OMV: HTTP redirect to HTTPS
-
- OMV 2.x
- gelöst
- tinh_x7
-
-
This was not working???? You should not have to add what I told you with this in the code. And this is why you could not bind to 8080 with the omv-direct file idea I gave you. The above was bound to 8080.
If you look at your whole server config file for the web gui you see the redirection coding is in there:
Code
Alles anzeigencat /etc/nginx/sites-available/openmediavault-webgui server { server_name openmediavault-webgui; root /var/www/openmediavault; index index.php; autoindex off; server_tokens off; sendfile on; large_client_header_buffers 4 32k; client_max_body_size 25M; error_log /var/log/nginx/openmediavault-webgui_error.log error; access_log /var/log/nginx/openmediavault-webgui_access.log combined; location /extjs/ { alias /usr/share/javascript/extjs5/; } location /images/ { alias /var/www/openmediavault/images/; } location ~ \.php$ { try_files $uri = 404; fastcgi_split_path_info ^(.+\.php)(/.+)$; fastcgi_pass unix:/var/run/php5-fpm-openmediavault-webgui.sock; fastcgi_index index.php; fastcgi_read_timeout 60s; include fastcgi_params; } listen [::]:8080 default_server ipv6only=off; if ($scheme = http) { # Force redirection to HTTPS. return 301 https://$host:8443$request_uri; } listen [::]:8443 default_server ipv6only=off ssl deferred; ssl_certificate /etc/ssl/certs/openmediavault-a1885b58-dbe3-4fb9-8775-59f578e9d596.crt; ssl_certificate_key /etc/ssl/private/openmediavault-a1885b58-dbe3-4fb9-8775-59f578e9d596.key; include /etc/nginx/openmediavault-webgui.d/*.conf; }
Redirection should be working with this.
-
Gotcha.
I have removed force SSL/TLS option.
However, when I entered http:// myip.com:8080 or http:// hostname:8080, it directed to OMV webgui, but it isn't HTTPS.
It's supposed to redirect to HTTPS:// myip.com:8443 . -
Put the check mark back in Force SSL. Then test this for redirection. You changed the web gui to 8080
That should get redirected to:
If not tell me what you get ??? Also, you might have to clear your browser cache. Your cache could be the problem.
-
I am setting up this exactly as above to test on a vm.... You made me have to make a cert.... UGH.
-
Yes, it working
Will you be kind and point me how to do this for my OwnCloud also?Thanks a lot, tekkb.
-
It worked for me....
Volker should have told us the web gui would put this redirection in there. It would have saved us a lot of time. I am not using ssl right now. I had to set that up and open ports on the firewall too.
Glad you got it man!!!
-
With owncloud you will have to create a redirection file and add it to nginx. The instructions I gave for standard port should work for OC.
Make file owncloud-redirect
Try these contents:
****First show me the nginx server config file for owncloud that you are using. How did you install OC ???
It will be in one of these locations:
/etc/nginx/sites-enabled
/etc/nginx/sites-available
/etc/nginx/openmediavault-webgui.dPost that info and I look at this tomorrow. I am to bed......
-
I'm currently using Owncloud 8 and MySQL: alternative approach
I found this guide for MariaDB, but I'm not sure this is the right method or not for MySQL: https://www.howtoforge.com/tut…-and-mariadb-on-centos-7/
I noticing that half of the below codes are implemented in Nginx options via OMV webgui.Code
Alles anzeigenConfigure a Virtualhost for OwnCloud The last step is to configure a virtualhost for owncloud. cd /etc/nginx/conf.d/ mv default.conf default add owncloud configuration to /etc/nginx/conf.d/ vim owncloud.conf Paste configuration below : upstream php-handler { server 127.0.0.1:9000; #server unix:/var/run/php5-fpm.sock; } server { listen 80; server_name 192.168.1.101; #YourIP or domain return 301 https://$server_name$request_uri; # redirect all to use ssl } server { listen 443 ssl; server_name 192.168.1.101; #YourIP or domain #SSL Certificate you created ssl_certificate /etc/nginx/cert/owncloud.crt; ssl_certificate_key /etc/nginx/cert/owncloud.key; # owncloud path root /usr/share/nginx/html/owncloud/; client_max_body_size 10G; # set max upload size fastcgi_buffers 64 4K; rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect; rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect; rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect; index index.php; error_page 403 /core/templates/403.php; error_page 404 /core/templates/404.php; location = /robots.txt { allow all; log_not_found off; access_log off; } location ~ ^/(data|config|\.ht|db_structure\.xml|README) { deny all; } location / { # The following 2 rules are only needed with webfinger rewrite ^/.well-known/host-meta /public.php?service=host-meta last; rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; try_files $uri $uri/ index.php; } location ~ ^(.+?\.php)(/.*)?$ { try_files $1 = 404; include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$1; fastcgi_param PATH_INFO $2; fastcgi_param HTTPS on; fastcgi_pass php-handler; } # Optional: set long EXPIRES header on static assets location ~* ^.+\.(jpg|jpeg|gif|bmp|ico|png|css|js|swf)$ { expires 30d; # Optional: Don't log access to assets access_log off; } } systemctl restart nginx mariadb php-fpm
-
If you look at the nginx server configuration file it already contains a redirect for owncloud...
Codeserver { listen 80; server_name 192.168.1.101; #YourIP or domain return 301 https://$server_name$request_uri; # redirect all to use ssl }
If you put in:
it should be redirecting to https.
You could try to alter this redirect a bit.Try this instead:
Codelisten [::]:80 default_server ipv6only=off; if ($scheme = http) { # Force redirection to HTTPS. return 301 https://$host$request_uri; }
After changing you need to restart nginx:
service nginx restart -
FYI: The above codes aren't my configuration.
