Your nginx server doesn't seem to be listening on the HTTPS port, you need this in the server config: listen 443 default ssl; Here's the relevant part of the Galaxy setup I have over here: upstream galaxy_app { server localhost:8080; } # redirect http to https server { listen 80; resolver 192.168.2.75; access_log /var/log/nginx/rewrite.access.log; rewrite ^ https://$host$request_uri permanent; } server { listen 443 default ssl; ssl_certificate /etc/nginx/ssl/sanbi.pem; ssl_certificate_key /etc/nginx/ssl/sanbi.key; ... So I've got a single Galaxy app (not sure why you have that many), and then anything coming in on port 80 is redirected to HTTPS and finally I've got a server listening on port 443 talking HTTPS. Peter On 11 December 2014 at 02:05, Nicholas Kline <nxk60@case.edu> wrote:
Hello. I am trying to configure our local production Galaxy server to always use HTTPS on nginx. When I visit http://localhost I see the main galaxy webpage where I can sign in. However, when I enter my administrator credentials and click Login, the page tries to redirect to HTTPS but then displays an 'unable to connect' error.
What changes do I need to make to my nginx.conf file so that our galaxy server always uses HTTPS. My nginx.conf file is included below.
Thanks :)
################## # nginx.conf ##################
user www-data; worker_processes 4; pid /run/nginx.pid;
events { worker_connections 768; # multi_accept on; }
http {
## # Basic Settings ##
sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 2048; # server_tokens off;
# server_names_hash_bucket_size 64; # server_name_in_redirect off;
include /etc/nginx/mime.types; default_type application/octet-stream;
## # Logging Settings ##
access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log;
## # Gzip Settings ##
gzip on; gzip_http_version 1.1; gzip_vary on; gzip_comp_level 4; gzip_proxied any; gzip_types text/plain text/css application/x-javascript text/xml application/xml text/javascript application/json; gzip_buffers 16 8k; gzip_disable "MSIE [1-6].(?!.*SV1)";
## # nginx-naxsi config ## # Uncomment it if you installed nginx-naxsi ##
#include /etc/nginx/naxsi_core.rules;
## # nginx-passenger config ## # Uncomment it if you installed nginx-passenger ##
#passenger_root /usr; #passenger_ruby /usr/bin/ruby;
## # Virtual Host Configs ##
include /etc/nginx/conf.d/*.conf; #include /etc/nginx/sites-enabled/*;
## # Galaxy ##
upstream galaxy_app { # As defined in galaxy config file universe_wsgi.ini server localhost:8080; server localhost:8081; server localhost:8082; server localhost:8083; server localhost:8084; server localhost:8085; server localhost:8086; server localhost:8087; server localhost:8088; server localhost:8089; }
server { # Maximum upload size that can be handled by POST requests through nginx. # Disabled because using FTP instead of web interface. #client_max_body_size 10G;
location / { proxy_pass http://galaxy_app; proxy_set_header X-Forwarded-Host $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; # If using SSL, makes Galaxy aware of what type of URL it should generate for external sites like Biomart. proxy_set_header X-URL-SCHEME https; }
# nginx is more efficient at serving static content. # expires 24h is for caching purposes. location /static { alias /home/galaxy/galaxy-dist/static; expires 24h; } location /static/style { alias /home/galaxy/galaxy-dist/static/june_2007_style/blue; expires 24h; } location /static/scripts { alias /home/galaxy/galaxy-dist/static/scripts/packed; } location /favicon.ico { alias /home/galaxy/galaxy-dist/static/favicon.ico; } location /robots.txt { alias /home/galaxy/galaxy-dist/static/robots.txt; }
# Use nginx to send files (downloads) instead of Galaxy. location /_x_accel_redirect/ { internal; alias /; } } } ___________________________________________________________ Please keep all replies on the list by using "reply all" in your mail client. To manage your subscriptions to this and other Galaxy lists, please use the interface at: https://lists.galaxyproject.org/
To search Galaxy mailing lists use the unified search at: http://galaxyproject.org/search/mailinglists/