I've inherited a Python / Django project. I'm setting up a dev server for new changes which is a direct clone of the live server. I'm trying to configure nginx config so that it will stop redirecting.
At the moment it gets stuck in a https redirect loop. If i look at network tab within dev tools for chrome i can see a 302 GET loop going on and on.
here is the nginx conf file:
server {
listen 443 ssl;
server_name dev.mywebsite.com;
## DYNAMIC CONTENT
location / {
uwsgi_pass unix:///tmp/website.sock;
include uwsgi_params;
uwsgi_param HTTP_X_FORWARDED_PROTO $scheme;
}
## STATIC CONTENT
location ^~ /static/ {
alias /home/website/src/www/static/;
access_log off;
expires 30d;
gzip on;
gzip_http_version 1.1;
gzip_vary on;
gzip_comp_level 6;
gzip_proxied any;
gzip_types text/css text/javascript application/javascript application/x-javascript;
gzip_buffers 16 8k;
gzip_disable "MSIE [1-6]\.(?!.*SV1)";
}
ssl_certificate /home/website/ssl/mywebsite/crt;
ssl_certificate_key /home/website/ssl/mywebsite/key;
## FAV ICON
location = /favicon.ico {
alias /home/website/www/static/img/_app/favcion.ico;
}
}
server {
listen 80;
server_name *.mywebsite.com;
rewrite .* https://$host$request_uri permanent;
}
server {
listen 80;
server_name mywebsite.com;
rewrite .* https://www.mywebsite.com$request_uri permanent;
}
server {
listen 443;
server_name mywebsite.com;
ssl_certificate /home/website/ssl/mywebsite/crt;
ssl_certificate_key /home/website/ssl/mywebsite/key;
rewrite .* https://www.mywebsite.com/ permanent;
}
uwsgi:
[uwsgi]
processes = 1
threads = 1
module = mywebsite.wsgi:application
chdir = /home/website/src/
home = /home/website/venv
stats = /tmp/website.stats
socket = /tmp/website.sock
pidfile = /tmp/website.pid
max-requests = 1000
listen = 128
chmod-socket = 777
harakiri = 60
cpu-affinity = 1
vacuum = true
master = true
no-orphans = true
thunder-lock = true
disable-logging = true
I've obviously replaced all URL's with mywebsite. Also the dev subdomain exists and is correctly pointing to the server
If anyone can give assistance it would be greatly appreciated. I've spent far too many hours on this task
Related
Pretty new to Nginx and web deployment in general. I have a site I am aiming to deploy using a DigitalOcean droplet. Right now it is working, but only with http://[SERVER-IP] (here)
Although the site does load with HTTPS (here), no domain.com/[ X ] sites work.
The aim is to make get all URLs within https://rejesto.com functioning normally and leading to their respective sites.
For context, all links on the page are provided by Djagno's {% url '[url]' %} tag system; they work as intended locally, and using http://[SERVER-IP]/[ X ].
I'm assuming that the issue is within the Nginx config files because:
http://46.101.92.95/blog leads to the correct page. (for better or for worse)
https://rejesto.com/blog does not work.
Here is (what I believe to be) the relevant config file:
/etc/nginx/sites-available/rejesto.com:
server {
server_name rejesto.com www.rejesto.com;
location / {
try_files $uri $uri/ =404;
include proxy_params;
proxy_pass http://unix:/run/gunicorn.sock;
}
location = /favicon.ico { access_log off; log_not_found off; }
location /static/ {
root /home/rejesto/myprojectdir;
}
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/rejesto.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/rejesto.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = www.rejesto.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = rejesto.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
listen [::]:80;
server_name rejesto.com www.rejesto.com;
location / {
include proxy_params;
proxy_pass http://unix:/run/gunicorn.sock;
}
return 404; # managed by Certbot
}
server {
listen 80;
server_name 46.101.92.95;
location = /favicon.ico { access_log off; log_not_found off; }
location /static/ {
root /home/rejesto/myprojectdir;
}
location / {
include proxy_params;
proxy_pass http://unix:/run/gunicorn.sock;
}
}
For additional context, I was following these tutorials provided by Digital Ocean:
How To Install Nginx on Ubuntu 22.04
How To Secure Nginx with Let's Encrypt on Ubuntu 22.04
Your nginx configuration is incorrect.
Uninstall certbot and remove all the certificates.
