I see there are many online tutorials, but I am entirely out of luck in getting my application running correctly.
This is a portion of my Flask app :
import ssl
context = ssl.SSLContext(ssl.PROTOCOL_TLS_SERVER)
context.load_cert_chain('/etc/ssl/certs/nginx-selfsigned.crt', '/etc/ssl/private/nginx-selfsigned.key')
...........
...........
if __name__ == "__main__":
#from debugger import initialize_flask_server_debugger_if_needed
app.run(port=5000, debug = True, ssl_context=context)
I deployed the application to a Ubunto server running version 20.
I install Nginx in the Ubuntu server and set the config file as follows (only config file I found at least doing some redirection ) :
server {
listen 443 ssl;
ssl_certificate /etc/ssl/certs/nginx-selfsigned.crt;
ssl_certificate_key /etc/ssl/private/nginx-selfsigned.key;
server_name 10.11.238.58;
location / {
proxy_pass http://127.0.0.1:5000;
proxy_set_header X-Real-IP $remote_addr;
}
}
server {
listen 80;
server_name 127.0.0.1;
return 302 https://$server_name$request_uri;
}
server {
listen 5001;
server_name 127.0.0.1;
return 302 https://$server_name$request_uri;
}
I created the certificate and key using the tutorial at the DigitalOcen site.
Now when I type '10.11.238.58', the browser URL changes to 'https://127.0.0.1', which tells that some redirection happens. But it should (nginx) send traffic to my Flask app on the Ubuntu server, not the local PC I am trying to browse. Flask App is running at localhost at Ubuntu server.
Any help ?
Related
I have a server code that uses flask socketio. The server is started by the command: 1gunicorn --worker-class eventlet -w 1 module:app`
I have the following nginx configuration:
server {
listen 80;
server_name A.B.C.D;
location / {
include proxy_params;
proxy_pass http://127.0.0.1:5000;
}
location /socket.io {
include proxy_params;
proxy_http_version 1.1;
proxy_buffering off;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_pass http://127.0.0.1:5000/socket.io;
}
}
This is from the official documentation of Flask Socket io, here
My two endpoints are working just fine. However, the socket endpoint runs fine when run manually(i.e. me running the command: python index.py), the problem comes when I want to run it via nginx and gunicorn.
With nginx:
Failed to load resource: net::ERR_CONNECTION_REFUSED
I have put code which is from the documentation, confs from the documentation and nothing worked.
I've a setup with nginx at front, reverse proxying the requests to gunicorn running at port 8000. For some reason nginx reverse proxying not forwarding requests to gunicorn. I haven't touched the nginx.conf and conf.d folder is empty. I removed the default configuration in sites-available directory. I created my won with the follwing content.
server {
listen 80;
# listen [::]:80 ipv6only=on;
location / {
proxy_pass http://127.0.0.1:8000/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
}
}
and python app's content
# server.py
import flask
app = flask.Flask(__name__)
#app.route('/')
def index():
return 'I am running !'
if __name__ == '__main__':
app.run(host='127.0.0.1')
For host in nginx configuration and in python app I've used 127.0.0.1, 0.0.0.0 and 193.162.144.136 (actual) entries but none of them work.
I'm getting the welcome page for nginx on port '80' but unable to get the output of app.
There are no errors in nginx log and if I manually visit port 8000 it does shows the app content.
I'm running app in gunicorn with following command gunicorn server:app.
Any help in this matter would be appreciated.
I am deploying an application to a server, but I seem to be misunderstanding some basic concepts here. The problem is that I am using gunicorn with port 8001
gunicorn myproj.wsgi:application --bind XXX.XXX.XXX.XXX:8001
Nginx, however, is listening to port 8000, as you can see in the file /etc/nginx/sites-available/myproj:
server {
listen 8000;
server_name XXX.XXX.XXX.XXX;
access_log off;
location /static/ {
root /opt/myproj;
}
location / {
proxy_pass http://127.0.0.1:8001;
proxy_set_header X-Forwarded-Host $server_name;
proxy_set_header X-Real-IP $remote_addr;
add_header P3p 'CP="ALL DSP COR PSAa PSDa OUR NOR ONL UNI COM NAV"';
}
}
So, here is what happens:
When I access XXX.XXX.XXX.XXXX:8001, I get my page, but without any of the static files. I can access the static files by XXX.XXX.XXX.XXX:8000/static/css/mycss.css. However, when I access XXX.XXX.XXX.XXX:8000, I get a 502 - Bad Gateway error.
What am I misunderstanding here? How can I access my page with the static files?
Your problem is happening because you are binding gunicorn to your external ip, but nginx is forwarding to the localhost port. The point is that gunicorn should not be accessible to the outside at all; all requests should go through the nginx reverse proxy.
