I have a Django server which uses websockets (Django channels). I have the following configurations of daphne and nginx.
What the right way to configure ngnix for wss websockets?
Here's what I have:
/etc/nginx/sites-available/trading-backend
server {
server_name trading-backend-test.myserver.com;
location = /favicon.ico { access_log off; log_not_found off; }
location /static/ {
alias /home/vagram/trading-backend/static_root/;
}
location /media/ {
alias /home/vagram/trading-backend/media_root/;
}
location /ws/ {
proxy_pass http://unix:/home/vagram/run/daphne.sock;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_redirect off;
}
location / {
include proxy_params;
proxy_pass http://unix:/home/vagram/trading-backend.sock;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/trading-backend-test.myserver.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/trading-backend-test.myserver.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = trading-backend-test.myserver.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name trading-backend-test.myserver.com;
return 404; # managed by Certbot
}
/etc/systemd/system/daphne.socket
[Unit]
Description=daphne socket
[Socket]
ListenStream=/run/daphne.sock
[Install]
WantedBy=sockets.target
/etc/systemd/system/daphne.service
Description=WebSocket Daphne Service
Requires=daphne.socket
After=network.target
[Service]
Type=simple
User=vagram
WorkingDirectory=/home/vagram/trading-backend/src
ExecStart=/home/vagram/trading-backend/env/bin/daphne -b 0.0.0.0 -p 8001 project.asgi:application
Restart=on-failure
[Install]
WantedBy=multi-user.target
Related
i hope that u can help me.
I deployed my django application to an ubuntu 20.04 server with nginx and gunicorn.
This is my settings:
gunicorn.service
[Unit]
Description=gunicorn daemon
Requires=gunicorn.socket
After=network.target
[Service]
User=ubuntu
Group=www-data
WorkingDirectory=/var/www/PlugSell
ExecStart=/var/www/PlugSell/env/bin/gunicorn --access-logfile - --error-logfile - -k uvicorn.workers.UvicornWorker --workers 3 --bind unix:/run/gunicorn.sock minible.asgi:application
[Install]
WantedBy=multi-user.target
app nginx conf
server {
server_name 3.73.206.145 127.0.0.1 sell.plug-shop.com;
location = /favicon.ico {
access_log off; log_not_found off;
}
location /static/ {
root /var/www/PlugSell;
}
location / {
include proxy_params;
proxy_pass http://unix:/run/gunicorn.sock;
}
location /ws/ {
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Url-Scheme $scheme;
proxy_redirect off;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_pass http://unix:/run/gunicorn.sock;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/sell.plug-shop.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/sell.plug-shop.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = sell.plug-shop.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name 3.73.206.145 127.0.0.1 sell.plug-shop.com;
return 404; # managed by Certbot
}
in settings.py i have
CHANNEL_LAYERS = {
"default": {
"BACKEND": "channels_redis.core.RedisChannelLayer",
"CONFIG": {
"hosts": [("127.0.0.1", 6379)],
},
},
}
and in my asgi.py
os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'minible.settings')
django.setup()
application = ProtocolTypeRouter({
"http": get_asgi_application(),
"websocket": AuthMiddlewareStack(
URLRouter(
[
path('ws/notification/',
consumer.NotificationConsumer.as_asgi())
]
)
)
})
Redis is installed and work perfectly (binding at 0.0.0.0)
Everything works perfectly but the websocket doesn't work.
I try to connect to the websocket via "wss://sell.plug-shop.com/ws/notification/" but the connection always fails. In the nginx log file it does not give me any information regarding some connection error to the websocket
I'm getting an error while connecting the websocket.
And I have read similar Q&A on stackoverflow but still not working for me. I've been trying all sorts of ways for days but still can't make the connection. This is my mistake
The server I use is: Django + Gunicorn + Nginx + Daphne
Browser error
WebSocket connection to 'wss://mydomain/ws/some_url/' failed:
Below is my config on the server
Ngnix config:
server {
server_name ****** mydomain www.mydomain;
location = /favicon.ico { access_log off; log_not_found off; }
location /static/ {
alias /home/django/magi/src/staticfiles/;
}
location / {
include proxy_params;
proxy_pass http://unix:/run/gunicorn.sock;
}
location /ws/ {
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_redirect off;
proxy_pass http://127.0.0.1:8001;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/mydomain/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/mydomain/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}server {
if ($host = www.mydomain) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host =mydomain) {
return 301 https://$host$request_uri;
} # managed by Certbot
server_name ****** mydomain www.mydomain;
listen 80;
return 404; # managed by Certbot
}
If you need to check any files, please comment below so I can add them!
