nginx as load balancer: upstream with path - caching

i've an nginx container, on port 9200, that acts as load balancer. This is config file:
proxy_ignore_headers Set-Cookie;
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Headers' 'Range';
upstream backend {
server 192.168.99.103:9500 weight=3;
server 192.168.99.104:9500;
server 192.168.99.105:9500;
}
server {
listen 80;
server_name 172.17.0.1;
location = /LynyrdSkynyrdFreebirdAudio.mp4 {
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Headers' 'Range';
if ($request_method = OPTIONS ) {
add_header Access-Control-Allow-Methods "GET, OPTIONS";
add_header Content-Length 0;
add_header Content-Type text/plain;
return 200;
}
proxy_pass http://backend/;
add_header X-Upstream $upstream_addr;
}
location = /LynyrdSkynyrdFreebirdVideo.mp4 {
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Headers' 'Range';
if ($request_method = OPTIONS ) {
add_header Access-Control-Allow-Methods "GET, OPTIONS";
add_header Content-Length 0;
add_header Content-Type text/plain;
return 200;
}
proxy_pass http://backend;
add_header X-Upstream $upstream_addr;
}
}
This container load balance requests in the following way: when arrives a request localhost:9200/LynyrdSkynyrdFreebirdVideo.mp4 or localhost:9200/LynyrdSkynyrdFreebirdAudio.mp4, it balances requests across 3 servers.
These 3 servers are 3 nginx containers that acts as cache.
This is config file of nginx caches:
proxy_cache_path /tmp/nginx levels=1:2 keys_zone=my_zone:10m inactive=60m;
proxy_cache_key "$scheme$request_method$host$request_uri";
proxy_cache_methods GET HEAD POST;
proxy_cache_valid 200 206 100m;
proxy_ignore_headers Set-Cookie;
add_header 'Access-Control-Allow-Origin' '*' always;
add_header 'Access-Control-Allow-Headers' 'Range';
server {
listen 80;
server_name 172.17.0.1;
#charset koi8-r;
#access_log /var/log/nginx/log/host.access.log main;
location / {
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
location /demo/ {
proxy_cache my_zone;
add_header X-Proxy-Cache $upstream_cache_status;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $host;
proxy_pass http://172.17.0.1:8700/shaka-player-master/demo/index1.html ;
}
location /media {
proxy_cache my_zone;
add_header X-Proxy-Cache $upstream_cache_status;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $host;
proxy_pass http://172.17.0.1:8700/shaka-player-master/media/example-av.mpd ;
}
location = /example-av1.mpd {
add_header 'Access-Control-Allow-Origin' '*';
proxy_cache my_zone;
add_header X-Proxy-Cache $upstream_cache_status;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $host;
proxy_pass http://192.168.99.103:9600/shaka-player/media/example-av1.mpd;
}
location = /LynyrdSkynyrdFreebirdVideo.mp4 {
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Headers' 'Range';
proxy_cache my_zone;
add_header X-Proxy-Cache $upstream_cache_status;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $host;
proxy_pass http://192.168.99.103:9600/shaka-player/media/LynyrdSkynyrdFreebirdVideo.mp4 ;
}
location = /LynyrdSkynyrdFreebirdAudio.mp4 {
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Headers' 'Range';
proxy_cache my_zone;
add_header X-Proxy-Cache $upstream_cache_status;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $host;
proxy_pass http://192.168.99.103:9600/shaka-player/media/LynyrdSkynyrdFreebirdAudio.mp4;
}
}
If i point to load balancer, i.e. localhost:9200/LynyrdSkynyrdFreebirdVideo.mp4 or localhost:9200/LynyrdSkynyrdFreebirdAudio.mp4, there is 404 not found. I expect that, if i point to this URL, load balancer balances request to 192.168.99.103(or 104, or 105):9500/LynyrdSkynyrdFreebirdVideo.mp4 or 192.168.99.103(or 104, or 105):9500/LynyrdSkynyrdFreebirdAudio.mp4.
But in the upstream block i don't know if in server directive i can add a path.
In fact, this is, i think, the very problem: in fact, if i point to 192.168.99.103(or104, or105):9500/LynyrdSkynyrdFreebirdAudio(or Video).mp4, i get the content correctly.
Can anyone helps me?