Bind gunicorn to 127.0.0.1:8001.
The basic scheme when using application servers, like gunicorn is:
[User's web browser] <-> [Web server(Nginx)] <-> [Application server(Gunicorn)]
The web server usually listens on public IP address on port 80, and then forwards the connection to application server, serving as reverse proxy. If you run application server and web server on same host it's common to bind both to "localhost"(IP: 127.0.0.1) and same port, i.e. 8001 in your case. So try binding Gunicorn on 127.0.0.1:8001 as specified in your Nginx configuration.
Note: In case when two servers are running on one machine, it's usually worth connecting them via Unix sockets instead of network sockets for performance reasons.
I am stuck with setting the https with django on aws with nginx and gunicorn.
my configuration is:
server {
listen 80;
listen 443 ssl;
server_name logitech.enterpriselist.com;
rewrite ^ https://logitech.enterpriselist.com$request_uri? permanent;
root /home/ubuntu/git/elist/static/;
#` ssl on;
ssl_certificate /etc/ssl/elist.crt;
ssl_certificate_key /etc/ssl/elist.key;
location / {
# proxy_pass http://logitech.enterpriselist.com/;
}
location /static/ {
alias /home/ubuntu/git/elist/static/;
}
}
It is working fine with http with port 8001:
gunicorn configs.wsgi:application --bind 172.31.14.102:8001`
and not with domain
http://logitech.enterpriselist.com:8001/.
But I also want to run the things with the default port, but when I run
gunicorn configs.wsgi:application --bind 172.31.14.102:80
it says address already in use!
Also with https when I open http://logitech.enterpriselist.com/, it goes to https://logitech.enterpriselist.com/ but it says website have redirect loop so I need help in sorting this.
You haven't got anything to tell nginx it should be proxying requests to gunicorn. In particular, you need a proxy_pass directive and an upstream section.
Also, you don't want to run gunicorn on port 80, since that is what nginx is already bound to. That's what the proxy is for.
The gunicorn deployment docs have an example nginx configuration which works fine.
Hi I am new with nginx server, and I have uploaded my index.py file at /var/www/pyth/index.py ...
I am a little bit confused because in my local I can run freely
python index.py and access http://127.0.0.1:8080
I was wondering how can I do that in nginx, I have run python index.py but I can't access to mysite.com:8080
this is my config in /etc/nginx/sites-available/default
server {
listen 80 default_server;
listen [::]:80 default_server ipv6only=on;`
#root /usr/share/nginx/html;
#index index.php index.py index.html index.htm;
root /var/www/mysite.com;
index index.php index.py index.html index.htm;
# Make site accessible from http://localhost/
server_name mysite.com;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
# Uncomment to enable naxsi on this location
# include /etc/nginx/naxsi.rules
}
# Only for nginx-naxsi used with nginx-naxsi-ui : process denied reques$
#location /RequestDenied {
# proxy_pass http://127.0.0.1:8080;
#}
#error_page 404 /404.html;
...
does anyone has an idea about my case? any help will be appreciated.. thanks in advance
You should set up either a uwsgi (or similar), or a proxy_pass in nginx.
The option with UWSGI is better because it'll use the protocol designed for working with web-servers; though it's a bit harder to set up than just proxying everything via nginx.
proxy_pass
web.py has a web-server just for the development purposes, it shouldn't be used in production environment because it's really slow and inefficient in that case, and using proxy_pass wouldn't be a great idea if you are planning to release it.
With proxy_pass, you leave the 127.0.0.1:8080 server online, and then in nginx (on the same server), set up like that:
location / {
proxy_pass http://127.0.0.1:8080;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
The proxy_pass option redirects everything to the web.py server at 127.0.0.1:8080, the other ones - redirect the data about the connection (IP of the connected client and the host that was used for the connection on the nginx's side)
UWSGI
Using UWSGI, in short, is like that:
1) install uwsgi using your distro's package manager, or a pip, or using setup.py install.
2) in nginx, set up a server that will pass everything to the UWSGI server:
server {
listen 80;
location / {
include uwsgi_params;
uwsgi_pass 127.0.0.1:9000;
}
}
3) Then, in your web.py application (let's suppose it's called yourappfile.py), instead of app.run(), use:
app = web.application(urls, globals())
application = app.wsgifunc()
You can still have app.run(), just make sure to put it inside the if __name__ == '__main__' block; and make sure the application = app.wsgifunc() is outside so UWSGI could see it.
Then start a UWSGI server:
uwsgi --http :9090 --wsgi-file yourappfile.py
Take a look at these manuals, it may help you:
UWSGI Quickstart
Web.py running on the nginx uwsgi
Deployment of Web.py Applications Using uWSGI and
Nginx
UWSGI Wiki - Examples