[Fixed]-Nginx rewrite to https from http on same server_name block when ssl is handled downstream

The usual technique is for the proxy handling ssl termination to add an X-Forwarded-Proto header. The upstream application can then conditionally redirect when entering a secure area.

With nginx this could be accomplished using a map:

map $http_x_forwarded_proto $insecure {
    default 1;
    https   0;
}

server {
    ...
    if ($insecure) {
        return 301 https://$host$request_uri;
    }
    ...
}