Currently, I'm deploying a react app and using django as the backend API on an ubuntu nginx server. The react app is already online have a SSL certificate, but the backend API does not. By default, browsers can't show a http content on a https connection.
Do I need to get another SSL certificate afor the backend API? Or is there another way to do it?
Nginx conf file (for the frontend part. I'm not sure how to configure the backend):
The backend is currently running on xxx.xx.x.xx:8000 (using gunicorn --daemon --bind xxx.xx.x.xx:8000)
server {
server_name xxxxxx.com www.xxxxxx.com xxx.xx.x.xx;
root /var/www/frontend/build;
index index.html index.htm;
location / {
try_files $uri $uri/ /index.html =404;
}
listen 443 ssl;
ssl_certificate /etc/letsencrypt/live/fromnil.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/fromnil.com/privkey.pem;
include /etc/letsencrypt/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
}
server {
if ($host = www.xxxxxx.com) {
return 301 https://$host$request_uri;
}
if ($host = xxxxxx.com) {
return 301 https://$host$request_uri;
}
server_name xxxxxx.com www.xxxxxx.com xxx.xx.x.xx;
listen 80;
return 404;
}
Thanks
Found this link, but wasn't able to post a comment because my reputation is not enough. And I don't really understand. Can anyone help me?
How to deploy react and django in aws with a ssl and a domain
Related
I have a web backend implemented in Django and running on Gunicorn. Plus, I also have a Vue.js app that uses this backend. I want to run both of them on nginx and also do HTTPS configs.
This is how my "/etc/nginx/nginx.conf" file looks like:
...
server {
server_name .website.com;
listen 80;
return 307 https://$host$request_uri;
}
server {
location / {
proxy_set_header Host $host;
proxy_pass http://localhost:8080; # where the Django app over gunicorn is running
}
location /static {
root /code/frontend/dist/; # static frontend code created with vite on vue.js
autoindex on;
index index.html;
try_files $uri $uri/ /index.html;
}
# ssl configs
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/website.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/website.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
Both of them, Django and Vue.js part, are hosted in a single Docker container. 80 and 8080 ports of this container is mapped to 80 and 8080 ports of the host PC.
443, 8080 and 80 ports are open on the machine for inbound connections. Sending a post request to http://website.com:8080/bla do returns correct values, meaning that backend seems to be working but on http only and not on https.
Still when I go to the "website.com", I receive "This site can't be reached" error. Where am I doing wrong exactly and how can I run both on nginx and both over ssl/https?
I'm trying to set up a webhook with python-telegram-bot and Nginx. I am faced with a problem, my bot doesn't get messages from telegram. I also tried to make GET/POST queries from the postman and I always get a "502 Bad Gateway" error. I also launched the netstat to monitor port 5000 where my telegram bot connects but it is always empty. It seems like webhook doesn't launch at all.
My Nginx default.conf file looks like the following:
upstream django {
server gunicorn:8000;
}
server {
listen 80;
server_name example.com www.example.com;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
ssl on;
server_name example.com www.example.com;
ssl_certificate fullchain.pem;
ssl_certificate_key privkey.pem;
access_log /var/log/nginx/nginx.vhost.access.log;
error_log /var/log/nginx/nginx.vhost.error.log;
location /TELEGRAM_TOKEN {
proxy_pass http://0.0.0.0:5000/TELEGRAM_TOKEN/;
}
location /static/ {
alias /static/;
}
location / {
proxy_pass http://example.com:8000;
}
}
And my telegram client code:
updater = Updater(api_token)
updater.dispatcher.add_handler(CommandHandler('start', start))
updater.dispatcher.add_handler(CallbackQueryHandler(button))
updater.dispatcher.add_handler(MessageHandler(Filters.text & ~Filters.command, custom_command))
jq = updater.job_queue
job_minute = jq.run_repeating(callback_minute, interval=5)
#updater.start_polling()
updater.start_webhook(listen="0.0.0.0", port=5000, url_path=api_token,
webhook_url=f'https://example.com/{api_token}')
updater.idle()
I also have Django options for the Nginx server but I've never seen any tutorial or documentation on how to tune the webhook with Django and it can be the reason for my problems.
