I have connected my Django (DRF) to Gunicorn and Nginx and put it all in docker.
When I load mysite.com/admin/ it looks bad, just plain text. So it seems like it does not load any static file. However, in Browser Console there are zero errors.
Moreover, I see that all the static files have been successfully loaded from server (all the /static/ requests are HTTP 200) and I can open them right in my browser by putting url: mysite.com/static/admin/css/base.css. And this file will successfully open. But admin site does not want to apply it.
On localhost with Debug=True everything is working fine too.
On main web site all the /media/ is working good too, so the problem is only within /static/.
nginx.conf
events {}
http {
server {
listen 80;
server_name mysite.com;
server_tokens off;
location / {
return 301 https://$host$request_uri;
}
}
server {
listen 80;
server_name api.mysite.com;
server_tokens off;
location / {
return 301 https://$host$request_uri;
}
}
server {
listen 443 ssl;
server_name mysite.com;
server_tokens off;
ssl_certificate /etc/nginx/certs/mysite.com-chain.pem;
ssl_certificate_key /etc/nginx/certs/mysite.com-key.pem;
location / {
proxy_pass http://10.0.2.237:3004; # React Frontend
}
}
server {
listen 443 ssl;
server_name api.mysite.com;
server_tokens off;
ssl_certificate /etc/nginx/certs/api.mysite.com-chain.pem;
ssl_certificate_key /etc/nginx/certs/api.mysite.com-key.pem;
location /media/ {
autoindex on;
alias /django-media/;
}
location /static/ {
autoindex on;
alias /django-static/;
}
location / {
try_files $uri #proxy_api;
}
location #proxy_api {
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Url-Scheme $scheme;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_pass http://10.0.2.237:7000; # Django Gunicorn Backend
}
}
}
docker-compose.backend.yml
version: '3.8'
services:
postgres_db:
container_name: postgres-prod
image: postgres
ports:
- "5543:5543"
volumes:
- postgres_data_prod:/var/lib/postgresql/data/
env_file:
- .env.production
command: -p 5543
web:
container_name: django-backend-prod
build: .
env_file:
- .env.production
ports:
- "7000:8001"
entrypoint: ./entrypoint.production.sh
volumes:
- .:/code
- media:/code/media
- static:/code/project/static
depends_on:
- postgres_db
networks:
- default
restart: always
volumes:
media:
driver_opts:
type: none
device: ${PWD}/media
o: bind
postgres_data_prod:
networks:
default:
external:
name: sentry-net
docker-compose.frontend.yml (in different directory, static and media are connected through volumes)
version: '3.8'
services:
frontapp:
container_name: React-Frontend-PROD
build:
context: .
dockerfile: Dockerfile
volumes:
- '.:/app'
- '/app/src'
- '/app/node_modules'
ports:
- "3004:3000"
env_file:
- .env.production
nginx:
image: nginx:latest
ports:
- "80:80"
- "443:443"
volumes:
- .nginx/nginx.conf:/etc/nginx/nginx.conf
- .certs/:/etc/nginx/certs
- django-backend-prod_media:/django-media
- django-backend-prod_static:/django-static
links:
- frontapp
depends_on:
- frontapp
networks:
- default
volumes:
django-backend-prod_media:
external: true
django-backend-prod_static:
external: true
networks:
default:
external:
name: sentry-net
Related
I am working on my django + nginx + docker-compose project
I want to access my site via ip and mysite.com
Problem -- ip url is working, but mysite.com returns error:
403 Forbidden Nginx
My code - docker-compose.yml
services:
django:
build: ./project # path to Dockerfile
command: sh -c "
sleep 3 && gunicorn --bind 0.0.0.0:8000 core_app.wsgi"
...
expose:
- 8000
env_file:
- ./.env
depends_on:
- db
nginx:
image: nginx:1.19.8-alpine
depends_on:
- django
env_file:
- ./.env
ports:
- "80:80"
volumes:
- ./project/nginx-conf.d/:/etc/nginx/conf.d
...
nginx-conf.conf
upstream app {
server django:8000;
}
server {
listen 80;
server_name 127.0.0.1 mysite.com www.mysite.com;
location / {
proxy_pass http://django:8000;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
proxy_redirect off;
}
location /static/ {
alias /var/www/html/static/;
}
}
UPDATE
I was trying to replace proxy_pass http://django:8000; with proxy_pass http://app; but it didn't help
Value of proxy_pass is incorrect.
When you're referencing an upstream group, you've to pass the name of the group to proxy_pass.
In your case, the name of upstream group is "app". So the value of proxy_pass should look like this:
proxy_pass http://app;
I have an application that I am running with multiple docker containers with a docker-compose file. Two main containers are django_container and nginx_container.
I want to force using https for my application but unfortunately, my Nginx config doesn't seem to work. Basically, my gunicorn server seems to be running OK.