My server is currently offline.If I create a owncloud-redirect file by using this previous step, and use the above code, OC redirective should work, right?:
Code/etc/nginx/sites-enabled touch omv-redirect chmod 644 omv-redirect chown root:root omv-redirect
-
No, this will not work. The code for the redirect is not correct for a single file. Compare it to my example on my 1st post on page 1. It would be best to include it in the main nginx server config file for owncloud.
-
Am I change file openmediavault-nginx in /etc/nginx/sites-available?
Here's my OC config:Code
Alles anzeigen/etc/nginx/sites-available$ cat openmediavault-nginx server { listen [::]:7443 ssl default_server ipv6only=off; ssl_certificate /etc/ssl/certs/openmediavault-a1885b58-dbe3-4fb9-8775-59f578e9d596.crt; ssl_certificate_key /etc/ssl/private/openmediavault-a1885b58-dbe3-4fb9-8775-59f578e9d596.key; set $root_path "/media/82468379-6874-47f3-9a21-615766f2ccab/www/owncloud/"; root $root_path; index index.html index.php; set $socket "unix:/var/run/fpm-c7122b8c-7269-4527-948c-9599e3f8c20c.sock"; location ~ \.php$ { fastcgi_split_path_info ^(.+\.php)(/.+)$; fastcgi_pass $socket; fastcgi_index index.php; include fastcgi_params; } access_log /var/log/nginx/6d535d5a-81ad-401e-aa01-eb0723e5f168-access.log; error_log /var/log/nginx/6d535d5a-81ad-401e-aa01-eb0723e5f168-error.log; large_client_header_buffers 4 8k; # Add headers to serve security related headers add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;"; client_max_body_size 10G; # set max upload size fastcgi_buffers 64 4K; rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect; rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect; rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect; index index.php; error_page 403 /core/templates/403.php; error_page 404 /core/templates/404.php; location = /robots.txt { allow all; log_not_found off; access_log off; } location ~ ^/(data|config|\.ht|db_structure\.xml|README) { deny all; } location / { # The following 2 rules are only needed with webfinger rewrite ^/.well-known/host-meta /public.php?service=host-meta last; rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; try_files $uri $uri/ index.php; } location ~ ^(.+?\.php)(/.*)?$ { try_files $1 = 404; include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$1; fastcgi_param PATH_INFO $2; fastcgi_param HTTPS on; fastcgi_pass $socket; } # Optional: set long EXPIRES header on static assets location ~* ^.+\.(jpg|jpeg|gif|bmp|ico|png|css|js|swf)$ { expires 30d; # Optional: Don't log access to assets access_log off; } }
-
After I changed openmediavault-nginx file, I got an error:
CodeRestarting nginx: nginx: [emerg] bind() to [::]:80 failed (98: Address already in use) nginx: [emerg] bind() to [::]:80 failed (98: Address already in use) nginx: [emerg] bind() to [::]:80 failed (98: Address already in use) nginx: [emerg] bind() to [::]:80 failed (98: Address already in use) nginx: [emerg] bind() to [::]:80 failed (98: Address already in use) nginx: [emerg] still could not bind() nginx.
Here's my new code:
Code
Alles anzeigencat openmediavault-nginx server { listen [::]:80 default_server ipv6only=off; if ($scheme = http) { # Force redirection to HTTPS. return 301 https://$host$request_uri; } ssl_certificate /etc/ssl/certs/openmediavault-65262713-4bbb-4dea-a8f1-38fce9447b9c.crt; ssl_certificate_key /etc/ssl/private/openmediavault-65262713-4bbb-4dea-a8f1-38fce9447b9c.key; set $root_path "/media/82468379-6874-47f3-9a21-615766f2ccab/www/owncloud/"; root $root_path; index index.html index.php; set $socket "unix:/var/run/fpm-c7122b8c-7269-4527-948c-9599e3f8c20c.sock"; location ~ \.php$ { fastcgi_split_path_info ^(.+\.php)(/.+)$; fastcgi_pass $socket; fastcgi_index index.php; include fastcgi_params; } access_log /var/log/nginx/6d535d5a-81ad-401e-aa01-eb0723e5f168-access.log; error_log /var/log/nginx/6d535d5a-81ad-401e-aa01-eb0723e5f168-error.log; large_client_header_buffers 4 8k; # Add headers to serve security related headers add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;"; client_max_body_size 10G; # set max upload size fastcgi_buffers 64 4K; rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect; rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect; rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect; index index.php; error_page 403 /core/templates/403.php; error_page 404 /core/templates/404.php; location = /robots.txt { allow all; log_not_found off; access_log off; } location ~ ^/(data|config|\.ht|db_structure\.xml|README) { deny all; } location / { # The following 2 rules are only needed with webfinger rewrite ^/.well-known/host-meta /public.php?service=host-meta last; rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; try_files $uri $uri/ index.php; } location ~ ^(.+?\.php)(/.*)?$ { try_files $1 = 404; include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$1; fastcgi_param PATH_INFO $2; fastcgi_param HTTPS on; fastcgi_pass $socket; } # Optional: set long EXPIRES header on static assets location ~* ^.+\.(jpg|jpeg|gif|bmp|ico|png|css|js|swf)$ { expires 30d; # Optional: Don't log access to assets access_log off; } }
Edit: I got this error, if I'm using this code:
Codeserver { listen 80; server_name 192.168.1.101; #YourIP or domain return 301 https://$server_name$request_uri; # redirect all to use ssl }
Error:
-
Maybe I should use No-IP for my host name, then I can use Port 80 Redirect service.
-
-
This article could help you
Jetzt mitmachen!
Sie haben noch kein Benutzerkonto auf unserer Seite? Registrieren Sie sich kostenlos und nehmen Sie an unserer Community teil!