Infinite redirect for Nginx ProxyPass
TheArctesian opened this issue · comments
If you're having trouble using Certbot and aren't sure you've found a bug or
request for a new feature, please first try asking for help at
https://community.letsencrypt.org/. There is a much larger community there of
people familiar with the project who will be able to more quickly answer your
questions.
My operating system is (include version):
Arch-6.0.2
I installed Certbot with (snap, OS package manager, pip, certbot-auto, etc):
pacamn -S certbot certbot-nginx
certbot-nginx is not in the pacman package so I installed it separately
I ran this command and it produced this output:
I had a very simple http nginx proxy pass
worker_processes 1;
events {
worker_connections 1024;
}
http {
server {
listen 80;
server_name www.danielokita.com;
location / {
proxy_pass http://172.104.177.135:3333/;
}
}
}
This work fine so I added https with certbot --nginx
My config then looked like
worker_processes 1;
events {
worker_connections 1024;
}
http {
server {
server_name danielokita.com www.danielokita.com;
location / {
proxy_pass http://172.104.177.135:3333/;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/danielokita.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/danielokita.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = danielokita.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name danielokita.com www.danielokita.com;
return 404; # managed by Certbot
}}
Certbot's behavior differed from what I expected because:
The website reloads every 5 seconds when vising it, one can check this out on this link. The https cert is working fine but something is still wrong.
I tried adding in
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $http_host;
proxy_intercept_errors on;
proxy_pass http://172.104.177.135:3333/;
}
Back same output.
Here is a Certbot log showing the issue (if available):
Logs are stored in /var/log/letsencrypt
by default. Feel free to redact domains, e-mail and IP addresses as you see fit.
There is no problem with the logs so not going to add it, just what it did to my nginx config which I can't figure out why its messing up.
It doesn't look like there's anything wrong with the nginx configuration.
From what I can tell, the reloads are being initiated by the JavaScript in your website. We can't help debug web development issues on this issue tracker, sorry.