1

I have set up a reverse proxy to allow our CD software to be accessed through HTTPS.

This is my configuration:

server {
        listen          443;
        server_name     build.example.com;

        ssl_certificate           /etc/ssl/certs/example.com.crt;
        ssl_certificate_key       /etc/ssl/private/example.com.key;

        ssl                       on;
        ssl_session_cache         builtin:1000 shared:SSL:10m;
        ssl_protocols             TLSv1 TLSv1.1 TLSv1.2;
        ssl_ciphers               HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;
        ssl_prefer_server_ciphers on;

        access_log                /var/log/nginx/example.access.log;

        location / {
                proxy_set_header    Host $host;
                proxy_set_header    X-Real-IP $remote_addr;
                proxy_set_header    X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header    X-Forwarded-Proto $scheme;

                proxy_pass          http://localhost:7777;
                proxy_read_timeout  90;

                proxy_redirect      http://localhost:7777 https://build.example.com;
        }
        location /socket.io/ {
                proxy_pass          http://localhost:7777;
                proxy_http_version  1.1;
                proxy_set_header    Upgrade $http_upgrade;
                proxy_set_header    Connection "upgrade";
        }
}

I've now set up a GitHub webhook to communicate with our CD when we push new commits to GitHub. But GitHub receives a 301 reply when it tries to invoke the webhook.

The request for /api/github/webhook gets a 301 redirect reply to /api/github/webhook/ and GitHub doesn't like that.

I don't understand why nginx is sending that reply. How can I get it to send the request to the CD application that is being proxied?

Oliver Salzburg
  • 4,635
  • 17
  • 55
  • 82
  • 1
    There are no redirects in this configuration. Check your application. – Michael Hampton Feb 06 '15 at 17:11
  • @MichaelHampton: I know there aren't, which is why I'm confused. When I tell GitHub to redeliver the payload, I don't even see any HTTP requests in the application log, which is why I assumed the problem would be with nginx. I'll definitely look into all possibilities though. – Oliver Salzburg Feb 06 '15 at 20:03

1 Answers1

1

There was an http/https configuration mismatch in our CD configuration.

We use strider and you have to tell it the location of your service with the SERVER_NAME environment variable. I put in the correct hostname, but missed to replace http with https.

Oliver Salzburg
  • 4,635
  • 17
  • 55
  • 82