Use this nginx configuration:
server {
listen 80;
listen [::]:80;
server_name www.rejesto.com;
return 301 $scheme://rejesto.com$request_uri;
}
server {
listen 80;
listen [::]:80;
server_name rejesto.com;
location = /favicon.ico { access_log off; log_not_found off; }
location /static/ {
root /home/rejesto/myprojectdir;
}
location / {
include proxy_params;
proxy_pass http://unix:/run/gunicorn.sock;
}
}
server {
listen 80;
server_name 46.101.92.95;
location = /favicon.ico { access_log off; log_not_found off; }
location /static/ {
root /home/rejesto/myprojectdir;
}
location / {
include proxy_params;
proxy_pass http://unix:/run/gunicorn.sock;
}
}
Initialise nginx:
sudo nginx -t
sudo systemctl restart nginx
Reinstall certbot and issue your certificates.
'settings django: ALLOWED_HOSTS = ['exemple.com','ip']
Dns pointe vers le domaine ?
systemctl restart gunicorn
systemctl restart nginx
proxy_pass http://unix:/var/run/gunicorn.sock'
I am currently trying to launch my Django website using Nginx and Gunicorn but my static files are not being found. I am on a Linux AMI not Ubuntu which makes things a bit harder and different because I got Nginx with
sudo amazon-linux-extras install nginx1.12
I was looking at these tutorials
http://www.threebms.com/index.php/2020/07/27/set-up-a-django-app-in-aws-with-gunicorn-nginx/
https://linuxtut.com/en/ce98f7afda7738c8cc1b/
but whenever I launch my website with
gunicorn --bind 0.0.0.0:8000 myappname.wsgi
it always says my static files are not found....
I have already done
python manage.py collectstatic
STATIC_URL = '/static/'
STATIC_ROOT = os.path.join(BASE_DIR, "static/")
This is my config file found at. sudo vi /etc/nginx/nginx.conf
I don't really know if I should keep the first server part that was there as default but the only part that is not default is the second server but the tutorials say just add a new one to the end
# For more information on configuration, see:
# * Official English Documentation: http://nginx.org/en/docs/
# * Official Russian Documentation: http://nginx.org/ru/docs/
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
# Load dynamic modules. See /usr/share/doc/nginx/README.dynamic.
include /usr/share/nginx/modules/*.conf;
events {
worker_connections 1024;
}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 4096;
include /etc/nginx/mime.types;
default_type application/octet-stream;
# Load modular configuration files from the /etc/nginx/conf.d directory.
# See http://nginx.org/en/docs/ngx_core_module.html#include
# for more information.
include /etc/nginx/conf.d/*.conf;
server {
listen 80;
listen [::]:80;
server_name _;
root /usr/share/nginx/html;
# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;
error_page 404 /404.html;
location = /404.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
server {
listen 8000;
#not real address but same format
server_name 12.18.123.613;
location = /favicon.ico { access_log off; log_not_found off; }
location /static/
{
autoindex on;
alias /home/ec2-user/pydjangoenv/myprojname/static/;
}
location / {
proxy_pass http://12.18.123.613;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
# Settings for a TLS enabled server.
#
# server {
# listen 443 ssl http2;
# listen [::]:443 ssl http2;
# server_name _;
# root /usr/share/nginx/html;
#
# ssl_certificate "/etc/pki/nginx/server.crt";
# ssl_certificate_key "/etc/pki/nginx/private/server.key";
# ssl_session_cache shared:SSL:1m;
# ssl_session_timeout 10m;
# ssl_ciphers PROFILE=SYSTEM;
# ssl_prefer_server_ciphers on;
#
# # Load configuration files for the default server block.
# include /etc/nginx/default.d/*.conf;
and the tree goes like this
Django-cloud9 - /home/ec2/user
pydjangoenv
myprojname
blog - this is an app
myprojname
static
users - this is an app
manage.py
requirements.txt
env
I have really been stuck on this for three days, any help is appreciated :-)
EDIT
After adding
urlpatterns =+ static(settings.STATIC_URL, document_root=settings.STATIC_ROOT)
to my urls.py the Django serves the static files, but not when debug is false
the static files don't work, I really have tried everything, please help.
I've deployed a Django application on DigitalOcean.
