我正在使用 nginx 作为反向代理,我想将通过 url 提供的端口 3000 重定向到代理传递上的相同端口,但我尝试时总是重定向到 443 端口。
以下是当前配置:
server {
listen 80 ;
listen 443 ssl;
listen 3000 ssl;
server_name example.com;
ssl_certificate /etc/ssl/certs/example.fullchain.pem;
ssl_certificate_key /etc/ssl/private/example.pem;
location / {
#auth_basic "Vous devez vous authentifier";
#auth_basic_user_file /etc/nginx/htpasswd;
if ($scheme = http) {
return 301 https://$server_name$request_uri;
}
proxy_pass http://10.10.10.10
proxy_set_header Host $http_host;
proxy_read_timeout 90;
}
location /.well-known/acme-challenge {
root /var/www/letsencrypt;
}
# ...
}
你知道如何重定向到http://10.10.10.10:3000当访问https://example.com:3000?
编辑:
我也尝试了如下配置,但仍然遇到同样的问题。
server {
listen 80 ;
listen 443 ssl;
server_name example.com;
ssl_certificate /etc/ssl/certs/example.fullchain.pem;
ssl_certificate_key /etc/ssl/private/example.pem;
location / {
#auth_basic "Vous devez vous authentifier";
#auth_basic_user_file /etc/nginx/htpasswd;
if ($scheme = http) {
return 301 https://$server_name$request_uri;
}
proxy_pass http://10.10.10.10;
proxy_set_header Host $http_host;
proxy_read_timeout 90;
}
location /.well-known/acme-challenge {
root /var/www/letsencrypt;
}
}
server {
listen 3000 ssl;
server_name example.com;
ssl_certificate /etc/ssl/certs/example.fullchain.pem;
ssl_certificate_key /etc/ssl/private/example.pem;
location / {
proxy_pass http://10.10.10.10:3000;
proxy_set_header Host $http_host;
proxy_read_timeout 90;
}
location /.well-known/acme-challenge {
root /var/www/letsencrypt;
}
}
答案1
使用两个服务器块的第二种方法是正确的。您只需删除重定向到 https(这将使请求返回到端口 443)。
server {
listen 3000 ssl;
server_name example.com;
ssl_certificate /etc/ssl/certs/example.fullchain.pem;
ssl_certificate_key /etc/ssl/private/example.pem;
location / {
proxy_pass http://10.10.10.10:3000;
proxy_set_header Host $http_host;
proxy_read_timeout 90;
}
location /.well-known/acme-challenge {
root /var/www/letsencrypt;
}
}