Varnish can serve over HTTPS
using the SSL termination
. I have set up the Nginx server and it is running with SSL
without any problem. I have configured varnish also but it’s serving only on HTTP
.
- Node app is running on
port 2368
- Nginx is working on
port 8080
- Varnish is working on
port 80
- SSL is working on
port 443
NGINX config file
server {
server_name example.com;
root /var/www/example/system/nginx-root; # Used for acme.sh SSL verification (https://acme.sh)
location / {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $http_host;
proxy_pass http://127.0.0.1:2368;
}
location ~ /.well-known {
allow all;
}
client_max_body_size 50m;
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = example.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 8080;
listen [::]:8080;
server_name example.com;
return 404; # managed by Certbot
}
My Nodejs
app is running on port 2368
.
I have tried to add port 80 in proxy_pass
in ssl
server block. It was giving the right headers but the browser was showing the error of too many redirections.
How can I serve varnish cache on https
now?
I don’t to use hitch
2
Answers
The problem sounds a lot like a protocol-based redirection problem.
Based on your information here’s my assumption:
X-Forwarded-Proto
header to detect the request protocolX-Forwarded-Proto
header is nothttps
, an HTTPS redirect takes placeTo tackle this, make sure your Node app returns the following response header:
This will make sure that Varnish creates a cache variation per protocol. This will eliminate the redirection loop problem.
Try this. These are my configs from an Ubuntu LEMP Digital Ocean Droplet running Nginx, Varnish and PHP-fpm. It also has the redirects to forward all traffic to https://wwww
The files are:
default.vcl
nginx.conf
varnish_daemon
This is the code from "nano /etc/default/varnish"
varnish.service
This is the code from "nano /lib/systemd/system/varnish.service"