When you visit http://lemmy.world it should redirect to https://lemmy.world - at least the login page should be secure.
I think I now fixed it
Hmm , when I replace this:
http { server { listen 80; server_name lemmy.world; location / { proxy_pass http://lemmy-ui:1234; proxy_set_header Host $host; } }
with this:
http { server { listen 80; server_name lemmy.world; location / { return 301 https://$host$request_uri; } }
it breaks, gives 502 when visiting the site…
ideas? (I’m not that much into nginx…)
Can we get an error log? If no, are you seeing any timeouts in there?
You could try this
this config snippet is assuming thet you’ve already got the TLS cert/pem file for lemmy.world elsewhere in your nginx.config
http { server { listen 80; listen 443 ssl; server_name lemmy.world; if ($scheme = "http") { return 307 https://$host$request_uri; } location / { proxy_pass http://lemmy-ui:1234; proxy_set_header Host $host; } }
If you get redirected to lemmy.world:1234, then add
absolute_redirect off;
in the ‘server’ blockLast thing - 307 is a temporary redirect, you might to change it to a permanent one once you’ve confirmed it’s working as intended
Cool, thanks! I’ll try that.
I’ve been on the secure version by default so far myself.
Yes most browsers automatically do, but some don’t…