Closed houli closed 8 years ago
Apologies in advance as I'm new to supporting this plugin. Can you provide the command(s) you used to add the redirects?
I think this has to do with the fact that get_ssl_hostnames
only returns the hostnames from the TLS certificate. I would think that the above referenced nginx config would be function and the only "issue" is that you end up being redirected twice?
redirect_domain:80 -> dokku_domain:80 -> dokku_domain:443
Or is the issue that you're expecting a listener on 443 for each redirected domain and that's not happening?
Yeah the issue is that only the first redirect is getting a listener on 443. The only command I'm doing is dokku redirect:set sub.domain.com dest
for the four different subdomains. The first two server blocks in the screenshot are for the first redirect which properly gets a HTTPS block. The other three below are the remaining three redirects I set.
@houli does this look correct now? (working on a fix locally)
root@dokku:~/dokku# dokku domains node-js-app
=====> Global Domain Name
dokku.me
=====> node-js-app Domain Names
node-js-app.dokku.me
root@dokku:~/dokku# dokku redirect node-js-app
SOURCE DESTINATION
test.dokku.me www.test.dokku.me
root@dokku:~/dokku# cat /home/dokku/node-js-app/nginx.conf | egrep -v "^$"
server {
listen [::]:80;
listen 80;
server_name node-js-app.dokku.me;
access_log /var/log/nginx/node-js-app-access.log;
error_log /var/log/nginx/node-js-app-error.log;
return 301 https://$host:443$request_uri;
}
server {
listen [::]:443 ssl spdy;
listen 443 ssl spdy;
server_name node-js-app.dokku.me;
server_name node-js-app.dokku.me;
access_log /var/log/nginx/node-js-app-access.log;
error_log /var/log/nginx/node-js-app-error.log;
ssl_certificate /home/dokku/node-js-app/tls/server.crt;
ssl_certificate_key /home/dokku/node-js-app/tls/server.key;
keepalive_timeout 70;
add_header Alternate-Protocol 443:npn-spdy/2;
location / {
gzip on;
gzip_min_length 1100;
gzip_buffers 4 32k;
gzip_types text/css text/javascript text/xml text/plain text/x-component application/javascript application/x-javascript application/json application/xml application/rss+xml font/truetype application/x-font-ttf font/opentype application/vnd.ms-fontobject image/svg+xml;
gzip_vary on;
gzip_comp_level 6;
proxy_pass http://node-js-app;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Port $server_port;
proxy_set_header X-Request-Start $msec;
}
include /home/dokku/node-js-app/nginx.conf.d/*.conf;
}
upstream node-js-app {
server 172.17.0.3:5000;
}
server {
listen [::]:80;
listen 80;
server_name test.dokku.me;
return 301 $scheme://www.test.dokku.me$request_uri;
}
server {
listen [::]:443 ssl spdy;
listen 443 ssl spdy;
server_name test.dokku.me;
ssl_certificate /home/dokku/node-js-app/tls/server.crt;
ssl_certificate_key /home/dokku/node-js-app/tls/server.key;
keepalive_timeout 70;
add_header Alternate-Protocol 443:npn-spdy/2;
return 301 $scheme://www.test.dokku.me$request_uri;
}
root@dokku:~/dokku#
@houli You can also pull down my branch from #8 and test locally if you'd like.
Hmm @michaelshobbs I get those last two server blocks for the first redirect. Could you try adding more than just 1 redirect to that app as that is what the problem is?
What do you get when using this branch and how does it differ from what you expect?
@houli bump :)
As demonstrated by the screenshot above only the first of four redirects listed for my application has an HTTPS server block added to the
nginx.conf
.