certbot 生成的配置文件上的 nginx www 到非 www
ngnix www to no-www on config file generated by certbot
我正在尝试获取对 example.com 以及 www.example.com 的请求,以便在下面显示的配置文件中转到 https://example.com。该文件与 certbot 生成的文件完全相同。
将两个 return 301 语句更改为
return 301 https://example.com$request_uri;
没有工作,因为 https://www.example.com 仍然去 https://www.example.com 而不是想要的 https://example.com
如果有人能指出获得预期结果所需的确切更改,我们将不胜感激。简化说明将是一个好处,因为我对 nginx 和 certbot 都很陌生。谢谢。
server {
root /var/www/html/drupal;
index index.php index.html index.htm;
server_name example.com www.example.com;
location / {
try_files $uri /index.php?$query_string;
}
location @rewrite {
rewrite ^/(.*)$ /index.php?q=;
}
location ~ [^/]\.php(/|$) {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location ~ ^/sites/.*/files/styles/ {
try_files $uri @rewrite;
}
location ~ ^(/[a-z\-]+)?/system/files/ {
try_files $uri /index.php?$query_string;
}
listen [::]:443 ssl; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = www.example.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = example.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
listen [::]:80;
server_name example.com www.example.com;
return 404; # managed by Certbot
}
打开括号更清晰。
创建 2 个而不是一个 443 侦听器。与 80 个相同。
这样你就更容易知道什么在做什么,每对主机和模式一个配置。
server {
listen 80;
listen [::]:80;
server_name www.example.com; #this will only listen to http://www.example.com
location / {
return 301 https://example.com$request_uri; #and will upgrade to https
}
#we don't want that many redirects, so this will go directly to example.com
}
server {
listen 80;
listen [::]:80;
server_name example.com; #this will only listen to http://example.com
location / {
return 301 https://$host$request_uri; #and will upgrade to https
}
}
server {
server_name www.example.com;
location / {
return 301 https://example.com$request_uri #this redirects to non-www
}
listen [::]:443 ssl; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server{
#same server configuration as your first server bracket, only accepting https://example.com and not www.
}
我看到您正在将到达的连接发送到 Drupal,因此认为 Drupal 有一个变量 $base_url ,它所做的任何重定向都是针对该主机的,所以如果它设置为 www.example.com,nginx conf 并不重要,因为 Drupal 本身也可以进行重定向。
希望对您有所帮助,如有问题请评论。
它现在可以工作了,@flaixman。我根据你的建议做了一个改变——只做一个 80 块,因为他们都做了完全相同的事情。所以,这是最终版本:(我希望没有弄乱一些可能会在以后引起问题的东西。)
server {
listen 80;
listen [::]:80;
server_name example.com www.example.com;
location / {
return 301 https://example.com$request_uri;
}
}
server {
server_name www.example.com;
location / {
return 301 https://example.com$request_uri;
}
listen [::]:443 ssl; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server{
root /var/www/html/d8;
index index.php index.html index.htm;
server_name example.com;
location / {
try_files $uri /index.php?$query_string;
}
location @rewrite {
rewrite ^/(.*)$ /index.php?q=;
}
location ~ [^/]\.php(/|$) {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location ~ ^/sites/.*/files/styles/ {
try_files $uri @rewrite;
}
location ~ ^(/[a-z\-]+)?/system/files/ {
try_files $uri /index.php?$query_string;
}
listen [::]:443 ssl; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
我正在尝试获取对 example.com 以及 www.example.com 的请求,以便在下面显示的配置文件中转到 https://example.com。该文件与 certbot 生成的文件完全相同。
将两个 return 301 语句更改为
return 301 https://example.com$request_uri;
没有工作,因为 https://www.example.com 仍然去 https://www.example.com 而不是想要的 https://example.com
如果有人能指出获得预期结果所需的确切更改,我们将不胜感激。简化说明将是一个好处,因为我对 nginx 和 certbot 都很陌生。谢谢。
server {
root /var/www/html/drupal;
index index.php index.html index.htm;
server_name example.com www.example.com;
location / {
try_files $uri /index.php?$query_string;
}
location @rewrite {
rewrite ^/(.*)$ /index.php?q=;
}
location ~ [^/]\.php(/|$) {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location ~ ^/sites/.*/files/styles/ {
try_files $uri @rewrite;
}
location ~ ^(/[a-z\-]+)?/system/files/ {
try_files $uri /index.php?$query_string;
}
listen [::]:443 ssl; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = www.example.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = example.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
listen [::]:80;
server_name example.com www.example.com;
return 404; # managed by Certbot
}
打开括号更清晰。
创建 2 个而不是一个 443 侦听器。与 80 个相同。
这样你就更容易知道什么在做什么,每对主机和模式一个配置。
server {
listen 80;
listen [::]:80;
server_name www.example.com; #this will only listen to http://www.example.com
location / {
return 301 https://example.com$request_uri; #and will upgrade to https
}
#we don't want that many redirects, so this will go directly to example.com
}
server {
listen 80;
listen [::]:80;
server_name example.com; #this will only listen to http://example.com
location / {
return 301 https://$host$request_uri; #and will upgrade to https
}
}
server {
server_name www.example.com;
location / {
return 301 https://example.com$request_uri #this redirects to non-www
}
listen [::]:443 ssl; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server{
#same server configuration as your first server bracket, only accepting https://example.com and not www.
}
我看到您正在将到达的连接发送到 Drupal,因此认为 Drupal 有一个变量 $base_url ,它所做的任何重定向都是针对该主机的,所以如果它设置为 www.example.com,nginx conf 并不重要,因为 Drupal 本身也可以进行重定向。
希望对您有所帮助,如有问题请评论。
它现在可以工作了,@flaixman。我根据你的建议做了一个改变——只做一个 80 块,因为他们都做了完全相同的事情。所以,这是最终版本:(我希望没有弄乱一些可能会在以后引起问题的东西。)
server {
listen 80;
listen [::]:80;
server_name example.com www.example.com;
location / {
return 301 https://example.com$request_uri;
}
}
server {
server_name www.example.com;
location / {
return 301 https://example.com$request_uri;
}
listen [::]:443 ssl; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server{
root /var/www/html/d8;
index index.php index.html index.htm;
server_name example.com;
location / {
try_files $uri /index.php?$query_string;
}
location @rewrite {
rewrite ^/(.*)$ /index.php?q=;
}
location ~ [^/]\.php(/|$) {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location ~ ^/sites/.*/files/styles/ {
try_files $uri @rewrite;
}
location ~ ^(/[a-z\-]+)?/system/files/ {
try_files $uri /index.php?$query_string;
}
listen [::]:443 ssl; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}