First off, when i try to secure this with https and ssl, I get this error.
when i run nginx -t :
nginx: [emerg] invalid parameter "server_name" in /etc/nginx/sites-enabled/django:12
nginx: configuration file /etc/nginx/nginx.conf test failed
upstream app_server {
server unix:/home/django/gunicorn.socket fail_timeout=0;
}
server {
#listen 80 default_server;
#listen [::]:80 default_server ipv6only=on;
listen 443 ssl
server_name domain.com
ssl_certificate /etc/letsencrypt/live/domain.com/fullchain.pem
ssl_certificate_key /etc/letsencrypt/live/domain.com/privkey.pem;
root /usr/share/nginx/html;
index index.html index.htm;
client_max_body_size 4G;
server_name _;
keepalive_timeout 5;
# Your Django project's media files - amend as required
location /media {
alias path/to/media;
}
# your Django project's static files - amend as required
location /static {
alias path/to/static;
}
# Proxy the static assests for the Django Admin panel
location /static/admin {
alias path/to/staticadmin;
}
location / {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
proxy_redirect off;
proxy_buffering off;
proxy_pass http://app_server;
}
}
server {
listen 80;
server_name domain.com;
return 301 https://$host$request_uri;
}
Furthermore, I can access the website using the ip address but not the domain name registered.It results in a 400 bad request page.
Could this be an issue with the settings.py ?
for reference in settings.pyALLOWED_HOSTS=['*']. What list do I provide in the ip_addresses() function?
Are these two problems related?
using Django v1.10.5
You're missing semicolons on a bunch of lines, that's why nginx -t is failing.
I'm trying to deploy my site using nginx, gunicorn, and django.
When I run gunicorn and load the page at first I was getting a 502 Bad gateway error then I switch the server name to the IP address of my server and now I get a Bad Request 400 error or the domain is unable to be found.
I've been following these steps from Test Driven Development.
I realized last night that I was using my staging server to update my live domain instead of a staging domain. So I created a staging domain as a subdomain of the live domain and created a separate directory for it, then git pulled down the work I had done previously, but it's not working.
My nginx conf file:
server {
listen 80;
server_name my-server-ip-address;
location / {
proxy_set_header Host $host;
proxy_pass http://unix:/tmp/mysitename.socket;
}
location /static {
autoindex on;
root /home/cmac/sites/mysitename/;
}
}
Nginx Error log:
2015/04/11 18:59:16 [error] 18650#0: *494 connect() to
unix:/tmp/mysitename.socket failed (111: Connection refused) while
connecting to upstream
My settings.py:
DEBUG = False
TEMPLATE_DEBUG = DEBUG
ALLOWED_HOSTS = [mysitename]
When I run gunicorn:
[2015-04-11 20:40:39 +0000] [4174] [INFO] Starting gunicorn 19.3.0
[2015-04-11 20:40:39 +0000] [4174] [INFO] Listening at: http://127.0.0.1:8000 (4174)
[2015-04-11 20:40:39 +0000] [4174] [INFO] Using worker: sync
[2015-04-11 20:40:39 +0000] [4177] [INFO] Booting worker with pid: 4177
Things were working before I decided to switch domains.
Edit whole nginx.conf file
user cmac;
worker_processes 1;
error_log /var/log/nginx/error.log;
#error_log /var/log/nginx/error.log notice;
#error_log /var/log/nginx/error.log info;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
include /etc/nginx/sites-enabled/mysitename;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
# Load modular configuration files from the /etc/nginx/conf.d directory.
# See http://nginx.org/en/docs/ngx_core_module.html#include
# for more information.
include /etc/nginx/conf.d/*.conf;
index index.html index.htm;
server {
listen 80;
server_name localhost;
root /usr/share/nginx/html;
#charset koi8-r;
#access_log /var/log/nginx/host.access.log main;
location / {
}
# redirect server error pages to the static page /40x.html
#
error_page 404 /404.html;
location = /40x.html {
}
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
# another virtual host using mix of IP-, name-, and port-based configuration
#
#server {
# listen 8000;
# listen somename:8080;
# server_name somename alias another.alias;
# root html;
# location / {
# }
#}
# HTTPS server
#
#server {
# listen 443;
# server_name localhost;
# root html;
# ssl on;
# ssl_certificate cert.pem;
# ssl_certificate_key cert.key;
# ssl_session_timeout 5m;
# ssl_protocols SSLv2 SSLv3 TLSv1;
# ssl_ciphers HIGH:!aNULL:!MD5;
# ssl_prefer_server_ciphers on;
# location / {
# }
#}
The include file (from /etc/nginx/sites-enabled/mysitename):
server {
listen 127.0.0.1;
server_name my-server-ip-address;
location / {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
proxy_pass http://unix:/tmp/mysitename.socket;
}
location /static {
autoindex on;
root /home/cmac/sites/mysitename/;
}
}
~
~
In mysitename you need to listen on port 80, and server_name as your your staging domain like staging.example.com, also do not use unix sock at the moment, put http://127.0.0.1:8000 in proxy_pass as where your gunicorn serves. Try also comment out the server block in your nginx.conf, it has conflicts with your mysitename.
