captcha

About

Username
captcha
Joined
Visits
5
Last Active
Roles
Member
Points
2
  • https site not shown in public list

    Done!

    I had two scenarios that didn't work, see below.

    • connect to http://<mysite>:8073
    • connect to http://<mysite>:8074 (now fixed)
    • connect to https://<mysite>:8073 (now fixed)
    • connect to https://<mysite>:8074

    In the list of stations, kiwisdr.com still lists my station as a http site, but at least it's back on.

    Whatever way visitors connect, the link will always be upgraded to https. The biggest bonus is that it's no longer interfering with browsers wanting to prefer https once they've seen it available on a domain.

    I might spend some more time in the future to see if I can have it running all over 8073 again, but for now I'm pretty happy with how it works.


    For those interested in the details:

    Raspberry Pi B+ Rev1.2

    Raspbian 10.10

    Nginx 1.14.2-2


    # /etc/nginx/sites-available/kwisdr-reverseproxy.conf

    server {

       listen 10.0.0.10:8073; # listen on 8073

       server_name www.marcelpost.com:8073;


       ssl on;

       ssl_certificate     /etc/letsencrypt/live/www.marcelpost.com/fullchain.pem;

       ssl_certificate_key /etc/letsencrypt/live/www.marcelpost.com/privkey.pem;


       # redirect any incoming http to https and port 8074

        return 301 https://www.marcelpost.com:8074$request_uri;

    }


    server {

       listen         10.0.0.10:8074; # listen on 8074

       server_name    www.marcelpost.com:8074;


       ssl on;

       ssl_certificate     /etc/letsencrypt/live/www.marcelpost.com/fullchain.pem;

       ssl_certificate_key /etc/letsencrypt/live/www.marcelpost.com/privkey.pem;


       # takes care of http connections on 8074 (redirect to https 8074)

        error_page 497 https://$host:$server_port$request_uri;


       location / {

           proxy_buffering    off;

           proxy_set_header   Host $http_host;

           proxy_set_header   X-Real-IP $remote_addr;

           proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;

           proxy_set_header   X-Forwarded-Proto http;

            proxy_pass          http://10.0.1.20:8074;  # server ip address of KiwiSDR


       }

    }


    The only other thing I had to change in /etc/nginx.conf was to uncomment:

    server_names_hash_bucket_size 64;

    This may not be necessary but I had this 'could not build server_names_hash' error which was fixed by uncommenting the above line.


    Thanks everyone for their input.

    Powernumptyrz3dvp