Rewrite specifc path from http to https with nginx

Question

I want to redirect some specific path with nginx when they are accessed through http to https :

• / (http OK)
• /api (http rediret to https)
• /git (http rediret to https)

My conf look like this, but redirection doesn't work

upstream git {
  server gitlab:80;
}

upstream api {
  server api:80;
}

upstream web {
  server web:80;
}

server {
  listen 80;
  server_name www.domain.com;
  server_tokens off;
  root /dev/null;

  location / {
    proxy_pass http://web;
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection 'upgrade';
    proxy_set_header Host $host;
    proxy_cache_bypass $http_upgrade;
  }

  location /git/ {
    rewrite ^ https://$server_name$request_uri permanent;  
  }

  location /api/ {
    rewrite ^ https://$server_name$request_uri permanent;
  }
}

server {
  listen 443 ssl spdy;

  server_name www.domain.com;
  server_tokens off;
  root /dev/null;

  ## Increase this if you want to upload large attachments
  ## Or if you want to accept large git objects over http
  client_max_body_size 20m;

  add_header Strict-Transport-Security max-age=63072000;
  # add_header X-Frame-Options DENY;
  add_header X-Content-Type-Options nosniff;

  ## Individual nginx logs for this vhost
  access_log  /var/log/nginx/gitlab_access.log;
  error_log   /var/log/nginx/gitlab_error.log;

  ## include domain ssl config
  include /etc/nginx/domain_com.ssl.conf;

  ## proxy pass the request to upsteam.
  location /git/ {
    ## If you use https make sure you disable gzip compression
    ## to be safe against BREACH attack.
    gzip off;

    ## https://github.com/gitlabhq/gitlabhq/issues/694
    ## Some requests take more than 30 seconds.
    proxy_read_timeout      300;
    proxy_connect_timeout   300;
    proxy_redirect          off;

    proxy_set_header    Host                $http_host;
    proxy_set_header    X-Real-IP           $remote_addr;
    proxy_set_header    X-Forwarded-Ssl     on;
    proxy_set_header    X-Forwarded-For     $proxy_add_x_forwarded_for;
    proxy_set_header    X-Forwarded-Proto   $scheme;
    proxy_set_header    X-Frame-Options     SAMEORIGIN;

    proxy_pass http://git;
  }

  ## proxy pass the request to upsteam.
  location /api/ {
    ## If you use https make sure you disable gzip compression
    ## to be safe against BREACH attack.
    gzip off;

    ## https://github.com/gitlabhq/gitlabhq/issues/694
    ## Some requests take more than 30 seconds.
    proxy_read_timeout      300;
    proxy_connect_timeout   300;
    proxy_redirect          off;

    proxy_set_header    Host                $http_host;
    proxy_set_header    X-Real-IP           $remote_addr;
    proxy_set_header    X-Forwarded-Ssl     on;
    proxy_set_header    X-Forwarded-For     $proxy_add_x_forwarded_for;
    proxy_set_header    X-Forwarded-Proto   $scheme;
    proxy_set_header    X-Frame-Options     SAMEORIGIN;

    proxy_pass http://api;
  }  
}

Answer 1

I think would better (works for me):

location /git {
  return 301 https://$server_name$request_uri;
}