I can see the http://django:8001 from inside the nginx_container, but I can't see http://example.com from inside it or outside.
Here is the content of my Nginx config
server {
listen 80;
server_name example.com;
rewrite ^ https://example.com$request_uri? permanent;
}
server {
listen 443 ssl;
server_name example.com;
ssl_certificate /etc/nginx/certs/example_com.crt;
ssl_certificate_key /etc/nginx/certs/cert.key;
access_log /log/nginx.access.log main;
location / {
proxy_pass http://django:8001;
proxy_set_header X-Forwarded-Proto $scheme;
}
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
To create the containers I use the following docker-compose.yml file, which read the values from the corresponding .env file
version: "3.9"
services:
postgres:
image: postgres:13.0
container_name: postgres_container
restart: always
ports:
- "5432:5432"
volumes:
- $P_VOLUME:/initdb.d/
environment:
P_USER: $P_USER
P_PASSWORD: $P_PASSWORD
P_DB: $P_DB
django:
build:
context: .
dockerfile: ./Dockerfile
container_name: django_container
depends_on:
- postgres
ports:
- "8001:8001"
volumes:
- $ROOT_DIR:/code/
environment:
SECRET_KEY: $SECRET_KEY
ROOT_DIR: $ROOT_DIR
nginx:
image: nginx
container_name: nginx_container
depends_on:
- django
ports:
- "80:80"
- "443:443"
environment:
NGINX_HOST: $NGINX_HOST
NGINX_PORT: 80
volumes:
- $ROOT_DIR/config/$NGINX_CONF:/etc/nginx/conf.d/default.conf
- $ROOT_DIR/log/:/log/
- $ROOT_DIR/certs/:/etc/nginx/certs/
I checked the .env file and it seems the paths and configs are correct.
What am I missing here? Thanks a ton!
In my project, I am using Django and nginx, but I want to manage my cloud databases through phpmyadmin.
Django is working fine but I can't do the same with phpmyadmin because it is running in apache at localhost:8080, when I want it to run in nginx at localhost/phpmyadmin.
here is the docker-compose.yml
version: "3.9"
services:
web:
restart: always
build:
context: .
env_file:
- .env
volumes:
- ./project:/project
expose:
- 8000
nginx:
restart: always
build: ./nginx
volumes:
- ./static:/static
ports:
- 80:80
depends_on:
- web
phpmyadmin:
image: phpmyadmin/phpmyadmin:latest
restart: always
environment:
PMA_HOST: <host_address>
PMA_USER: <user>
PMA_PASSWORD: <password>
PMA_PORT: 3306
UPLOAD_LIMIT: 300M
ports:
- 8080:80
and nginx default.conf
upstream django{
server web:8000;
}
server{
listen 80;
location / {
proxy_pass http://django;
}
location /pma/ {
proxy_pass http://localhost:8080/;
proxy_buffering off;
}
location /static/ {
alias /static/;
}
}
I hope somebody will be able to tell me how to make nginx work as a reverse proxy for the phpMyAdmin docker container.
If some important information is missing please let me know.
You can access another docker container with its hostname and the internal port (not the exposed one).
Also a rewrite of the url is necessary.
location ~ \/pma {
rewrite ^/pma(/.*)$ $1 break;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $host;
proxy_pass http://phpmyadmin;
}
I tested with this docker-compose.yml:
version: "3.9"
services:
nginx:
image: nginx:latest
volumes:
- ./templates:/etc/nginx/templates
ports:
- 80:80
phpmyadmin:
image: phpmyadmin/phpmyadmin:latest
I'm building my first project with Django, NGINX and Docker. Below the nginx.conf:
upstream project {
server website:8000;
}
server {
listen 80;
server_name MY-DOMAIN;
location / {
proxy_pass http://project;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
proxy_redirect off;
client_max_body_size 4G;
}
location /static/ {
alias /app/static-folder/;
}
location /media/ {
alias /app/media-folder/;
}
}
And the docker-compose:
version: '3.7'
services:
website:
container_name: web_project
image: project/django
build: ./djangodocker
restart: always
env_file: prod.env
command: sh -c "cd djangodocker/ &&
gunicorn djangodocker.wsgi:application --bind 0.0.0.0:8000"
volumes:
- static-folder:/app/static-folder
- media-folder:/app/media-folder
expose:
- 8000
nginx:
container_name: nginx_web_project
image: project/nginx
build: ./nginx
volumes:
- static-folder:/app/static-folder
- media-folder:/app/media-folder
ports:
- 8000:80
depends_on:
- website
volumes:
static-folder:
media-folder:
I can build the image but I can't see the website into the correct url. I see the website at MY-DOMAIN:8000 instead of MY-DOMAIN and this is my problem.
You map the nginx port to port 8000 on the line
- 8000:80
in your docker-compose file. Change that to
- 80:80
That way, nginx listens on port 80 on the host machine and you don't need to specify the port number.
