listen proxy_protocol and rewrite redirect scheme
adrhc
nginx-forum at forum.nginx.org
Sat Sep 17 13:25:50 UTC 2016
Hi, thank you for the hints.
Starting from you suggestion I modified
src/http/ngx_http_header_filter_module.c like this:
#if (NGX_HTTP_SSL)
if (c->ssl || port == 443) {
*b->last++ ='s';
}
#endif
and it works!
But works hand in hand with this nginx configuration (in order to keep
original request's port: 443 for me):
port_in_redirect off;
and it's important for the initial request to come with 443 port. For me the
flow is: request:443 go to sshttp:444 then stunnel:1443 and in the end to
nginx (listen 127.0.0.1:1080 proxy_protocol).
This affects every server where the port is evaluated to 443 which is not
perfect (in odd but possible situation 443 could be a non-ssl port or
someone would want this for simply other ports too).
A perfect solution I think would be one where nginx would allow me to
overwrite somehow the "c->ssl" above with a nginx-custom-variable, let's say
$https_override (on = force c->ssl to evaluate to true; I guess "c->ssl"
takes it's value from $https that's why $https_override ...).
Posted at Nginx Forum: https://forum.nginx.org/read.php?2,269623,269643#msg-269643
More information about the nginx
mailing list