Hi All
As soon as I enable theHTTPS block, the website works but it asks me for a password. This is odd given the configuration I use is from another machine and that works fine on that one.
server {
listen 80;
server_name home.nsautomate.com.au;
root /var/www/openhab-cloud;
location ~ /.well-known {
allow all;
}
access_log /var/log/nginx/certbox.log;
error_log /var/log/nginx/certbox.err;
}
server {
listen *:443 ssl;
ssl_certificate /etc/letsencrypt/live/home.nsautomate.com.au/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/home.nsautomate.com.au/privkey.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";
ssl_session_tickets off;
ssl_stapling on;
ssl_stapling_verify on;
resolver 8.8.8.8 8.8.4.4 valid=300s;
resolver_timeout 5s;
add_header Strict-Transport-Security "max-age=63072000; includeSubdomains";
add_header X-Frame-Options DENY;
add_header X-Content-Type-Options nosniff;
server_name home.nsautomate.com.au;
open_file_cache max=10000 inactive=30s;
open_file_cache_valid 60s;
open_file_cache_min_uses 2;
open_file_cache_errors on;
if ( $scheme = "http" ) {
rewrite ^/(.*)$ https://$host/$1 permanent;
}
charset utf-8;
access_log /var/log/nginx/openhabcloud-access.log;
error_log /var/log/nginx/openhabcloud-error.log;
location /css {
alias /var/www/openhab-cloud/public/css;
}
location /js {
alias /var/www/openhab-cloud/public/js;
}
location /img {
alias /var/www/openhab-cloud/public/img;
}
location /bootstrap {
alias /var/www/openhab-cloud/public/bootstrap;
}
location /font-icons {
alias /var/www/openhab-cloud/public/font-icons;
}
location /fonts {
alias /var/www/openhab-cloud/public/fonts;
}
location /js-plugin {
alias /var/www/openhab-cloud/public/js-plugin;
}
location /downloads {
alias /var/www/openhab-cloud/public/downloads;
}
location / {
proxy_pass http://localhost:3000;
proxy_redirect off;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header X-Real-IP $remote_addr ;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for ;
proxy_set_header X-Forwarded-Proto $scheme;
}
location ~ .html$ {
expires off;
proxy_pass http://localhost:3000;
proxy_redirect off;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header X-Real-IP $remote_addr ;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for ;
proxy_set_header X-Forwarded-Proto $scheme;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
Any thoughts? Thanks!