Also, are you sure user cmac has permissions under your directory/files? normally it runs on www-data.
Hope this helps.
Trying to setup Nginx handling 2 domains I stucked with some problems. While my setup with two domains works correctly with static html handling, tried to push forward and start two python apps behind Nginx. I tried with some differents wsgi containers, and different micro frameworks, but the problem is that Nginx can't handle virtual hosts, rather it serves only one app at both domain adresses.
Here is Nginx conf:
user www-data;
worker_processes 8;
pid /var/run/nginx.pid;
events {
worker_connections 768;
}
http {
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
server_names_hash_bucket_size 64;
include /etc/nginx/mime.types;
default_type application/octet-stream;
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
gzip on;
gzip_disable "msie6";
server {
listen 80;
server_name www.domainA.com;
root /var/www/domainA.com;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Originating-IP $remote_addr;
proxy_set_header HTTP_REMOTE_ADDR $remote_addr;
proxy_set_header REMOTE_ADDR $remote_addr;
proxy_set_header CLIENT_IP $remote_addr;
proxy_pass http://127.0.0.2:7000;
}
}
server {
listen 80;
server_name www.domainB.com;
root /var/www/domainB.com;
location / {
... ... blah blah...same story...except this proxy pass.....
proxy_pass http://127.0.0.1:5000;
}
}
}
Any help ?
EDIT:
Just tried to add empty server block as 1st block and it return 404.
Are these outward facing websites?
If you put the full ip in your listen clause you should start working correctly.
listen 512.548.595.485:80;
Right now you have the server ip for both sites which is causing a conflict.
Hope this helps.
In the senario where virtual hosts share an ip and port, nginx selects the right virtual host by comparing the Host header sent by the client to each servers' server_name entry. If you have curl use the following to see exactly what you're sending for the Host header:
curl -s --trace-ascii - http://www.domainA.com | grep 'Host:'
To make your server_name more flexible use the .example.com notation. This is shorthand for example.com and *.example.com. Or just add as many server_name entries as you need.
Next confirm your apps are listening on the right ips and ports. Shell into your server and try:
curl -I 'http://127.0.0.1:5000'
curl -I 'http://127.0.0.2:7000'
Finally I ended with such problem. In testing conditions I didn't add all flavours which would make Nginx satisfied. Then I found THIS LINK :
If the “Host” header field does not match a server name, NGINX will route the request to the default server for this port. The default server is the first one listed in the nginx.conf file. This will be overridden if the default_server parameter is set in the listen directive within a server context. An example is given below.
Nginx docs and tutorials are dispersed on few web locations so finding few doesn't mean that you got all answers you need.
I think, this is your solution. Create a BASH file whose name should be virtualhost.sh. Copy and paste the following code:
#!/bin/bash
domain=$1
root="/data/$domain"
block="/etc/nginx/sites-available/$domain"
# Create the Document Root directory
mkdir -p $root
# Assign ownership to your regular user account
chown -R $USER:$USER $root
# Create the Nginx server block file:
tee $block > /dev/null <<EOF
server {
listen 80;
listen [::]:80;
root /data/$domain;
index index.php index.html index.htm;
server_name $domain www.$domain;
location / {
try_files $uri $uri/ =404;
}
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_buffer_size 128k;
fastcgi_buffers 4 256k;
fastcgi_busy_buffers_size 256k;
include fastcgi_params;
}
location ~ /\.ht {
access_log off;
log_not_found off;
deny all;
}
location ~* \.(jpg|jpeg|gif|png|css|js|ico|xml)$ {
access_log off;
log_not_found off;
expires 30d;
}
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
}
EOF
# Link to make it available
ln -s $block /etc/nginx/sites-enabled/
# Test configuration and reload if successful
nginx -t && service nginx reload
You need call this BASH file:
virtualhost.sh www.yourdomain.com