我有这个 nginx 配置
upstream puma_example.it {
server unix:/home/deploy/apps/example.it/shared/tmp/sockets/example.it-puma.sock fail_timeout=0;
}
server {
listen 80;
listen [::]:80;
server_name example.it www.example.it;
return 301 https://www.example.it$request_uri;
}
server {
server_name blog.example.com;
return 301 http://www.example.com/blog$request_uri;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
ssl_certificate /etc/letsencrypt/live/example.it/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.it/privkey.pem;
server_name www.example.it example.it;
root /home/deploy/apps/example.it/current/public;
try_files $uri/index.html $uri @puma_example.it;
return 301 https://www.example.com$request_uri;
client_max_body_size 4G;
keepalive_timeout 10;
error_page 500 502 504 /500.html;
error_page 503 @503;
location @puma_example.it {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
proxy_redirect off;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
ssi on;
proxy_set_header X-Forwarded-Proto https;
proxy_pass http://puma_example.it;
# limit_req zone=one;
access_log /home/deploy/apps/example.it/shared/log/nginx.access.log;
error_log /home/deploy/apps/example.it/shared/log/nginx.error.log;
}
location ^~ /images/ {
expires max;
add_header Cache-Control public;
}
location ~ ^/(assets|packs)/ {
gzip_static on;
brotli_static on;
expires max;
add_header Cache-Control public;
}
location = /50x.html {
root html;
}
location @503 {
error_page 405 = /system/maintenance.html;
if (-f $document_root/system/maintenance.html) {
rewrite ^(.*)$ /system/maintenance.html break;
}
rewrite ^(.*)$ /503.html break;
}
if ($request_method !~ ^(GET|HEAD|PUT|PATCH|POST|DELETE|OPTIONS)$ ){
return 405;
}
if (-f $document_root/system/maintenance.html) {
return 503;
}
}
我正在尝试将非 www 重定向到 www,并将第三方域名博客重定向到特定的 url,但我认为添加
return 301 https://www.example.com$request_uri;
在那个位置会导致重定向循环。我应该把它放在哪里?这个配置有什么问题?
我也尝试分离区块
upstream puma_example.it {
server unix:/home/deploy/apps/example.it/shared/tmp/sockets/example.it-puma.sock fail_timeout=0;
}
server {
listen 80;
listen [::]:80;
server_name example.it www.example.it;
return 301 https://www.example.it$request_uri;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
ssl_certificate /etc/letsencrypt/live/example.it/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.it/privkey.pem;
server_name example.it;
return 301 https://www.example.it$request_uri;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
ssl_certificate /etc/letsencrypt/live/example.it/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.it/privkey.pem;
server_name hinnovation.example.it;
return 301 https://www.example.it/speciale/innovation$request_uri;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
ssl_certificate /etc/letsencrypt/live/example.it/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.it/privkey.pem;
server_name www.example.it;
root /home/deploy/apps/example.it/current/public;
try_files $uri/index.html $uri @puma_example.it;
client_max_body_size 4G;
keepalive_timeout 10;
error_page 500 502 504 /500.html;
error_page 503 @503;
location @puma_example.it {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
proxy_redirect off;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
ssi on;
proxy_set_header X-Forwarded-Proto https;
proxy_pass http://puma_example.it;
# limit_req zone=one;
access_log /home/deploy/apps/example.it/shared/log/nginx.access.log;
error_log /home/deploy/apps/example.it/shared/log/nginx.error.log;
}
location ^~ /images/ {
expires max;
add_header Cache-Control public;
}
location ~ ^/(assets|packs)/ {
gzip_static on;
brotli_static on;
expires max;
add_header Cache-Control public;
}
location = /50x.html {
root html;
}
location @503 {
error_page 405 = /system/maintenance.html;
if (-f $document_root/system/maintenance.html) {
rewrite ^(.*)$ /system/maintenance.html break;
}
rewrite ^(.*)$ /503.html break;
}
if ($request_method !~ ^(GET|HEAD|PUT|PATCH|POST|DELETE|OPTIONS)$ ){
return 405;
}
if (-f $document_root/system/maintenance.html) {
return 503;
}
}
答案1
您需要为您的域和非域设置单独的server块。wwwwww
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
ssl_certificate ...
ssl_certificate_key ...
server_name example.it;
return 301 https://www.example.com$request_uri;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
ssl_certificate ...
ssl_certificate_key ...
server_name www.example.it;
... rest of configuration ...
}