I ran into a problem once I install and add "channels" to the settings and after that to the asgi file. Server crashes, I get 502 and nginx won't start. How can I add these channels and start working already
ASGI_APPLICATION = "mysite.asgi.application"
application = ProtocolTypeRouter({
"http": get_asgi_application(),
# Just HTTP for now. (We can add other protocols later.)
# WebSocket chat handler
"websocket": AuthMiddlewareStack(
URLRouter([
])
),
})
help, I'm sure a lot of people have come across this, thanks
Did you configure Nginx properly? Below is a sample Nginx config.
upstream channels-backend {
server localhost:8000;
}
...
server {
...
location / {
try_files $uri #proxy_to_app;
}
...
location #proxy_to_app {
proxy_pass http://channels-backend;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
}
...
}
See the deployment guide here: https://channels.readthedocs.io/en/latest/deploying.html
Related
I'm having trouble exposing Zipkin UI (running in a container) behind Nginx.
I have a spring microservices that I have deployed on an ec2 instance on AWS, and I used Nginx as a load balancer to map locations to upstream using proxy_pass, and I've configured a location mapped to Zipkin upstream just like this:
location /tracing/ {
return 302 /tracing/;
}
location /tracing {
proxy_pass http://localhost:9411/;
}
but when I enter this location in the browser it redirects me to another location / which is binded to another upstream
location / {
proxy_pass http://localhost:4200/;
}
I think this may help you
location /zipkin {
proxy_pass http://localhost:9411;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-Port $server_port;
proxy_set_header X-Forwarded-Proto $scheme;
}
I use nginx as reverse proxy for daphne to use django channels.
Here's my nginx.conf
server {
listen 80;
server_name <ip_addr>;
location / {
proxy_pass http://0.0.0.0:8001;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
}
}
in daphne's log:
2017-07-17 08:45:35,011 DEBUG WebSocket daphne.response.xxx open and established
2017-07-17 08:45:35,011 DEBUG WebSocket daphne.response.xxx accepted by application
but WebSocket's connect in client side doesn't receive any message
Can you help me?
UPDATE:
client-side code (I use Starscream library for WebSocket connection in Swift):
socket = WebSocket(url: URL(string: "ws://site/proxy?token="+token!)!)
func websocketDidConnect(socket: WebSocket) {
print("websocket is connected")
}
socket.connect()
routing.py:
channel_routing = [
route("websocket.receive", 'project.consumers.ws_message'),
route("websocket.connect", 'project.consumers.ws_connect'),
]
consumers.py:
#rest_token_user
def ws_connect(message):
message.reply_channel.send({"accept": True})
res_user from: https://gist.github.com/leonardoo/9574251b3c7eefccd84fc38905110ce4
My django app works fine on local machine as well as on Heroku, however I'm having troubles to deploy it do Digital Ocean Ubuntu 16.04 droplet. Followed this tutorial, app has started but websockets didn't work.
By running in terminal virtual environment: daphne -b 0.0.0.0 -p 8000 slist.asgi:channel_layer
and in second terminal window:
./manage.py runworker
The app works but only on port 8000. I can't access it on mydomain.com but only on mydomain.com:8000.
When I close terminal windows the site cannot be accessed.
What and how needs to be set for the site to run without my terminal windows and without the ':8000'?
My gunicorn.service file:
[Unit]
Description=gunicorn daemon
After=network.target
[Service]
User=kuba1
Group=www-data
WorkingDirectory=/home/kuba1/slistproject
ExecStart=/home/kuba1/slistproject/slistvenv/bin/gunicorn --workers 3 --bind unix:/home/kuba1/slistproject/slistvenv/src/slist.sock slist.wsgi:application
[Install]
WantedBy=multi-user.target
my Nginx settings:
server {
listen 80;
server_name server_name fortests.ovh;
client_max_body_size 20M;
location /static/ {
root /home/kuba1/slistproject/slistvenv/src;
}
location / {
proxy_pass http://unix:/home/kuba1/slistproject/slistvenv/src/slist.sock;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
}
}
You have to proxy_pass the domain to that port 8000:
location / {
proxy_pass_header Server;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Scheme $scheme;
proxy_connect_timeout 10;
proxy_read_timeout 10;
proxy_pass http://localhost:8001/;
}
It should be:
proxy_set_header Connection "Upgrade";
Working config for me:
upstream websocket {
server unix:/path/to/daphne.sock fail_timeout=20;
}
location /url/socket/ {
try_files $uri #proxy_to_channel_app;
}
location #proxy_to_channel_app {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Real-IP $remote_addr;
# enable this if and only if you use HTTPS
proxy_set_header X-Forwarded-Proto https;
proxy_set_header Host $http_host;
# web socket setup
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'Upgrade';
# we don't want nginx trying to do something clever with
# redirects, we set the Host: header above already.
proxy_redirect off;
proxy_pass http://websocket;
}
Daphne command:
daphne -u run/daphne.sock project.asgi:channel_layer
Is there a way to access AWS web console via nginx reverse proxy through my subdomain?
