我們使用Nginx的當前負載平衡,力SSL的請求,並終止SSL連接,因爲它們代理到內部應用服務器。它並不具備奇特的負載平衡功能,但Nginx的體積小巧而且足夠快,可以放在任何地方。
下面的代碼位可能需要:
# listen on port 80 and redirect to SSL.
server {
listen 80;
server_name site.com;
rewrite ^https://$server_name$request_uri? permanent;
}
# listen on port 443, terminate SSL, and proxy to internal web app
# can be node, rails, whatever.
server {
listen 443;
server_name site.com;
gzip on;
client_max_body_size 250M;
ssl on;
ssl_certificate /etc/nginx/site.com.crt;
ssl_certificate_key /etc/nginx/site.com.key;
keepalive_timeout 70;
location/{
proxy_pass http://127.0.0.1:8080;
# We add this extra header just so proxied web app
# knows this used to be an SSL connection.
proxy_set_header x-https 1;
include /etc/nginx/conf.d/proxy.conf;
}
}
現在有一種正確的方式在Django中正確構建URL,這意味着不必依賴中間件或Web服務器配置來重定向每次點擊。請參閱下面的回覆 - 首先使用正確的協議構建網址。 – lukewarm