I'm not sure how much sense it would make, but I was learning docker to deploy Django app with Gunicorn + Nginx + AWS.
So far, it works fine, where I have unit tested it in production.
My question is how can I access pgAdmin4 now?
docker-compose.staging.yml
version: '3.8'
# networks:
# public_network:
# name: public_network
# driver: bridge
services:
web:
build:
context: .
dockerfile: Dockerfile.prod
# image: <aws-account-id>.dkr.ecr.<aws-region>.amazonaws.com/django-ec2:web
command: gunicorn djangotango.wsgi:application --bind 0.0.0.0:8000
volumes:
# - .:/home/app/web/
- static_volume:/home/app/web/static
- media_volume:/home/app/web/media
expose:
- 8000
env_file:
- ./.env.staging
networks:
service_network:
db:
image: postgres:12.0-alpine
volumes:
- postgres_data:/var/lib/postgresql/data/
env_file:
- ./.env.staging.db
networks:
service_network:
# depends_on:
# - web
pgadmin:
image: dpage/pgadmin4
env_file:
- ./.env.staging.db
ports:
- "8080:80"
volumes:
- pgadmin-data:/var/lib/pgadmin
depends_on:
- db
links:
- "db:pgsql-server"
environment:
- PGADMIN_DEFAULT_EMAIL=pgadmin4#pgadmin.org
- PGADMIN_DEFAULT_PASSWORD=fakepassword
- PGADMIN_LISTEN_PORT=80
networks:
service_network:
nginx-proxy:
build: nginx
# image: <aws-account-id>.dkr.ecr.<aws-region>.amazonaws.com/django-ec2:nginx-proxy
restart: always
ports:
- 443:443
- 80:80
networks:
service_network:
volumes:
- static_volume:/home/app/web/static
- media_volume:/home/app/web/media
- certs:/etc/nginx/certs
- html:/usr/share/nginx/html
- vhost:/etc/nginx/vhost.d
- /var/run/docker.sock:/tmp/docker.sock:ro
labels:
- "com.github.jrcs.letsencrypt_nginx_proxy_companion.nginx_proxy"
depends_on:
- web
nginx-proxy-letsencrypt:
image: jrcs/letsencrypt-nginx-proxy-companion
env_file:
- .env.staging.proxy-companion
networks:
service_network:
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
- certs:/etc/nginx/certs
- html:/usr/share/nginx/html
- vhost:/etc/nginx/vhost.d
depends_on:
- nginx-proxy
networks:
service_network:
volumes:
postgres_data:
pgadmin-data:
static_volume:
media_volume:
certs:
html:
vhost:
I can access the django application through my domain name like xyz.example.com. I have just shown the docker-compose here.
Also within local I can access pgadmin4 via localhost:8080.
Is it possible to do it in production? If yes how?
I would be using AWS RDS for database, but for now my database is within docker container, so I'm thinking how to access it now?
I found some documentation.
https://www.pgadmin.org/docs/pgadmin4/development/container_deployment.html
The url to access your pgadmin page would be configured in nginx. This example:
server {
listen 80;
return 301 https://$host$request_uri;
}
server {
listen 443;
server_name _;
ssl_certificate /etc/nginx/server.cert;
ssl_certificate_key /etc/nginx/server.key;
ssl on;
ssl_session_cache builtin:1000 shared:SSL:10m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;
ssl_prefer_server_ciphers on;
location /pgadmin4/ {
proxy_set_header X-Script-Name /pgadmin4;
proxy_set_header X-Scheme $scheme;
proxy_set_header Host $host;
proxy_pass http://localhost:5050/;
proxy_redirect off;
}
}
The important parts I am catching here are the location /pgadmin4/ redirecting to the localhost:5050. In your case, it would be localhost:8080.
It looks like in your other post you included your nginx config:
https://www.digitalocean.com/community/questions/no-live-upstream-while-connecting-to-upstream-jwilder-ngnix-proxy
upstream djangotango.meghaggarwal.com {
server web:8000;
}
server {
listen 80;
listen 443;
server_name djangotango.meghaggarwal.com
location / {
proxy_pass http://djangotango.meghaggarwal.com;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
proxy_redirect off;
}
location /static/ {
alias /home/app/web/static/;
add_header Access-Control-Allow-Origin *;
}
location /media/ {
alias /home/app/web/media/;
add_header Access-Control-Allow-Origin *;
}
}
I would suggest adding a section like :
location /pgadmin4/ {
proxy_set_header X-Script-Name /pgadmin4;
proxy_set_header X-Scheme $scheme;
proxy_set_header Host $host;
proxy_pass http://localhost:8080/;
proxy_redirect off;
}
It might not be the only configuration you need to add... I have only skimmed the documentation. I am sure the link may help you more if this doesn't do the trick.