Have anyone any idea about solving my problem?
CallMeStag, your advice to use the following code helped me solve the issue:
print(Bot(api_token).get_webhook_info()))
I had 2 problems with the Nginx config file
First: ssl on
It gave me an error connection refused and I deleted it
Second
I changed this
location /TELEGRAM_TOKEN {
proxy_pass http://0.0.0.0:5000/TELEGRAM_TOKEN/;
}
to this
location /TELEGRAM_TOKEN {
proxy_pass http://example.com:5000/TELEGRAM_TOKEN/;
}
and the webhook is now working.
Thank you.
I am currently deploying my django app on a server AWS Lightsail Debian 10.8. It's working fine with http. So I wnated to turn my app into HTTPS and getting an SSL certificate. I followed 2 tutorials about it :
This guy
This page
Once all these steps done nothing works anymore even in HTTP, the site isn't accessible... Here is the config file in /etc/nginx/sites-available.
server {
server_name 13.38.76.96 www.zlochteam.com;
location / {
include proxy_params;
proxy_pass http://localhost:8000/;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/www.zlochteam.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/www.zlochteam.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = www.zlochteam.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name 13.38.76.96 www.zlochteam.com;
return 404; # managed by Certbot
}
I wanted to know if someone has ecountered the same issue and how he solved it.
Thanks !
Before you run the commands in certbot, make sure you have the following in your Nginx:
server {
listen 80;
server_name 13.38.76.96 www.zlochteam.com;
listen [::]:80;
...
Seems like certbot now requires the ipv6 as well.
Http has break because the certbot added the redirect return 301 https://$host$request_uri;
You should test config by command nginx -t and then reload config nginx -s reload.
Resolved
I just had to allow connection from the port 443 on AWS LightSail, such a dummy error...
Here is where you need to add the HTTPS connection, in the Networking tab.
I have a AWS server runs on Nginx and which hosts a React application working fine on server.
Now I want a Django app for restframework to be available on the same server.
Iam following the Document and uploaded the Django app on the server and try to run the app by trying python3 manage.py runserver 0.0.0.0:8000. There is no error but I cannot access my ip with http://server_domain_or_IP:8000.
Nginx config at /etc/nginx/conf.d/example.org.conf
server {
listen 80 default_server;
server_name example.org;
return 301 https://example.org;
}
server {
listen 443 ssl;
server_name example.org;
ssl_certificate /etc/nginx/ssl/ssl_bundle.crt;
ssl_certificate_key /etc/nginx/ssl/example.key;
location / {
root /home/ubuntu/example/build;
index index.html index.htm;
}
}
Please help where am I going wrong?
So your Django is running on localhost:8000 and in your Nginx setup, you are not forwarding your request to that address. You have to match the domain request with your Django running server, In production, you should have something like Gunicorn
Try with -
upstream backend {
server localhost:8000;
}
server {
server_name example.com www.example.com;
location / {
include proxy_params;
proxy_pass http://backend;
}
this would work for non-https. You can add listen 443 ssl, and SSL certificates to make your server block listen only to HTTPS.
I am trying to launch a django website and I want to install and make sure https connection works with let's encrypt for my site.
I followed DigitalOcean "How To Secure Nginx with Let's Encrypt on Ubuntu 18.04" tutorial on https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-ubuntu-18-04. When my site works with http connection, after the installation of let's encrypt, neither http nor https connection works now.
My nginx/sites-available/mysite.com file code is shown below:
server {
server_name mysite.com www.mysite.com;
location = /favicon.ico { access_log off; log_not_found off; }
location /static/ {
root /root/project/app/;
}
location / {
include proxy_params;
proxy_pass http://unix:/run/gunicorn.sock;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/mysite.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/mysite.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = www.mysite.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = mysite.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name mysite.com www.mysite.com;
return 404; # managed by Certbot
}
Normally, my website with http works fine, yet when I follow the tutorial and try to connect my site, it does not load on browser. If I try with curl, I get response: curl: (7) Failed to connect to mysite.com port 443: Connection refused.