Geek Answers Handbook

AWS EB - redirect all traffic to https

The nodejs application is deployed on AWS EB. I already configured the https server and it works fine. Now I need to redirect every non-HTTPS request to https using www. as a prefix, for example:

GET example.com => https://www.example.com

I use nginx and my EB instance is the only instance without load balancing in front of it.

I created a configuration file in the .ebextensions folder with this code

Resources:
  sslSecurityGroupIngress:
    Type: AWS :: EC2 :: SecurityGroupIngress
    Properties:
      GroupId: {"Fn :: GetAtt": ["AWSEBSecurityGroup", "GroupId"]}
      IpProtocol: tcp
      ToPort: 443
      FromPort: 443
      CidrIp: 0.0.0.0/0

files:
  /etc/nginx/conf.d/999_nginx.conf:
    mode: "000644"
    owner: root
    group: root
    content: |

      upstream nodejsserver {
        server 127.0.0.1:8081;
        keepalive 256;
      }

      # HTTP server

      server {
        listen 8080;
        server_name localhost;
        return 301 https: // $ host $ request_uri;
      }

      # HTTPS server

      server {
        listen 443;
        server_name localhost;

        ssl on;
        ssl_certificate /etc/pki/tls/certs/server.crt;
        ssl_certificate_key /etc/pki/tls/certs/server.key;

        ssl_session_timeout 5m;

        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        ssl_ciphers "EECDH + AESGCM: EDH + AESGCM: AES256 + EECDH: AES256 + EDH";
        ssl_prefer_server_ciphers on;

        location / {
          proxy_pass http: // nodejsserver;
          proxy_set_header Connection "";
          proxy_http_version 1.1;
          proxy_set_header Host $ host;
          proxy_set_header X-Real-IP $ remote_addr;
          proxy_set_header X-Forwarded-For $ proxy_add_x_forwarded_for;
          proxy_set_header X-Forwarded-Proto https;
        }
      }

  /etc/pki/tls/certs/server.crt:
    mode: "000400"
    owner: root
    group: root
    content: |
      ----- BEGIN CERTIFICATE -----
      my crt
      ----- END CERTIFICATE -----

  /etc/pki/tls/certs/server.key:
    mode: "000400"
    owner: root
    group: root
    content: |
      ----- BEGIN RSA PRIVATE KEY -----
      my key
      ----- END RSA PRIVATE KEY -----

  /etc/nginx/conf.d/gzip.conf:
    content: |
      gzip on;
      gzip_comp_level 9;
      gzip_http_version 1.0;
      gzip_types text / plain text / css image / png image / gif image / jpeg application / json application / javascript application / x-javascript text / javascript text / xml application / xml application / rss + xml application / atom + xml application / rdf + xml;
      gzip_proxied any;
      gzip_disable "msie6";

commands:
   00_enable_site:
    command: 'rm -f / etc / nginx / sites-enabled / *'

I'm sure aws takes my configuration into account because ssl is working fine. But the http block is not working. No redirection.

Perhaps my problem is overwriting the original nginx EB configuration, do you know how to do this?

Can you help me please? I have tried a lot of things.

thank

+4
1

, , EB /etc/nginx/conf.d/00_elastic_beanstalk_proxy.conf, 8080. , , Nginx 8080.

, . .

https://github.com/jozzhart/beanstalk-single-forced-ssl-nodejs-pm2/blob/master/.ebextensions/https-redirect.config

+4

More articles:


All Articles