What I'm trying to do is have a server block such that requests for my domain without a subdomain specified successfully serves any existing file with the uri prefix /.well-known/acme-challenge/
, but gives a 404 for anything else.
server {
listen 443 ssl;
listen 80;
server_name example.com;
# Satisfy acme verification for both ports 443 and 80
location /.well-known/acme-challenge/ {
alias /usr/share/nginx/acme-challenges/;
try_files $uri =404;
return 200;
}
location / {
return 404;
}
}
What I'm finding is that if file /usr/share/nginx/acme-challenges/foo
exists and is readable by the nginx process, then for request http://example.com/.well-known/acme-challenge/foo
, foo
gets downloaded successfully - but I get a 404 status code and the default nginx error page for it. Initially, I did not have the return 200;
line after the try_files
because I thought that if the try_files
succeeded, no other location block would be involved. I tried adding that to "make sure" the other location block would not execute, but it didn't help.
I'm sure the other location block is causing the 404, because if I change its contents to return 200;
then I get the successful download and no body (whatever was displayed, e.g. the google home page remains in place when I type the request in the address bar).
I can't make any sense of this. The docs note that try_files can cause an internal redirect when a fallback uri is selected, but not when the initial file succeeds!
My guess is that the following would work:
This way we avoid using
alias
withtry_files
. We simply capture the filename inlocation
and use the captured filename intry_files
.