Solved:
i have added path to http://backend, like:
proxy_pass http://backend/LynyrdSkynyrdFreebirdVideo.mp4;

Related

403error (Laravel + Nginx + Apache) CentOS 8

I'm trying to configure the site to work with Nginx and Apache. When I try to reach the site, I get a 403 error.
In the file /etc/httpd/conf/httpd.conf I set the default port 8089 (since 8080 is already busy):
Listen 127.0.0.1:8089
Next, I create a config for Apache (/etc/httpd/conf.d/site.conf):
<VirtualHost 127.0.0.1:8089>
ServerName site.com
ServerAlias www.site.com
DocumentRoot "/usr/share/site/public"
ErrorLog /var/log/httpd/error.log
CustomLog /var/log/httpd/access.log combined
<Directory "/usr/share/site/public">
Require all granted
AllowOverride all
</Directory>
</VirtualHost>
Finally, I create a config for Nginx (/etc/nginx/conf.d/site.conf):
server {
listen 80;
server_name site.com www.site.com;
root /usr/share/site/public;
charset utf-8;
gzip on;
gzip_types
text/css
application/javascript
text/javascript
application/x-javascript
image/svg+xml
text/plain
text/xsd
text/xsl
text/xml
image/x-icon;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location ~ \.php {
proxy_pass http://localhost:8089;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
location ~ /\.ht {
deny all;
}
}
What could be the problem?
Good Day!
try this original config by laravel ref link https://laravel.com/docs/7.x/deployment
server {
listen 80;
server_name site.com www.site.com;
root /usr/share/site/public;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
index index.php;
charset utf-8;
gzip on;
gzip_types
text/css
application/javascript
text/javascript
application/x-javascript
image/svg+xml
text/plain
text/xsd
text/xsl
text/xml
image/x-icon;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
error_page 404 /index.php;
location ~ \.php$ {
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
include fastcgi_params;
}
location ~ /\.(?!well-known).* {
deny all;
}
}
NOTE: fastcgi_pass u need to change php{version}-fpm.sock; based on your version

Strapi: Add prefix to api endpoints

I have a Strapi instance running at localhost, where I need to prefix the api convention /api/v1 to the URL, but only for api endpoints. I can't find the way.
I already have this in server.js
server.js
host: env('HOST', '0.0.0.0'),
port: env.int('PORT', 1337),
url: env('', 'http://localhost:1337'),
admin: {
auth: {
secret: env('ADMIN_JWT_SECRET', '9c27e32146600c92d6fccb208d1fc873'),
},
},
});
So I need to request the data at endpoints like: http://localhost:1337/api/v1/restaurant/:id
And access to admin like default: http://localhost:1337/admin
Is that possible?
I'm using Strapi#3.1.4
nginx config
http {
upstream strapi {
server 127.0.0.1:1337;
}
server {
listen 8888;
server_name localhost;
#charset koi8-r;
#access_log logs/host.access.log main;
# location / {
# proxy_connect_timeout 180s;
# proxy_read_timeout 5400s;
# proxy_send_timeout 5400s;
# proxy_pass http://127.0.0.1:1337/;
# }
location / {
root C:/projects/strapi;
}
location /service-catalog/ {
rewrite ^/service-catalog/(.*) /$1 break;
proxy_pass http://strapi;
proxy_http_version 1.1;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $http_host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_pass_request_headers on;
}
location /service-catalog/assets/ {
rewrite /service-catalog/(.*) /$1 break;
proxy_pass http://strapi/assets;
proxy_http_version 1.1;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $http_host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_pass_request_headers on;
}
location /dashboard {
proxy_pass http://strapi/dashboard;
proxy_http_version 1.1;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $http_host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_pass_request_headers on;
}
}
}
server.js
module.exports = ({ env }) => ({
host: env('HOST', '0.0.0.0'),
port: env.int('PORT', 1337),
url: 'http://localhost:8888/service-catalog',
admin: {
url:'http://localhost:8888/dashboard',
auth: {
secret: env('ADMIN_JWT_SECRET', 'f8bbc8130154293e157e1e01ab09d62d'),
},
},
});
delete build .cache folder
then run npm run build
then run npm run develop
I don't believe this is possible without using a proxy.
In your server.js you would specify url: 'https://api.example.com/v1', but this would also need to be set up in your proxy as this only makes Strapi aware of the proxy.
More details here:
https://strapi.io/documentation/v3.x/deployment/nginx-proxy.html#nginx-proxying
You can change your endpoint from api config. route.json
For your case you can try this.
go to ../app/api/restaurant/config/route.json
{
"method": "GET",
"path": "/api/v1/restaurants/:id", # update your route here
"handler": "restaurant.findOne", #action handler
"config": {
"policies": []
}
},...
now you can try http://localhost:1337/api/v1/restaurant/:id
You have to do the same for each route.
For more -
https://strapi.io/documentation/v3.x/content-api/api-endpoints.html#endpoints

