nginx - 入口 nginx 从 www 重定向到 https
问题描述
我正在尝试使用 ingress-nginx 将http://www ... 和https://www ... 重定向到 https://...。我怎样才能做到这一点?
我尝试使用注释nginx.ingress.kubernetes.io/server-snippet和添加以下自定义配置nginx.ingress.kubernetes.io/configuration-snippet:
# 1
if($host = "www.example.com") {
return 308 https://example.com$request_uri;
}
# 2
server {
server_name www.example.com;
return 308 https://example.com$request_uri;
}
# 3
server_name www.example.com;
return 308 https://example.com$request_uri;
但我在 #1 的 nginx 控制器日志中收到错误:
2019/12/07 20:58:47 [emerg] 48898#48898: unknown directive "if($host" in /tmp/nginx-cfg775816039:418
nginx: [emerg] unknown directive "if($host" in /tmp/nginx-cfg775816039:418
nginx: configuration file /tmp/nginx-cfg775816039 test failed
对于#2,我收到一个错误,即在该位置不允许服务器块,并且使用#3 会导致无限重定向。我的入口 yaml 如下所示:
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: ingress-nginx
annotations:
kubernetes.io/ingress.class: "nginx"
kubernetes.io/ingress.global-static-ip-name: "example-com"
nginx.ingress.kubernetes.io/rewrite-target: "/"
nginx.ingress.kubernetes.io/ssl-redirect: "true"
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
nginx.ingress.kubernetes.io/proxy-read-timeout: "86400s"
nginx.ingress.kubernetes.io/proxy-send-timeout: "86400s"
nginx.ingress.kubernetes.io/proxy-body-size: "100m"
nginx.ingress.kubernetes.io/limit-rps: "20"
nginx.ingress.kubernetes.io/client-max-body-size: "100m"
nginx.ingress.kubernetes.io/configuration-snippet: |
# see above
spec:
tls:
- hosts:
- example.com
secretName: certificate-secret
rules:
- host: sub.example.com
http:
paths:
- backend:
serviceName: service-sub
servicePort: 1234
# more subdomains here
- host: example.com
http:
paths:
- backend:
serviceName: service-example
servicePort: 1235
- host: "*.example.com"
http:
paths:
- backend:
serviceName: service-example-wildcard
servicePort: 1236
我也尝试过设置nginx.ingress.kubernetes.io/from-to-www-redirect: "true"注释,但这会导致不同的错误:
2019/12/07 21:20:34 [emerg] 51558#51558: invalid server name or wildcard "www.*.example.com" on 0.0.0.0:80
nginx: [emerg] invalid server name or wildcard "www.*.example" on 0.0.0.0:80
nginx: configuration file /tmp/nginx-cfg164546048 test failed
解决方案
好,我知道了。if修复后缺少的空间。谢谢 mdaniel :) 这是一个可以将任何内容重定向到https://...without的工作配置www:
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: ingress-nginx-integration
namespace: integration
annotations:
kubernetes.io/ingress.class: "nginx"
kubernetes.io/ingress.global-static-ip-name: "example-com"
nginx.ingress.kubernetes.io/rewrite-target: "/"
nginx.ingress.kubernetes.io/ssl-redirect: "true"
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
nginx.ingress.kubernetes.io/proxy-read-timeout: "86400s"
nginx.ingress.kubernetes.io/proxy-send-timeout: "86400s"
nginx.ingress.kubernetes.io/proxy-body-size: "100m"
nginx.ingress.kubernetes.io/limit-rps: "20"
nginx.ingress.kubernetes.io/client-max-body-size: "100m"
nginx.ingress.kubernetes.io/configuration-snippet: |
if ($host = "www.example.com") {
return 308 https://example.com$request_uri;
}
spec:
tls:
- hosts:
- example.com
secretName: certificate-integration-secret
rules:
- host: subdomain.example.com
http:
paths:
- backend:
serviceName: service-emviwiki
servicePort: 4000
# ... more rules, NO www here
推荐阅读
- javascript - 如何将十进制值从右向左移动?
- unit-testing - 在添加新代码后修复现有的 JUnit 以使其通过是一种好习惯吗?
- c# - ASP.NET MVC 通用存储库实现和使用
- javascript - Axios FormData()获取空对象
- python - Jupyter 笔记本因“内核没有响应”而失败
- python-3.x - Python:将目录从远程机器(Linux/Windows)复制到本地机器(Windows)
- python - Matlab 到 Python 的转换:“poissinv”函数
- python - 如何在 MyHDL 中接收输入总线?
- typescript - 将表单 TypeScript 1.8.10 升级到 3.1.6
- css - 问题 Firefox 文本溢出:子元素上的省略号