From c3a2e70d57a6644016ca9ed25930a77f31b8a6a8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Cl=C3=A9ment=20Michaud?= <clement.michaud34@gmail.com>
Date: Sun, 22 Mar 2020 07:04:51 +0100
Subject: [PATCH] [MISC] Automatically redirect from http to https in suites.
 (#769)

---
 .../suites/example/compose/nginx/portal/nginx.conf     | 10 ++++++++++
 .../example/compose/nginx/portal/nginx.https.conf      | 10 ++++++++++
 2 files changed, 20 insertions(+)

diff --git a/internal/suites/example/compose/nginx/portal/nginx.conf b/internal/suites/example/compose/nginx/portal/nginx.conf
index f34573a4a..261b07783 100644
--- a/internal/suites/example/compose/nginx/portal/nginx.conf
+++ b/internal/suites/example/compose/nginx/portal/nginx.conf
@@ -22,6 +22,8 @@ http {
         add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
         add_header X-Frame-Options "SAMEORIGIN";
 
+        error_page 497 301 =307 https://$host:$server_port$request_uri;
+
         # Serve the backend API for the portal.
         location /api {
             proxy_set_header  X-Real-IP $remote_addr;
@@ -68,6 +70,8 @@ http {
         add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
         add_header X-Frame-Options "SAMEORIGIN";
 
+        error_page 497 301 =307 https://$host:$server_port$request_uri;
+
         location / {
             proxy_set_header  Host $http_host;
             proxy_pass        $upstream_endpoint;
@@ -95,6 +99,8 @@ http {
         add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
         add_header X-Frame-Options "SAMEORIGIN";
 
+        error_page 497 301 =307 https://$host:$server_port$request_uri;
+
         # Reverse proxy to the backend. It is protected by Authelia by forwarding authorization checks
         # to the virtual endpoint introduced by nginx and declared in the next block.
         location / {
@@ -187,6 +193,8 @@ http {
         add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
         add_header X-Frame-Options "SAMEORIGIN";
 
+        error_page 497 301 =307 https://$host:$server_port$request_uri;
+
         location / {
             proxy_set_header  Host $http_host;
             proxy_pass        $upstream_endpoint;
@@ -207,6 +215,8 @@ http {
         add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
         add_header X-Frame-Options "SAMEORIGIN";
 
+        error_page 497 301 =307 https://$host:$server_port$request_uri;
+
         location / {
             proxy_set_header  Host $http_host;
             proxy_pass        $upstream_endpoint;
diff --git a/internal/suites/example/compose/nginx/portal/nginx.https.conf b/internal/suites/example/compose/nginx/portal/nginx.https.conf
index 75112c0f7..e169d2005 100644
--- a/internal/suites/example/compose/nginx/portal/nginx.https.conf
+++ b/internal/suites/example/compose/nginx/portal/nginx.https.conf
@@ -22,6 +22,8 @@ http {
         add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
         add_header X-Frame-Options "SAMEORIGIN";
 
+        error_page 497 301 =307 https://$host:$server_port$request_uri;
+
         # Serve the backend API for the portal.
         location /api {
             proxy_set_header  X-Real-IP $remote_addr;
@@ -68,6 +70,8 @@ http {
         add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
         add_header X-Frame-Options "SAMEORIGIN";
 
+        error_page 497 301 =307 https://$host:$server_port$request_uri;
+
         location / {
             proxy_set_header  Host $http_host;
             proxy_pass        $upstream_endpoint;
@@ -95,6 +99,8 @@ http {
         add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
         add_header X-Frame-Options "SAMEORIGIN";
 
+        error_page 497 301 =307 https://$host:$server_port$request_uri;
+
         # Reverse proxy to the backend. It is protected by Authelia by forwarding authorization checks
         # to the virtual endpoint introduced by nginx and declared in the next block.
         location / {
@@ -187,6 +193,8 @@ http {
         add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
         add_header X-Frame-Options "SAMEORIGIN";
 
+        error_page 497 301 =307 https://$host:$server_port$request_uri;
+
         location / {
             proxy_set_header  Host $http_host;
             proxy_pass        $upstream_endpoint;
@@ -207,6 +215,8 @@ http {
         add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
         add_header X-Frame-Options "SAMEORIGIN";
 
+        error_page 497 301 =307 https://$host:$server_port$request_uri;
+
         location / {
             proxy_set_header  Host $http_host;
             proxy_pass        $upstream_endpoint;