unwanted HTTPS -> HTTP redirects with nginx + uwsgi + flask app

Question

I have a flask app, hosted by uwsgi, with nginx as a reverse proxy to uwsgi, using the built-in uwsgi proxy module. Whenever I visit a page that redirects to another page, the Location header points to a non-HTTPS URL. For example:

$ socat openssl:my-web-server:443 stdio
GET / HTTP/1.0
Host: my-web-server

HTTP/1.1 302 FOUND
Server: nginx/1.0.4
[...]
Location: http://my-web-server/login

My nginx config looks like this:

server {
    listen 80;
    listen 443 ssl;
    server_name my-web-server;
    charset utf-8;

    ssl_certificate /etc/nginx/certs/server.pem;
    ssl_certificate_key /etc/nginx/certs/server.key;

    location / {
        uwsgi_pass unix:/tmp/uwsgi.sock;
        include uwsgi_params;
    }
}

Answer 1

uwsgi needs to be passed the scheme (http or https) used to serve the request in order to write the correct Location header.

By default a bunch of settings are set in the /etc/nginx/uwsgi_params file. The include uwsgi_params; line in the config file is what load these.

For whatever reason, though, the scheme is not one of these default settings. This can be fixed by adding:

uwsgi_param UWSGI_SCHEME $scheme;

to the nginx configuration after the include uwsgi_params; line, or by adding it to the /etc/nginx/uwsgi_params file directly.