Deploying Laravel in nginx as reverse proxy with apache

I want to deploy my laravel application in my server with nginx as reverse proxy with apache, i have a problem with URLs and page links that start with index.php. I tried the url without index.php and it works, but all links in page are with index.php. This is my configuration :
Nginx :
server {
listen 80;
server_name dev.exemple.com;
root /var/www/laravel-app/public/;
index index.php index.htm index.html;
location / {
try_files $uri $uri/ /index.php$uri;
}
location ~ \.php {
proxy_pass http://MY-SERVER-IP-ADDRESS:8080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
location ~ /\. {
deny all;
}
location ~* \.(jpg|jpeg|gif|css|png|js|ico|html)$ {
access_log off;
expires max;
log_not_found off;
}
}
Apache
<VirtualHost *:8080>
ServerName dev.exemple.com
DocumentRoot /var/www/laravel-app/public/
<Directory /var/www/laravel-app/>
AllowOverride All
</Directory>
</VirtualHost>
Hello check this solution from https://laravel.io/forum/10-25-2014-configuration-for-running-laravel-with-nginx-and-apache
server {
listen 80;
access_log /var/www/site.com/logs/nginx.access.log;
error_log /var/www/site.com/logs/nginx.error.log;
root /var/www/site.com/public_html/public;
index index.php index.html;
server_name site.com;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
proxy_pass http://127.0.0.1:8080;
}
location ~* ^.*\.php$ {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
proxy_pass http://127.0.0.1:8080;
}
location ~ /\.(ht|git) {
deny all;
}
}