Thank you very much
This issue is probably because you haven't added an upstream block in the Nginx configuration which will allow your WebSocket requests to get redirected on port 8001.
your Nginx config should be like below:
upstream channels-backend {
server localhost:8001;
}
server {
server_name ****** mydomain www.mydomain;
location = /favicon.ico { access_log off; log_not_found off; }
location /static/ {
alias /home/django/magi/src/staticfiles/;
}
location / {
include proxy_params;
proxy_pass http://unix:/run/gunicorn.sock;
}
location /ws/ {
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_redirect off;
proxy_pass http://127.0.0.1:8001;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/mydomain/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/mydomain/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}server {
if ($host = www.mydomain) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host =mydomain) {
return 301 https://$host$request_uri;
} # managed by Certbot
server_name ****** mydomain www.mydomain;
listen 80;
return 404; # managed by Certbot
}
Also, try to first remove the SSL configuration for HTTPS and WSS you did by using Certbot and make sure everything is working under HTTP and WS.
If it is still not working on WSS even after adding the upstream block, check for redirect config added by Certbot, try to remove them, and test it.
server {
if ($host = www.mydomain) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host =mydomain) {
return 301 https://$host$request_uri;
} # managed by Certbot
server_name ****** mydomain www.mydomain;
listen 80;
return 404; # managed by Certbot
}
I have 2 machines one is django (https://orgofoods.com) and another one is wordpress (https://blog.orgofoods.com). Django is running with nginx, gunicorn and the configuration goes like this
upstream app_server {
server unix:/home/django/gunicorn.socket fail_timeout=0;
}
server {
root /usr/share/nginx/html;
index index.html index.htm;
client_max_body_size 4G;
server_name orgofoods.com;
keepalive_timeout 5;
# Your Django project's media files - amend as required
location /media {
alias /home/django/django_project/django_project/media;
}
# your Django project's static files - amend as required
location /static {
alias /home/django/django_project/django_project/static;
}
# Proxy the static assests for the Django Admin panel
location /static/admin {
alias /usr/lib/python2.7/dist-packages/django/contrib/admin/static/admin/;
}
location /blog {
proxy_pass https://blog.orgofoods.com;
}
location /blog/wp-content {
proxy_pass https://blog.orgofoods.com/wp-content;
}
location /blog/wp-includes {
proxy_pass https://blog.orgofoods.com/wp-includes;
}
location /blog/wp-login.php {
proxy_pass https://blog.orgofoods.com/wp-login.php;
}
location /blog/wp-admin {
proxy_pass https://blog.orgofoods.com/wp-admin;
}
location / {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
proxy_redirect off;
proxy_buffering off;
proxy_pass http://app_server;
}
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/orgofoods.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/orgofoods.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = orgofoods.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80 default_server;
listen [::]:80 default_server ipv6only=on;
server_name orgofoods.com;
return 404; # managed by Certbot
}
but when i try to access orgofoods.com/blog it is returning 404 error, and the request is handled by nginx where as it needs to be handled by apache, please any one can shed some light on it.
dev tools network screenshot
Thanks in advance
p.s.: i followed this tutorial (https://jeffreyeverhart.com/2016/12/11/wordpress-nginx-proxy-server-subdomain-subdirectory)
I'm running a Django Channels app on DigitalOcean, Ubuntu 16.04 using Daphne and Nginx.
Followed this post.
Nginx will only be used as a proxy for your django application, your
django application will be running with daphne.
And you should have daphne running on 127.0.0.1:8001 (or change the
port to your likings).
I have enabled Let’s Encrypt SSL for my page and told all http requests to be redirected to https.
My page is showing the error
myapp.com redirected you too many times.
