Hello to all!
Help please deal with the server settings.
Initial data:
debian server (do not ask why) with such settings:
nginx as a proxy for the return of statics
nodejs and site on it + configured https
I can not:
configure the redirect from http to https, so that when accessing robots.txt and sitemap.xml, they continue to be given over both protocols.
configure socket.io, due to the nginx server, the client socket.io is not connected giving an error 404/403 (depending on the particular nginx configuration option), despite the fact that the socket.io client script follows the specified path directly
configure in nginx the layout of site addresses for 2 servers.
For example:
site.com/ - это будет 1 nodejs сервер site.com/about - это будет 1 nodejs сервер site.com/test - это будет 2 nodejs сервер Ip will be shared, certificate for domains / subdomains too (if this is important)
I will make a reservation in advance: I tried a lot of different settings and combinations of these settings of the nginx server, but this one does not work, then the other
If you have any questions you ask, I can explain everything.
The current nginx config is:
In the SITE.COM config, this is the replaced address, so it does not matter what the word is written in capital letters
server { listen 80; listen [::]:80; server_name SITE.COM www.SITE.COM; location / { return 301 https://$server_name$request_uri; } location /robots.txt { root /home/alex/SITE.COM/www/public/; } } server { # SSL configuration listen 443 default_server ssl; listen [::]:443 ssl; # Имя сервера server_name SITE.COM www.SITE.COM; # Путь к корневому каталогу проектов root /home/alex/SITE.COM/www; # нужно для linux-систем, чтобы правильно отдавались имена файлов на русском charset utf-8; # настроки для сертификатов ssl_stapling on; ssl_stapling_verify on; ssl_session_timeout 24m; ssl_session_cache shared:SSL:10m; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; ssl_ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AES:RSA+3DES:!ADH:!AECDH:!MD5:!DSS; resolver 8.8.8.8 [2001:4860:4860::8888]; # подключаем сертификаты Let's Encrypt ssl_certificate /etc/letsencrypt/live/SITE.COM/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/SITE.COM/privkey.pem; ssl_trusted_certificate /etc/letsencrypt/live/SITE.COM/chain.pem; # принуждаем перейти на https if ($ssl_protocol = "") { # return 301 https://$server_name$request_uri; } # основные настройки location / { proxy_pass http://localhost:3000; proxy_set_header X-Real-IP $remote_addr; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; # WebSocket support (nginx 1.4) proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; } location ~* ^.+\.(jpg|jpeg|gif|png|svg|js|css|mp3|ogg|mp?4|mpe?g|avi|zip|gz|bz2?|rar|swf|woff2)$ { # Путь к корневому каталогу со статическими файлами root /home/alex/SITE.COM/www/public/; } # Логирование access_log /home/alex/SITE.COM/logs/nginx.access.log; error_log /home/alex/SITE.COM/logs/nginx.error.log; } 