Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
HTTPs redirection with Websockets
###################################################################################################
#### Copyright 2016 Amazon.com, Inc. or its affiliates. All Rights Reserved.
####
#### Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file
#### except in compliance with the License. A copy of the License is located at
####
#### http://aws.amazon.com/apache2.0/
####
#### or in the "license" file accompanying this file. This file is distributed on an "AS IS"
#### BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
#### License for the specific language governing permissions and limitations under the License.
###################################################################################################
###################################################################################################
#### This configuration file configures Nginx for Single Docker environments to redirect HTTP
#### requests on port 80 to HTTPS on port 443 after you have configured your environment to support
#### HTTPS connections:
####
#### Configuring Your Elastic Beanstalk Environment's Load Balancer to Terminate HTTPS:
#### http://docs.aws.amazon.com/elasticbeanstalk/latest/dg/configuring-https-elb.html
####
#### Terminating HTTPS on EC2 Instances Running Docker:
#### http://docs.aws.amazon.com/elasticbeanstalk/latest/dg/https-singleinstance-docker.html
###################################################################################################
files:
"/etc/nginx/sites-available/elasticbeanstalk-nginx-docker-proxy.conf":
owner: root
group: root
mode: "000644"
content: |
map $http_upgrade $connection_upgrade {
default "upgrade";
"" "";
}
server {
listen 80;
gzip on;
gzip_comp_level 4;
gzip_types text/html text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
if ($time_iso8601 ~ "^(\d{4})-(\d{2})-(\d{2})T(\d{2})") {
set $year $1;
set $month $2;
set $day $3;
set $hour $4;
}
access_log /var/log/nginx/healthd/application.log.$year-$month-$day-$hour healthd;
access_log /var/log/nginx/access.log;
location / {
if ($http_x_forwarded_proto = "http") {
set $redirect "https";
}
if ($http_x_forwarded_proto = "ws") {
set $redirect "wss";
}
if ($http_user_agent ~* "ELB-HealthChecker") {
set $redirect "nope";
}
if ($redirect = "https") {
return 301 https://$host$request_uri;
}
if ($redirect = "wss") {
return 301 wss://$host$request_uri;
}
proxy_pass http://docker;
proxy_http_version 1.1;
proxy_set_header Connection $connection_upgrade;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.