Unable to setup SSL with Nginx + Prerender + Meteor

你说的曾经没有我的故事 提交于 2019-12-10 11:51:17

问题


I am having trouble configuring nginx to return the prerendered html when using HTTPS.

  • nginx, prerender and my meteor app runs on the same server.
  • prerender is in port 3033
  • meteor app is in port 112

In meteor I have configured it to to point to the localhost:3033 for prerendering.

With the following no-SSL configuration, Facebook's tool is able to scrape my site successfully:

server {
    listen 80;
    server_name sample.com www.sample.com;

    # strip the "www" subdomain
    if ($host ~* ^www\.(.*)) {
        set $host_without_www $1;
        rewrite ^(.*) http://$host_without_www$1 permanent;
    }

    location / {
        # app is running in port 112 in the same server
        proxy_pass http://127.0.0.1:112;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_set_header Host $host;
        proxy_cache_bypass $http_upgrade;
    }
}

However when I started using SSL Facebook is not able to scrape the site.

server {
    listen 443 ssl;
    server_name sample.com www.sample.com;

    ssl_certificate /etc/letsencrypt/live/sample.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/sample.com/privkey.pem;

    # strip the "www" subdomain
    if ($host ~* ^www\.(.*)) {
        set $host_without_www $1;
        rewrite ^(.*) http://$host_without_www$1 permanent;
    }

    location ~ /.well-known {
        allow all;
    }
    location / {
        # app is running in port 112 in the same server
        proxy_pass http://127.0.0.1:112;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_set_header Host $host;
        proxy_cache_bypass $http_upgrade;
    }
}
# redirect to https
server {
    listen 80;
    server_name sample.com www.sample.com;
    return 301 https://$host$request_uri;
}

One observation is that every time I run the FB tool with an HTTPS say https://sample.com/, in prerender logs it says getting http://sample.com (not HTTPS!).

Manually running a curl command is successful

curl http://sample.com:3033/https://sample.com

Somewhere in between is clearly converting the protocol https to http.


回答1:


Sounds like you are terminating SSL at the load balancer or something similar. In the prerender config you should just force the protocol to be https when sending the URL to your prerender server.




回答2:


It seems that my nginx configuration was fine after all.

I ended up following the code here.

  1. I added prerender-node from npm

    meteor npm install --save prerender-node

  2. I created /client/prerender-head.html

    <head><meta name="fragment" content="!"></head>

  3. I created /server/prerender.js

Note the part that we are forcing the protocol to be https (similar to what @Prerender.io suggested)

var prerenderio = Npm.require('prerender-node');
var token;
var serviceUrl;
var settings = Meteor.settings.PrerenderIO;

// token
token = process.env.PRERENDERIO_TOKEN || (settings && settings.token);

// service url (support `prerenderServiceUrl` (for historical reasons) and `serviceUrl`)
serviceUrl = settings && (settings.prerenderServiceUrl || settings.serviceUrl);
serviceUrl = process.env.PRERENDERIO_SERVICE_URL || serviceUrl;

if (token) {
  if (serviceUrl) prerenderio.set('prerenderServiceUrl', serviceUrl);
  prerenderio.set('prerenderToken', token);

  prerenderio.set('afterRender', function afterRender(error) {
    if (error) {
      console.log('prerenderio error', error); // eslint-disable-line no-console
      return;
    }
  });

  prerenderio.set('protocol', 'https');

  WebApp.rawConnectHandlers.use(prerenderio);
}
  1. Created /settings.json

Change the serviceUrl to wherever your prerender instance is running.

{
  "PrerenderIO": {
      "serviceUrl": "http://localhost:3033/",
      "token": "yourtoken"
  }
}
  1. run the app with meteor --settings settings.json


来源:https://stackoverflow.com/questions/36967599/unable-to-setup-ssl-with-nginx-prerender-meteor

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!