allow cross origin request for laravel route on nginx

I want to access a laravel 5.5 api endpoint https://foo.bar.com/api/v1.0/foo/bar from another origin. Thus I need to allow cross origin requests. I've added the header to my nginx config. Yet my browser still complains about it not being present.
This is my nginx config:
server {
listen *:443 ssl;
server_name foo.bar.com ;
ssl on;
ssl_certificate /etc/nginx/nxv_bhxwewp1idzm.crt;
ssl_certificate_key /etc/nginx/nxv_bhxwewp1idzm.key;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers "...";
ssl_prefer_server_ciphers on;
client_max_body_size 1m;
index index.html index.htm index.php;
access_log /var/log/nginx/ssl-nxv_bhxwewp1idzm.access.log;
error_log /var/log/nginx/ssl-nxv_bhxwewp1idzm.error.log;
root /var/www/share/foo.bar.com;
location ~ ^/index\.php(/|$) {
set $path_info $fastcgi_path_info;
root /var/www/share/foo.bar.com/public/;
fastcgi_index index.php;
fastcgi_split_path_info ^(.+\.php)(/.*)$;
try_files $uri $uri/ /index.php$is_args$args;
include /etc/nginx/fastcgi_params;
fastcgi_pass 127.0.0.1:9000;
add_header 'Access-Control-Allow-Origin' '*';
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
location / {
root /var/www/share/foo.bar.com/public/;
try_files $uri $uri/ /index.php$is_args$args;
autoindex off;
index index.html index.php;
add_header 'Access-Control-Allow-Origin' '*';
}
sendfile off;
}
I already took the info from the link #DigitalDrifter has posted. But it seems just adding the Access-Control-Allow-Origin isn't enough to get it to work. Although I don't care about access methods and such.
So this got the deal working:
server {
listen *:443 ssl;
server_name foo.bar.com ;
ssl on;
ssl_certificate /etc/nginx/nxv_bhxwewp1idzm.crt;
ssl_certificate_key /etc/nginx/nxv_bhxwewp1idzm.key;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers "...";
ssl_prefer_server_ciphers on;
client_max_body_size 1m;
index index.html index.htm index.php;
access_log /var/log/nginx/ssl-nxv_bhxwewp1idzm.access.log;
error_log /var/log/nginx/ssl-nxv_bhxwewp1idzm.error.log;
root /var/www/share/foo.bar.com;
location ~ ^/index\.php(/|$) {
set $path_info $fastcgi_path_info;
root /var/www/share/foo.bar.com/public/;
fastcgi_index index.php;
fastcgi_split_path_info ^(.+\.php)(/.*)$;
try_files $uri $uri/ /index.php$is_args$args;
include /etc/nginx/fastcgi_params;
fastcgi_pass 127.0.0.1:9000;
add_header 'Access-Control-Allow-Origin' '*';
add_header 'X-Frame-Options' 'ALLOW-FROM *';
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
location / {
root /var/www/share/foo.bar.com/public/;
try_files $uri $uri/ /index.php$is_args$args;
autoindex off;
index index.html index.php;
add_header 'Access-Control-Allow-Origin' '*';
add_header 'X-Frame-Options' 'ALLOW-FROM *';
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
}
sendfile off;
}
add both lines into below file
/etc/nginx/sites-available/yours_conf_file
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Headers' 'Content-Type';
and restart nginx server
sudo systemctl restart nginx

