Nginx certbot生成的配置文件上的ngnix www到no www

我正试图在下面显示的配置文件中获取对example.com和www.example.com的请求。该文件与certbot生成的文件完全相同

将两个

return 301

语句更改为

return 301 https://example.com$request_uri;

未按预期的方式继续工作

如果有人能指出实现预期结果所需的确切更改，我们将不胜感激。简化的指令将是一个奖励，因为我对nginx和certbot都是新手。谢谢

server {
    root /var/www/html/drupal;
    index  index.php index.html index.htm;
    server_name example.com www.example.com;

    location / {
        try_files $uri /index.php?$query_string;        
    }

    location @rewrite {
        rewrite ^/(.*)$ /index.php?q=$1;
    }

    location ~ [^/]\.php(/|$) {
        include snippets/fastcgi-php.conf;
        fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;
    }

    location ~ ^/sites/.*/files/styles/ {
        try_files $uri @rewrite;
    }

    location ~ ^(/[a-z\-]+)?/system/files/ {
        try_files $uri /index.php?$query_string;
    }

    listen [::]:443 ssl; # managed by Certbot
    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot


}
server {
    if ($host = www.example.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    if ($host = example.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    listen 80;
    listen [::]:80;
    server_name example.com www.example.com;
    return 404; # managed by Certbot
}

---

打开支架以获得更清晰的方式

创建2个侦听器，而不是一个443侦听器。和80个一样

这样，您就更容易知道正在做什么，每对主机和模式都有一个配置

server {
    listen 80;
    listen [::]:80;
    server_name  www.example.com; #this will only listen to http://www.example.com
    location / {        
       return 301 https://example.com$request_uri; #and will upgrade to https
    }
       #we don't want that many redirects, so this will go directly to example.com
 }

server {
    listen 80;
    listen [::]:80;
    server_name  example.com; #this will only listen to http://example.com
    location / {        
       return 301 https://$host$request_uri; #and will upgrade to https
    }
 }
server {
server_name  www.example.com;

location / {
    return 301 https://example.com$request_uri #this redirects to non-www
}
listen [::]:443 ssl; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}

server{
#same server configuration as your first server bracket, only accepting     https://example.com and not www.
}

我看到您正在将到达的连接发送到Drupal，因此认为Drupal有一个变量$base_url，它对该主机进行的任何重定向都是对该主机进行的，因此，如果将其设置为www.example.com，则与nginx conf无关，因为Drupal本身也可以进行重定向

---

希望它能有所帮助，任何问题都可以发表评论。

现在可以了，@flaixman。我对你的建议做了一个改变，那就是用一个街区换80，因为他们都做了完全相同的事情。所以，这里是最后的版本：（我希望没有弄糟一些东西，这可能会导致以后的问题。）

---

关于Drupal的观察很棒，但我有一些非Drupal域，并且更喜欢类似的配置文件。你的建议奏效了，谢谢！但是一些微调问题-（1）我是否需要两个80的侦听器，例如example.com和www.example.com都转到https://example.com-可能是因为

if（$host=…）

语句。（2） 另外，我是否需要复制443的整个块，包括root、index和所有location语句？或者我可以只保留一个443块，其中包含

if（$host=example.com…

语句，这些语句似乎在80块中工作吗？嗨，分离块意味着清楚地了解nginx中发生了什么，使用“ifs”和其他条件，您甚至可以将所有域放在同一个服务器块{}。实际上，是的，您可以在2服务器块{}上加入两个域，一个用于80，另一个用于443。443街区是“特殊的”。您不需要www块中的根或索引，因为您不打算将其定向到应用程序，您只需要该块重定向到非www。您唯一需要的是证书（因为不安全的中间重定向意味着整个连接不安全）。因此，您需要侦听哪个端口，侦听哪个域名，该域的证书，以及重定向到何处，因为您无需转到应用程序来搜索任何索引，也无需将根放在何处（因为https非www域是唯一将连接带到应用程序的域）。至于为什么分离块与在同一行中完成整个脚本是一样的，它可以工作，也会工作，但是当你在两个月后回来时，你会因为那样做而讨厌自己，而且不清晰，不间隔。很高兴我帮了忙：）明白了！有道理。我会听从你明智的建议：）

server {
    listen 80;
    listen [::]:80;
    server_name example.com www.example.com;
    location / {
        return 301 https://example.com$request_uri;
    }
}

server {
    server_name www.example.com;
    location / {
        return 301 https://example.com$request_uri;
    }
    listen [::]:443 ssl; # managed by Certbot
    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}

server{
    root /var/www/html/d8;
    index index.php index.html index.htm;
    server_name example.com;

    location / {
        try_files $uri /index.php?$query_string;        
    }

    location @rewrite {
        rewrite ^/(.*)$ /index.php?q=$1;
    }

    location ~ [^/]\.php(/|$) {
        include snippets/fastcgi-php.conf;
        fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;
    }

    location ~ ^/sites/.*/files/styles/ {
        try_files $uri @rewrite;
    }

    location ~ ^(/[a-z\-]+)?/system/files/ {
        try_files $uri /index.php?$query_string;
    }

    listen [::]:443 ssl; # managed by Certbot
    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}