0

This is my nginx config:

server {
  listen 80;
  server_name example.com;
  server_tokens off;

  location /.well-known/acme-challenge/ {
    root /var/www/certbot;
  }

  location / {
    proxy_pass http://frontend:4200;
#     return 301 https://$host$request_uri;
  }

  location /api {
    proxy_pass http://backend:8080;
    rewrite ^/api/(.*) /$1 break;
  }
}

How to creacte both: redirect to 301 https://$host$request_uri; and proxy_pass http://frontend:4200;

If uncomment this string # return 301 https://$host$request_uri; I see only redirect.

Improve this question
1
  • Please add more information to your question by editing it: 1. Should both "backend" and "frontend" be reachable from public internet? If yes, why backend traffic is not encrypted? 2. Is either "frontend" or "backend" located in "localhost"?
    – Tero Kilkanen
    Jul 24, 2022 at 7:41

1 Answer 1

Reset to default
0

If you want to serve your backend only via HTTPS, then you need to define your backend in HTTPS server block, for example like this:

# HTTP server for redirect
server {
    listen 80;
    server_name example.com;
    server_tokens off;

    return 301 https://$host$request_uri;
}

# HTTPS server for application
server {
    listen 443 ssl http2;
    ssl_certificate /path/to/example.com.crt;
    ssl_certificate_key /path/to/example.com.key;
    server_name example.com;
    server_tokens off;

    location / {
        proxy_pass http://frontend:4200;
    }

    location /api {
        proxy_pass http://backend:8080;
        rewrite ^/api/(.*) /$1 break;
    }
}
Improve this answer
0

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .