Last active
December 22, 2019 20:40
-
-
Save eksiscloud/dac26b6693b2906fb9600ffd90ede634 to your computer and use it in GitHub Desktop.
Nginx: Virtual host and SSL + HTTP/2 before Varnish in port 8080 (backend is Apache2), redirecting from port 80 to port 443, map for normal 301 redirects
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
map_hash_bucket_size 256; | |
map $request_uri $new_uri { | |
include /etc/nginx/snippets/includes/301.example.tld.map; | |
} | |
server { | |
listen <ip-address>:443 ssl http2; | |
server_name example.tld www.example.tld; | |
access_log /var/log/nginx/access.log; | |
error_log /var/log/nginx/error.log; | |
if ($host = example.tld) { | |
return 301 https://www.$host$request_uri; | |
} | |
if ($new_uri != "") { | |
return 301 $new_uri; | |
} | |
location / { | |
proxy_pass http://127.0.0.1:8080; | |
proxy_set_header X-Real-IP $remote_addr; | |
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
proxy_set_header X-Forwarded-Proto https; | |
proxy_set_header X-Forwarded-Port 443; | |
proxy_set_header Host $host; | |
proxy_pass_header Server; | |
} | |
ssl_certificate /etc/letsencrypt/live/example.tld/fullchain.pem; # managed by Certbot | |
ssl_certificate_key /etc/letsencrypt/live/example.tld/privkey.pem; # managed by Certbot | |
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot | |
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot | |
} | |
server { | |
listen <ip-address>:80; | |
server_name example.tld www.example.tld; | |
access_log /var/log/nginx/access-80.log; | |
error_log /var/log/nginx/error-80.log; | |
if ($host = www.example.tld) { | |
return 301 https://$host$request_uri; | |
} | |
if ($host = example.tld) { | |
return 301 https://www.$host$request_uri; | |
} | |
return 404; | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
For 301 redirects and map you need a "conf" like this:
~/some/thing/?$ /else/where/
~/some/thing/$ /else/where/
~/some/thing /else/where/
Remember:
~/ when case-sensitive
~*/ when no case-sensitive
Apache2 redirect starts urls mostly using ^ but Nginx needs ~/ or ~*/