Nginx https反向代理无限循环

Question

15 浏览2023年2月19日

匿名的 2023年2月20日

0 Comments

这是我为Flask应用程序设置的site-available Nginx配置文件：\nserver {\n listen 80;\n server_name _;\n access_log /var/log/nginx/nginx_access.log;\n error_log /var/log/nginx/nginx_error.log;\n rewrite ^ https://$http_host$request_uri? permanent;\n}\nserver {\n listen 443;\n server_name _;\n access_log /var/log/nginx/nginx_access.log;\n error_log /var/log/nginx/nginx_error.log;\n ssl on;\n ssl_certificate /etc/nginx/ssl/.pem;\n ssl_certificate_key /etc/nginx/ssl/.key;\n ssl_session_timeout 5m;\n ssl_protocols TLSv1 TLSv1.1 TLSv1.2;\n ssl_ciphers \"HIGH:!aNULL:!MD5 or HIGH:!aNULL:!MD5:!3DES\";\n ssl_prefer_server_ciphers on;\n location / {\n proxy_pass http://127.0.0.1:5000;\n proxy_redirect off;\n proxy_set_header Host $host;\n proxy_set_header X-Real-IP $remote_addr;\n proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;\n proxy_set_header X-Forwarded-Proto $scheme;\n }\n}\n\n我已经查看了以下问题：Nginx configuration leads to endless redirect loop和nginx redirect loop with ssl。我似乎已经按照这些问题中指定的配置进行设置。\n编辑\nFlask应用程序通过gunicorn/supervisord运行。\nSupervisor config.conf\n[program:config]\ncommand=/usr/local/bin/gunicorn run:app --config /etc/gunicorn/gunicorn.conf --preload\ndirectory=/srv/\nautostart=true\nautorestart=true\nstartretries=10\nstderr_logfile = /var/log/supervisord/-stderr.log\nstdout_logfile = /var/log/supervisord/-stdout.log\nuser=root\n\nGunicorn gunicorn.conf\n

bind = '0.0.0.0:5000'
backlog = 2048
workers = 3
worker_class = 'sync'
worker_connections = 1000
timeout = 30
keepalive = 2
accesslog='/var/log/gunicorn/gunicorn_access.log'
errorlog='/var/log/gunicorn/gunicorn_error.log'
pidfile = '/tmp/gunicorn.pid'
loglevel = 'debug'

\nFlask应用程序\nrun.py\n

from app import app
from app import views
if __name__ == '__main__':
    app.run(host='0.0.0.0', debug=True)

\nview.py\n

from app import app, session
from flask import render_template, json, jsonify
import datetime
@app.route("/hello/")
def render_templates():
    return render_template("display.html")
(... 其他代码 ..)

\n注意：我在Flask应用程序前面有一个ELB。80和443端口是打开的。\n输入：https://example.com/hello/ 输出：重定向循环\n非常感谢您的帮助。提前表示感谢。

0

1 答案

匿名的 · Answer 1 · 2023-05-11T23:25:20+00:00

我找到了问题所在。

Nginx的配置应该是这样的：

server {


    listen                     80;
    server_name                _;
    access_log                 /var/log/nginx/nginx_access.log;
    error_log                  /var/log/nginx/nginx_error.log;
    location / {
        proxy_pass             http://127.0.0.1:5000;
        proxy_set_header       Host $host;
        proxy_set_header       X-Real-IP $remote_addr;
        proxy_set_header       X-Forwarded-For $proxy_add_x_forwarded_for;
    }
}

由于ELB将HTTPS加密转换为HTTP请求，我的先前配置将所有的HTTP请求重定向到HTTPS。