How to create auto redirect to 301 https + proxy_pass in NGINX for one location /

Question

This is my nginx config:

server {
  listen 80;
  server_name example.com;
  server_tokens off;

  location /.well-known/acme-challenge/ {
    root /var/www/certbot;
  }

  location / {
    proxy_pass http://frontend:4200;
#     return 301 https://$host$request_uri;
  }

  location /api {
    proxy_pass http://backend:8080;
    rewrite ^/api/(.*) /$1 break;
  }
}

How to creacte both: redirect to 301 https://$host$request_uri; and proxy_pass http://frontend:4200;

If uncomment this string # return 301 https://$host$request_uri; I see only redirect.

Please add more information to your question by editing it: 1. Should both "backend" and "frontend" be reachable from public internet? If yes, why backend traffic is not encrypted? 2. Is either "frontend" or "backend" located in "localhost"? — Tero Kilkanen, Jul 24 '22 at 07:41

score 0 · Accepted Answer · answered Jul 22 '22 at 10:38

If you want to serve your backend only via HTTPS, then you need to define your backend in HTTPS server block, for example like this:

# HTTP server for redirect
server {
    listen 80;
    server_name example.com;
    server_tokens off;

    return 301 https://$host$request_uri;
}

# HTTPS server for application
server {
    listen 443 ssl http2;
    ssl_certificate /path/to/example.com.crt;
    ssl_certificate_key /path/to/example.com.key;
    server_name example.com;
    server_tokens off;

    location / {
        proxy_pass http://frontend:4200;
    }

    location /api {
        proxy_pass http://backend:8080;
        rewrite ^/api/(.*) /$1 break;
    }
}

How to create auto redirect to 301 https + proxy_pass in NGINX for one location /

1 Answers1