dpp42324 2019-01-20 04:43
浏览 220
已采纳

使用SSL在Nginx反向代理后面运行Go服务器

I've done some digging through the interwebs and haven't been able to come across anything similar (at least near any solution that has worked out for me).

Essentially, I am running a Golang server locally on 127.0.0.1:1337, I want this to be accessible globally so I use Nginx to forward traffic from https://api.example.com/ to my API to retrieve information.

With that being said, I have simply setup my Golang server to listen and serve on port 1337 and my Nginx configuration is setup to redirect all HTTP traffic (for all domains) to HTTPS:

server {
    listen 80 default_server;

    server_name _; 
    return 301 https://$host$request_uri;
}

and then I redirect traffic to port 1337 here:

server {
    server_name api.example.com;
    location / {
        proxy_pass http://127.0.0.1:1337;
    }

    listen 443 ssl;
    ssl_certificate_key /etc/nginx/ssl/private.key;
    ssl_certificate /etc/nginx/ssl/cert.crt;   
}

The issue with this is that I find myself to keep getting redirects from HTTPS to HTTP (as per wget) and I end up getting a Too Many Redirects error.

If anyone can provide some guidance, I'd very much appreciate it!

  • 写回答

1条回答 默认 最新

  • dshp9580656 2019-01-20 07:34
    关注

    server_name _; matches server name that can not find matches.

    I have done that before.

    See my nginx config to proxy api backend:

    # ssl
    ssl_certificate      /etc/nginx/cert/live/ybilly.com/fullchain.pem;
    ssl_certificate_key  /etc/nginx/cert/live/ybilly.com/privkey.pem;
    
    # http to https
    server {
      listen 80 default_server;
      listen [::]:80 default_server;
      server_name ybilly.com www.ybilly.com *.ybilly.com;
      return 301 https://$host$request_uri;
    }
    
    # api backend
    server {
      listen 443 ssl http2;
      listen [::]:443 ssl http2;
      server_name *.ybilly.com;
    
      location / {
        add_header Access-Control-Allow-Origin *;
        add_header Access-Control-Allow-Methods 'GET, POST, OPTIONS';
        add_header Access-Control-Allow-Headers 'DNT,X-Mx-ReqToken,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization';
        proxy_set_header Host $host;
        proxy_set_header X-Real-Ip $remote_addr;
        proxy_set_header X-Forwarded-For $remote_addr;
        proxy_pass_header Set-Cookie;
        proxy_read_timeout                 900;
        proxy_buffers 32 4k;
        proxy_pass http://127.0.0.1:8080/;
      }
    
    }
    
    
    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 使用rabbitMQ 消息队列作为url源进行多线程爬取时,总有几个url没有处理的问题。
  • ¥85 maple软件,solve求反函数,出现rootof怎么办?
  • ¥15 求chat4.0解答一道线性规划题,用lingo编程运行,第一问要求写出数学模型和lingo语言编程模型,第二问第三问解答就行,我的ddl要到了谁来求了
  • ¥15 Ubuntu在安装序列比对软件STAR时出现报错如何解决
  • ¥50 树莓派安卓APK系统签名
  • ¥15 maple软件,用solve求反函数出现rootof,怎么办?
  • ¥65 汇编语言除法溢出问题
  • ¥15 Visual Studio问题
  • ¥20 求一个html代码,有偿
  • ¥100 关于使用MATLAB中copularnd函数的问题