Rocket.Chat Handbook
Search
K

How to set up Nginx HTTP to HTTPS redirection (Default settings)

In case You decide to use this example, place the two config files separately inside /etc/nginx/sites-available and create a symlink for them inside /etc/nginx/sites-enabled (please temporarily remove symlink for your previous configs inside /etc/nginx/sites-enabled . No need to remove them completely)
1. First file name "Default"
  1. 1.
    server {
  2. 2.
    listen 80 default_server;
  3. 3.
    listen [::]:80 default_server;
  4. 4.
    server_name Your_server_address.com
  5. 5.
    return 301 https://$host$request_uri;
  6. 6.
    location /{
  7. 7.
    proxy_pass http://localhost:3000;
  8. 8.
    proxy_http_version 1.1;
  9. 9.
    proxy_set_header Upgrade $http_upgrade;
  10. 10.
    proxy_set_header Connection "upgrade";
  11. 11.
    proxy_set_header Host $http_host;
  12. 12.
    proxy_cache_bypass $http_upgrade;
  13. 13.
    }
  14. 14.
    }
2. Second file name "https.conf"
  1. 1.
    # HTTPS Server
  2. 2.
    server {
  3. 3.
    listen 443 ssl;
  4. 4.
    server_name Your_server_address.com;
  5. 5.
  6. 6.
    # You can increase the limit if your need to.
  7. 7.
    client_max_body_size 200M;
  8. 8.
  9. 9.
    error_log /var/log/nginx/rocketchat.access.log;
  10. 10.
  11. 11.
    ssl_certificate your full cheined certificate location
  12. 12.
    ssl_certificate_key your SSL certificate key location
  13. 13.
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # dont use SSLv3 ref: POODLE
  14. 14.
  15. 15.
    location / {
  16. 16.
    proxy_pass http://localhost:3000;
  17. 17.
    proxy_http_version 1.1;
  18. 18.
    proxy_set_header Upgrade $http_upgrade;
  19. 19.
    proxy_set_header Connection "upgrade";
  20. 20.
    proxy_set_header Host $http_host;
  21. 21.
    proxy_cache_bypass $http_upgrade;
  22. 22.
  23. 23.
    }
  24. 24.
    }