Nginx Magento SSL ERR_TOO_MANY_REDIRECTS

Im having an error ERR_TOO_MANY_REDIRECTS
Im implement the ssl and i get the errors
In Magento i have the sites with ssl
web/unsecure/base_url https://pontebuso.com/
web/secure/base_url https://pontebuso.com/
------------------nginx.conf--------------
user www-data;
worker_processes 4;
pid /run/nginx.pid;
events {
worker_connections 768;
# multi_accept on;
}
http {
sendfile on;
autoindex off;
tcp_nopush on;
tcp_nodelay on;
types_hash_max_size 2048;
fastcgi_param HTTPS on;
fastcgi_buffers 8 16k;
fastcgi_buffer_size 32k;
#include /etc/nginx/mime.types;
default_type application/octet-stream;
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
gzip on;
gzip_comp_level 2;
gzip_proxied any;
gzip_types text/plain text/css application/x-javascript text/xml application/xml application/xml+rss text/javascript;
include /etc/nginx/mime.types;
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/default;
log_format main '$remote_addr - $remote_user [$time_local] "$request "'
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
map $scheme $fastcgi_https { ## Detect when HTTPS is used
default off;
https on;
}
------------------site------------------
server {
listen 80;
server_name pontebuso.com;
rewrite ^/(.*) https://pontebuso.com/$1 permanent;
}
server {
listen 443 ssl;
server_name pontebuso.com;
ssl on;
ssl_certificate /etc/nginx/ssl/pontebuso.com.chained.crt;
ssl_certificate_key /etc/nginx/ssl/pontebuso.key;
ssl_session_cache builtin:1000 shared:SSL:10m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";
ssl_prefer_server_ciphers on;
add_header Access-Control-Allow-Origin sub.pontebuso.com;
root /home/sites/pontebuso/;
autoindex off;
access_log /var/log/nginx/nginx.vhost.access.log;
error_log /var/log/nginx/nginx.vhost.error.log;
location / {
proxy_set_header X-Forwarded-Proto $scheme;
fastcgi_param HTTPS on;
index index.php index.html index.htm;
try_files $uri $uri/ /index.php?$args;
access_log off;
#expires max;
}
## These locations would be hidden by .htaccess normally
location ^~ /app/ { deny all; }
location ^~ /includes/ { deny all; }
location ^~ /lib/ { deny all; }
location ^~ /media/downloadable/ { deny all; }
location ^~ /pkginfo/ { deny all; }
location ^~ /report/config.xml { deny all; }
location ^~ /var/ { deny all; }
location /var/export/ {
auth_basic "Restricted";
auth_basic_user_file htpasswd;
autoindex on;
}
location /. {
return 404;
}
location #handler {
rewrite / /index.php;
}
location ~ .php/ {
rewrite ^(.*.php)/ $1 last;
}
location ~ .php$ {
if (!-e $request_filename) { rewrite / /index.php last; }
expires off;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param HTTPS $fastcgi_https;
fastcgi_param MAGE_RUN_CODE default;
fastcgi_param MAGE_RUN_TYPE store;
include fastcgi_params;
}
location ~ \.css {
add_header Content-Type text/css;
}
location ~ \.js {
add_header Content-Type application/x-javascript;
}
}
---------------------default--------------------
server {
listen 80;
server_name pontebuso.com;
add_header Access-Control-Allow-Origin sub.pontebuso.com;
root /home/sites/pontebuso/;
autoindex off;
location / {
index index.php index.html index.htm;
try_files $uri $uri/ /index.php?$args;
access_log off;
expires max;
}
## These locations would be hidden by .htaccess normally
location ^~ /app/ { deny all; }
location ^~ /includes/ { deny all; }
location ^~ /lib/ { deny all; }
location ^~ /media/downloadable/ { deny all; }
location ^~ /pkginfo/ { deny all; }
location ^~ /report/config.xml { deny all; }
location ^~ /var/ { deny all; }
access_log /var/log/nginx/nginx.vhost.access.log;
error_log /var/log/nginx/nginx.vhost.error.log;
location /var/export/ {
auth_basic "Restricted";
auth_basic_user_file htpasswd;
autoindex on;
}
location /. {
return 404;
}
location #handler {
rewrite / /index.php;
}
location ~ .php/ {
rewrite ^(.*.php)/ $1 last;
}
location ~ .php$ {
if (!-e $request_filename) { rewrite / /index.php last; }
expires off;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param HTTPS $fastcgi_https;
fastcgi_param MAGE_RUN_CODE default;
fastcgi_param MAGE_RUN_TYPE store;
include fastcgi_params;
}
location ~ .php/ {
rewrite ^(.*.php)/ $1 last;
}
location ~ .php$ {
if (!-e $request_filename) { rewrite / /index.php last; }
expires off; ## Do not cache dynamic content
fastcgi_pass 127.0.0.1:9000;
fastcgi_param HTTPS $fastcgi_https;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param MAGE_RUN_CODE default;
fastcgi_param MAGE_RUN_TYPE store;
include fastcgi_params; ## See /etc/nginx/fastcgi_params
}
location ~ \.css {
add_header Content-Type text/css;
}
location ~ \.js {
add_header Content-Type application/x-javascript;
}
}
As i can see css is not loading appropriately with https. so please use https with only base secure url.

Resources