https redirection not working correctly

Parzip nginx-forum at
Wed Dec 30 14:36:28 UTC 2015


I am trying to set up nginx to 

- switch from http traffic to https
- send alls https traffic to my odoo backend on port 8069

This is already working for different subdomains, but not for the domain

http://(www.) => https://(www.)
http://(www.) => http://(www.), backend ist beeing loaded
but not secured

1) Why is not beeing redirected to

2) I would like to set up the let's encrypt ssl renewal script described
For this I need to put a file into the webroot folder, but I don't know how
to define this folder... 

Thank you for your help.

This is my "odoo" file in sites-available:

## odoo backend ##
upstream odoo {

## https site##
server {
    listen      443 default;
    server_name *;
    # root        /usr/share/nginx/html;
    # index       index.html index.htm;

    # log files
    access_log  /var/log/nginx/odoo-access.log;
    error_log   /var/log/nginx/odoo-error.log;

    # ssl files
    ssl on;
    ssl_certificate /etc/letsencrypt/live/;
    ssl_certificate_key /etc/letsencrypt/live/;
    keepalive_timeout   60;

    # limit ciphers 
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_prefer_server_ciphers on;
    ssl_ciphers AES256+EECDH:AES256+EDH:!aNULL;

    # proxy buffers
    proxy_buffers 16 64k;
    proxy_buffer_size 128k;

    ## default location ##
    location / {
        proxy_pass  http://odoo;
        # force timeouts if the backend dies
        proxy_next_upstream error timeout invalid_header http_500 http_502
http_503 http_504;
        proxy_redirect off;

        # set headers
        proxy_set_header    Host            $host;
        proxy_set_header    X-Real-IP       $remote_addr;
        proxy_set_header    X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header    X-Forwarded-Proto https;

    # cache some static data in memory for 60mins
    location ~* /web/static/ {
        proxy_cache_valid 200 60m;
        proxy_buffering on;
        expires 864000;
        proxy_pass http://odoo;

## http redirects to https ##
server {
    listen      80;
    server_name *;

    # Strict Transport Security
    add_header Strict-Transport-Security max-age=2592000;
    rewrite ^/.*$ https://$host$request_uri? permanent;

Posted at Nginx Forum:,263786,263786#msg-263786

More information about the nginx mailing list