I'm running daphne on 127.0.0.1:8001.
daphne -b 127.0.0.1 -p 8001 myapp.asgi:application
My nginx config file
server {
server_name myapp.com www.myapp.com;
server_tokens off;
return 301 https://$server_name$request_uri;
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/myapp.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/myapp.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = www.myapp.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = myapp.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name myapp.com www.myapp.com;
return 404; # managed by Certbot
root /home/me/myapp/src/myapp;
location = /favicon.ico { access_log off; log_not_found off; }
location /static/ {
root /home/me/myapp/src/myapp;
}
location /media/ {
root /home/me/myapp/src/myapp;
}
location / {
try_files $uri $uri/ #python_django;
}
location #python_django {
proxy_pass http://127.0.0.1:8001;
proxy_pass_request_headers on;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_redirect off;
}
}
The first block of your configuration is not properly set. The listen 443 line is supposed to be on the second block. Try to these configurations.
server {
listen 80;
server_name myapp.com www.myapp.com;
server_tokens off;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl; # managed by Certbot
server_name myapp.com www.myapp.com;
ssl_certificate /etc/letsencrypt/live/myapp.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/myapp.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
root /home/me/myapp/src/myapp;
location = /favicon.ico { access_log off; log_not_found off; }
location /static/ {
root /home/me/myapp/src/myapp;
}
location /media/ {
root /home/me/myapp/src/myapp;
}
location / {
try_files $uri $uri/ #python_django;
}
location #python_django {
proxy_pass http://127.0.0.1:8001;
proxy_pass_request_headers on;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_redirect off;
}
}
I've exhausted myself trying to solve this, I hope I can get some help
I wish to host two Django projects on a single DigitalOcean droplet.
I can host one site with no problem after following this guide but I just cant figure out a way to make this work with two sites.
Currently example.com works, and example2.com has the problem that it is Using project1 settings module - project1.settings. I need it to use project2.settings module from it's project directory and I've no idea how to do this.
My gunicorn.socket file for project1:
[Unit]
Description=gunicorn socket
[Socket]
ListenStream=/run/gunicorn.sock
[Install]
WantedBy=sockets.target
My gunicorn.socket file for project2:
[Unit]
Description=gunicorn socket
[Socket]
ListenStream=/run/project2.gunicorn.sock
[Install]
WantedBy=sockets.target
My gunicorn.service file for project1:
[Unit]
Description=gunicorn daemon
Requires=gunicorn.socket
After=network.target
[Service]
User=rain
Group=www-data
WorkingDirectory=/home/rain/rv/project1-web
ExecStart=/home/rain/rv/rv-env/bin/gunicorn \
--access-logfile - \
--workers 3 \
--bind unix:/run/gunicorn.sock \
project1.wsgi:application
[Install]
WantedBy=multi-user.target
I figured there should be a second service file for the other project so I created project2.gunicorn.service:
[Unit]
Description=gunicorn daemon
Requires=project2.gunicorn.socket
After=network.target
[Service]
User=rain
Group=www-data
WorkingDirectory=/home/rain/rv/project2-web
ExecStart=/home/rain/rv/rv-env/bin/gunicorn \
--access-logfile - \
--workers 3 \
--bind unix:/run/gunicorn.sock \
project2.wsgi:application
[Install]
WantedBy=multi-user.target
My nginx sites-available file for project1:
server {
server_name example.com;
charset utf-8;
location = /favicon.ico { access_log off; log_not_found off; }
location /static/ {
root /home/rain/rv/project1-web;
}
location / {
include proxy_params;
proxy_pass http://unix:/run/gunicorn.sock;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
server_name www.example.com;
charset utf-8;
return 301 https://example.com$request_uri;
}
server {
if ($host = www.example.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = example.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name example.com www.example.com;
return 404; # managed by Certbot
}
And another server block for project2:
server {
server_name example2.com;
charset utf-8;
location = /favicon.ico { access_log off; log_not_found off; }
location /static/ {
root /home/rain/rv/project2-web;
}
location / {
include proxy_params;
proxy_pass http://unix:/run/project2.gunicorn.sock;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/example2.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/example2.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
server_name www.example2.com;
charset utf-8;
return 301 https://example2.com$request_uri;
}
server {
if ($host = www.example2.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = example2.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name example2.com www.example2.com;
return 404; # managed by Certbot
}