1
我在nginx服務器上運行我的rails應用程序。我正在嘗試使平臺HTTPS安全。我購買了SSL證書並將其配置在EC2實例上,並相應地配置了nginx.conf文件。在完成所有工作後,我在瀏覽器上輸入了domain.com。第一次它重定向到https。但就是這樣。只有主頁被HTTPS應用程序的其餘爲我開拓仍然在HTTPRails應用程序SSL未應用於整個平臺。
我附上我的nginx.conf文件和配置/環境/ production.rb文件去:
nginx.conf
upstream puma {
server unix:///home/deploy/apps/appname/shared/tmp/sockets/appname-puma.sock;
}
server {
#listen 80 default_server deferred;
listen 80;
listen 443 default ssl;
server_name domain.com;
ssl_certificate /etc/nginx/ssl/5532202b90020bc.crt;
ssl_certificate_key /etc/nginx/ssl/domain.key;
root /home/deploy/apps/vendaxoprod/current/public;
access_log /home/deploy/apps/appname/current/log/nginx.access.log;
error_log /home/deploy/apps/appname/current/log/nginx.error.log info;
#location ^~ /assets/ {
#gzip_static on;
#expires max;
#add_header Cache-Control public;
#}
location ^~ /(assets|fonts|swfs|images)/ {
gzip_static on;
expires max;
add_header Cache-Control public;
}
try_files $uri/index.html $uri @puma;
location @puma {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_pass http://puma;
}
}
配置/環境/ production.rb
Rails.application.configure do
# Settings specified here will take precedence over those in config/application.rb.
# Code is not reloaded between requests.
Rails.application.config.assets.precompile += %w(*.js ^[^_]*.css *.css.erb)
config.cache_classes = true
# Eager load code on boot. This eager loads most of Rails and
# your application in memory, allowing both threaded web servers
# and those relying on copy on write to perform better.
# Rake tasks automatically ignore this option for performance.
config.eager_load = true
# Full error reports are disabled and caching is turned on.
config.consider_all_requests_local = true
config.action_controller.perform_caching = true
config.action_mailer.raise_delivery_errors = true
# Enable Rack::Cache to put a simple HTTP cache in front of your application
# Add `rack-cache` to your Gemfile before enabling this.
# For large-scale production use, consider using a caching reverse proxy like
# NGINX, varnish or squid.
# config.action_dispatch.rack_cache = true
# Disable serving static files from the `/public` folder by default since
# Apache or NGINX already handles this.
#config.serve_static_assets = ENV['RAILS_SERVE_STATIC_FILES'].present?
config.serve_static_assets = false
# Compress JavaScripts and CSS.
config.assets.js_compressor = :uglifier
# config.assets.css_compressor = :sass
# Do not fallback to assets pipeline if a precompiled asset is missed.
config.assets.compile = true
#config.assets.precompile = ['*.js', '*.css', '*.css.erb']
# Asset digests allow you to set far-future HTTP expiration dates on all assets,
# yet still be able to expire them through the digest params.
config.assets.digest = true
# `config.assets.precompile` and `config.assets.version` have moved to config/initializers/assets.rb
# Specifies the header that your server uses for sending files.
# config.action_dispatch.x_sendfile_header = 'X-Sendfile' # for Apache
# config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for NGINX
# Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
config.force_ssl = false
# Use the lowest log level to ensure availability of diagnostic information
# when problems arise.
config.log_level = :debug
config.action_mailer.default_url_options = { host: ENV["SMTP_HOST"] }
config.action_mailer.asset_host = ENV["SMTP_HOST"]
# config.action_mailer.delivery_method = :letter_opener
config.action_mailer.raise_delivery_errors = false
config.action_mailer.delivery_method = :smtp
config.action_mailer.smtp_settings = {
#Enter the smtp provider here ex: smtp.mandrillapp.com
address: ENV["SMTP_ADDRESS"],
port: ENV['SMTP_PORT'].to_i,
#Enter the smtp domain here ex: vendaxo.com
domain: ENV["SMTP_DOMAIN"],
#Enter the user name for smtp provider here
user_name: ENV["SMTP_USERNAME"],
#Enter the password for smtp provider here
password: ENV["SMTP_PASSWORD"],
authentication: 'plain',
enable_starttls_auto: true
}
# Prepend all log lines with the following tags.
# config.log_tags = [ :subdomain, :uuid ]
# Use a different logger for distributed setups.
# config.logger = ActiveSupport::TaggedLogging.new(SyslogLogger.new)
# Use a different cache store in production.
# config.cache_store = :mem_cache_store
# Enable serving of images, stylesheets, and JavaScripts from an asset server.
# config.action_controller.asset_host = 'http://assets.example.com'
# Ignore bad email addresses and do not raise email delivery errors.
# Set this to true and configure the email server for immediate delivery to raise delivery errors.
# Enable locale fallbacks for I18n (makes lookups for any locale fall back to
# the I18n.default_locale when a translation cannot be found).
config.i18n.fallbacks = true
# Send deprecation notices to registered listeners.
config.active_support.deprecation = :notify
# Use default logging formatter so that PID and timestamp are not suppressed.
config.log_formatter = ::Logger::Formatter.new
# Do not dump schema after migrations.
config.active_record.dump_schema_after_migration = false
end
確保應用程序內的所有鏈接都是相對的。 –
所有鏈接。一切都是動態的。如果你想我添加任何特定的文件信息,我可以添加。 @TheWhizofOz – user3576036