Here is the nginx configuration is have been using :
server {
listen localhost:443 ssl;
server_name aws1.subdomain.com;
include snippets/proxy_ssl.conf;
location / {
proxy_pass https://console.aws.amazon.com/;
proxy_set_header Host $host;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_read_timeout 86400;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_redirect off;
proxy_hide_header X-Frame-Options;
}
}
The above configuration throws:
NetworkError: 400 Bad Request
And shows amazon's default 400 bad request page when i try to access https://aws1.subdomain.com in my browser.
I have this working using the following lines in nginx.conf. You can also add lines for http auth as required depending on your config.
location = / { rewrite ^ /_plugin/kibana/ redirect; }
location / {
proxy_pass https://<es-domain-url>.es.amazonaws.com;
proxy_http_version 1.1;
proxy_set_header Authorization "";
proxy_hide_header Authorization;
proxy_set_header X-Forwarded-Proto $scheme;
}
TLDR: How to share cookies between subdomains for a backend application sever that I cannot "configure" using nginx (1.8.x) as a proxy - some magical combination of proxy_*?
A tornado web server is running on "127.0.0.1:9999/ipython" that I cannot configure (it's running as part of an ipython notebook server). I'm using nginx to proxy from "www.mysite.com" to 127.0.0.1:9999 successfully (http traffic at least).
However, part of the backend application requires Websockets. Because I am using CloudFlare, I have to use a separate domain for Websockets ("Websockets are currently only available for Enterprise customers ... All other customers ... should create a subdomain for Websockets in their CloudFlare DNS and disable the CloudFlare proxy"). I'm using "ws.mysite.com".
When a user logs in at "https :// www.mysite.com", a cookie is set by the tornado web server for "www.mysite.com" (I can't seem to configure it, otherwise I would just set it to ".mysite.com"). When the websocket part of the application kicks in, it sends a request to "wss :// ws.mysite.com", but fails to authenticate because the cookie is set for a different domain("www.mysite.com").
Is it possible for nginx to "spoof" the domain so the tornado webserver registers it for ".mysite.com"? proxy_cookie_domain doesn't seem to work as I'd expect... Should I hard code "proxy_set_header Host"?
I was thinking a nginx conf similar to....
upstream ipython_server {
server 127.0.0.1:8888;
}
server {
listen 443;
server_name www.mysite.com;
ssl_certificate cert.crt;
ssl_certificate_key cert.key;
ssl on;
# **** THIS DOESN'T WORK ??? ****
proxy_cookie_domain www.mysite.com .mysite.com;
location /ipython/static {
proxy_pass https://ipython_server$request_uri;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location /ipython/api/sessions {
proxy_pass https://ipython_server$request_uri;
proxy_set_header Host $host;
proxy_set_header Origin "";
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location /ipython {
proxy_pass https://ipython_server$request_uri;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location / {
try_files $uri $uri/ =404;
}
}
server {
listen 443;
server_name ws.azampagl.com;
ssl_certificate cert.crt;
ssl_certificate_key cert.key;
ssl on;
# **** THIS DOESN'T WORK ??? ****
proxy_cookie_domain ws.mysite.com .mysite.com;
# This is the websocket location
location /ipython/api/kernels/ {
proxy_pass https://ipython_server$request_uri;
proxy_redirect off;
proxy_http_version 1.1;
chunked_transfer_encoding off;
proxy_buffering off;
proxy_read_timeout 86400;
proxy_set_header Host $host;
proxy_set_header Origin "";
proxy_set_header Upgrade websocket;
proxy_set_header Connection "upgrade";
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-NginX-Proxy true;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
I've been looking in the nginx lua module? It looks like you can set cookie domains, but it looks hackish...
Thanks greatly in advance for your assistance!
(Side note: I do technically have access to the tornado configuration, but there is zero documentation on how to set the "cookie domain" for the server. i.e.
c.NotebookApp.tornado_settings = {'cookie_domain????':'.mysite.com'}
)