问题描述
我的nginx.conf中的服务器声明:
server declaration in my nginx.conf:
listen 1.2.3.4:443 ssl;
root /var/www/myapp/current/public;
ssl on;
ssl_certificate /etc/nginx-cert/server.crt;
ssl_certificate_key /etc/nginx-cert/server.key;
location / {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
if (!-f $request_filename) {
proxy_pass http://upstreamy;
break;
}
}
nginx.conf中的上游声明:
upstream declaration in nginx.conf:
upstream upstreamy {
server unix:/var/www//myapp/shared/sockets/unicorn.sock fail_timeout=0;
}
这个工作正常,myapp可以
this works fine, myapp is reachable as https://somehost
但应用程序正在为重定向生成http url,因此例如在使用devise进行身份验证时,/被重定向而不是https(从rails应用程序的角度来看,无论如何都是http)。
but the app is generating http url's for redirects, so for instance when authenticating with devise, the / is redirected to http://somehost/user/sign_in instead of https (from the viewpoint of the rails app, it's all http anyway).
我试过
proxy_pass https://upstreamy;
但这只是试图加密nginx和运行rails app的独角兽之间的流量。
but that just tries to encrypt traffic between nginx and the unicorns that run the rails app.
我也试过,在application_helper.rb中:
I also tried, in application_helper.rb:
# http://stackoverflow.com/questions/1662262/rails-redirect-with-https
def url_options
super
@_url_options.dup.tap do |options|
options[:protocol] = Rails.env.production? ? "https://" : "http://"
options.freeze
end
但它似乎不起作用。
如何解决这个问题?
编辑:所以,目标不是让rails应用程序需要ssl,或者被迫使用ssl;目标是让rails应用程序在重定向时生成https:// urls ...(我认为所有其他网址都是相对的)。
so, the goal is not to make the rails app to require ssl, or to be forced to use ssl; the goal is to make the rails app generate https:// urls when redirecting... (I think all other urls are relative).
推荐答案
您需要添加以下行:
在
location / {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-Proto https;
proxy_redirect off;
if (!-f $request_filename) {
proxy_pass http://upstreamy;
break;
}
}
这篇关于https重定向代理后面的rails app?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!