Fixing ssl redirection in ngnix config create script.

2021-10-05 18:50:13 +00:00
parent 63a4496e5f
commit 056e907622
1 changed files with 28 additions and 32 deletions
--- a/scripts/nginx_config_create.sh
+++ b/scripts/nginx_config_create.sh
@@ -81,21 +81,14 @@ if [[ $HTTPS_PORT != "" ]]; then
 	echo "server {
 listen $HTTPS_PORT ssl;
 server_name $DOMAIN_NAME;
-rewrite_log on;"
-
-	if [[ $REDIRECT_HTTPS != ""  ]]; then
-		echo "return 301 $REDIRECT_HTTPS;"
-	else
-
-		echo "proxy_ssl_server_name on; 
+rewrite_log on;
+proxy_ssl_server_name on; 
 ssl_dhparam /etc/ssl/keys/$DOMAIN/dhparam.pem;
 ssl_certificate /etc/ssl/keys/$DOMAIN/fullchain.pem;
 ssl_certificate_key /etc/ssl/keys/$DOMAIN/key.pem;
 ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
 ssl_prefer_server_ciphers on;
 ssl_ciphers "'"EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS !RC4"'";
-
-		 # Hardening as-per https://gist.github.com/plentz/6737338
 ssl_session_cache shared:SSL:50m;
 ssl_session_timeout 5m;
 ssl_stapling on;"
@@ -111,6 +104,9 @@ location = /$ERROR_PAGE {
 	      }"
 	fi

+	if [[ $REDIRECT_HTTPS != ""  ]]; then
+		echo "return 301 $REDIRECT_HTTPS;"
+	else 
 		echo "location / {"

 			if [[ $HTTP_PORT != "" ]]; then