFdsJIB
SPLk6+1zgSs9Ftv7QUl55VugXh0OpLQQA1YCY2isOUk14UJKbYwos5gwZp5HZiYv
fXvRB+yRnCMDP6UB2dj0wTWTzG3uQxH8T9cw2H8XVp06526ExsuNBffnQ0FMUggm
w74FmeixsEuFShv2ptsz/3RpmwpKRWDf30a2uVpudLmeHWKpqoSaZ/pyQJ39JL6O
ncfkg3KnmeJbBKQjRFKcbT91slkvyMWY96sr6wIDAQABAoIBAGstVZKjdpJD20Zl
r/Vv6SatRp5ANYKVWSjSQim6vSfHs61KWNVZs435biMPXnGNXXZSz+JLuxi91O2x
YgrwvwC9z03rKaD8axu5prnkepG9W411aYTWGu2eU2T0hP0r+8l+eYnG9Uzor04X
xkMUJ/8g3ZWA85E0+1q1eAEshUZG6O4+QIqIoROgnmd9+TVvvStdsGZQpELw9rSL
+goJNnsmwCCEnr4ehX1pdyfadIYokQAdmFdMa+iqS9y4pyebcP2q4WXgIBoAUJR/
Nx5OCD2f1E0+NadF0vrTfB5q7A+MWGF9c4XxSMVLsbgRJj1+s58DqelAcGiotwq7
n//GJ1ECgYEA+28T8pMYwP68R25LBnfsu0bYheMVgCrIxsLSE01LiKyfshsC4sat
C7hOdSHJe2JPAoS8dIENOcjiPSZ8yIeYCKJezymOrYk7eehPTt2fZjtkesVdwUbJ
Nc7awGbvthaWxCyNx0uKiw5ndmcVVKnl9o1fAlE9K3AYM7FPn7xJn7kCgYEA2ozk
i0hdwvOTTOyWSkglh8W2i1wiS0IJF1eMPKvus/VJvhBLn+6FSK2dIARmhtkzYl6R
k+o8LGbOs+IKuhkPKcVGbbuDaYyLIWfvy+dRwVJQd6ecHaJqJrk+0nyYFub813Y9
bb31ms7b1oVmU6Kfj7hTg/plxemHi377CIv3ksMCgYEA5Hrh45Lr8aUKLtb48l3U
D7KnW7MpfJhkbsnm4Idi1kYXsF9/Vdg4s+e91A7p6mdBaQZ5wlzrSdFUVUE+L3OY
InB6O0KGVwfXtkX2m7IlAV+DRVVIhzPt8CmS+zgPKKaKRqY+CBaLRSXHuv6dkZv6
TvvUlGSCc5CfTYoY0wzk0nECgYEAhWuoBmPKYb6jeT2hzn1W9Bk+hLtdcEZDGI3o
3g00b4ZaW37FPEC3+5OJrcch9Eba+L207/D6hTzKCcUAOXYc7KozgcAMzL3xHha+
rONt5LBk0XdwdiL13OgQMx2/F5QyXTMg80MZkkWgrcjInFxWPr4Pti2CPh2AEygV
BrW0EVMCgYEA8JcAcbb1bsNB1YNk5Rj1nPbQiZDIUlMzIkmnToXyLUmFCpXlvDyk
URIVQPcgXKqBWBx5sWZ4GhMwktcFvNAFJV7PoTnZWQPgYcI7d14ril4RcEBNgl/n
EpQkp2Qxg5M8vFDv0OCGrIxtbQ5PEixOGN11YC/KO7ogHVm8pACbcFs=
-----END RSA PRIVATE KEY-----
EOF
)

echo $cert > /etc/apache2/server.crt
echo $newkey > /etc/apache2/server.key

chmod 400 /etc/apache2/server.key
chmod 400 /etc/apache2/server.crt

# Setup hosts file
VHOST=$(cat <<EOF
<IfModule mod_ssl.c>
  <VirtualHost _default_:443>
    DocumentRoot "/var/www/html"
    ServerName localhost
    SSLEngine on
    SSLCertificateFile /etc/apache2/server.crt
    SSLCertificateKeyFile /etc/apache2/server.key
    <FilesMatch "\.(cgi|shtml|phtml|php)$">
    SSLOptions +StdEnvVars
    </FilesMatch>
    <Directory "/var/www/html">
        AllowOverride All
    SSLOptions +StdEnvVars
    </Directory>
  </VirtualHost>
</IfModule>
EOF
)

echo "${VHOST}" > /etc/apache2/sites-available/default-ssl.conf

VHOST1=$(cat <<EOF
<VirtualHost *:80>
  DocumentRoot "/var/www/html"
  ServerName localhost
  <Directory "/var/www/html">
    AllowOverride All
  </Directory>
  Redirect permanent / https://localhost
</VirtualHost>
EOF
)

echo "${VHOST1}" > /etc/apache2/sites-available/000-default.conf


# Loading needed modules to make apache work
a2enmod actions fastcgi rewrite ssl
a2ensite default-ssl.conf
a2ensite 000-default.conf
service apache2 reload

注意:我已经在 16.04 上测试了 http 重定向到 https,效果很好,但是在 vagrant box 的情况下却不起作用。步骤相同。

这里的目标是 apache2 应该能够执行以下操作。Ubuntu 16.04 主机(8080)--> Ubuntu 16.04 客户机(80)--> 重定向客户机 443 Ubuntu 16.04 主机(8443)--> Ubuntu 16.04 客户机(443)

答案1

尝试一下这个:

RewriteEngine 开启
RewriteCond %{REQUEST_SCHEME} ^http$
重写规则 ^(.*)$ https://%{SERVER_NAME}%{REQUEST_URI} [L,R]

如果没有,请登录你的 vagrant box 并查看你的配置中是否有这些行。然后让 apache 重写你http://example.com/%{REQUEST_SCHEME} 来查看它认为您正在进入什么。

相关内容