my Django deployment with ec2, nginx and gunicorn went well beside that my staticfiles are not loading, browser show a 404 error. And this is because nginx looks in a completely different place than statics.
At this point I have tried a lot of configurations and nothing does the trick. I am wondering if a pair of fresh eyes can spot a mistake here that I do not.
/sites-enabled/django.conf:
server {
server_name site.net www.site.net;
location /static/ {
autoindex on;
alias /home/ubuntu/saas/static/;
}
location / {
include proxy_params;
proxy_pass http://unix:/home/ubuntu/saas/app.sock;
}
location ~ \.css {
add_header Content-Type text/css;
}
location ~ \.js {
add_header Content-Type application/x-javascript;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/site.net/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/site.net/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = www.site.net) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = site.net) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name site.net www.site.net;
return 404; # managed by Certbot
}
and my django settings.py look like this and collectstatics works fine.
STATIC_URL = '/static/'
STATICFILES_DIRS = [
os.path.join(BASE_DIR, 'staticfiles')
]
STATIC_ROOT = os.path.join(BASE_DIR, 'static')
I have deleted the default file but it stills seems that nginx looks for the staticfiles in the wrong place according to this error.log:
2020/05/01 19:57:45 [error] 3502#3502: *6 open() "/usr/share/nginx/html/static/css/custom.css" failed (2: No such file or directory), client: 86.221.78.105, server: site.net, request: "GET /static/cs$
I have rebooted the server, reload nginx, nothing seems to work out. Would someone has an idea of what I could try at that point?
There's usually a default.conf file that gets installed with nginx when you install with yum or apt. It will either be in /etc/nginx/conf.d/default.conf or /etc/nginx/sites-enabled/default.conf. Delete that file and reload nginx with sudo systemctl reload nginx, and you should be good to go absent there being another configuration file on your server that you don't know about.
Here is what I did to resolve the problem. Getting rid of the default index.html in /usr/share/nginx/html/ and running the conf script as:
server {
server_name site.net www.site.net;
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/site.net/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/site.net/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
location /static/ {
autoindex on;
alias /home/ubuntu/saas/static/;
}
location / {
include proxy_params;
proxy_pass http://unix:/home/ubuntu/saas/app.sock;
}
}
server {
if ($host = www.site.net) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = site.net) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name site.net www.site.net;
return 404; # managed by Certbot
}
Although this seems to be a workaround it makes the trick
Related
Actually, I am hosting a project to a domain using a Linode server.
The Project is on Bitbucket.
I have tried all the methods static root static dirs and collect static but nothing works half of the CSS is loading but not left Static.
STATIC_URL = '/static/'
STATICFILES_DIRS = [os.path.join(BASE_DIR / 'static/')]
#STATIC_ROOT = os.path.join(BASE_DIR, 'static/')
Nginx Config:
server {
server_name domain.in;
location = /favicon.ico { access_log off; log_not_found off; }
location /static/ {
root /home/web/tst/;
}
access_log /var/log/nginx/tst-access.log;
error_log /var/log/nginx/tst-error.log;
location / {
include proxy_params;
proxy_pass http://unix:/home/web/msg/msg.sock;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/domain.in/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/domain.in/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = domain.in) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name domain.in;
return 404; # managed by Certbot
}
You have to server your static files through nginx and pass your static dir path to it:
server {
...
location /static {
alias PATH_TO_YOUR_STATIC_DIR;
}
}
I have Django website hosted to DigitalOcean , i'm using postgres db , nginx , gunicorn and ubuntu 18.04. I'm using django authentication system, i created normal user, but i could logged in successfully only few times after creating the new account after that i got Bad Request (400) , and the admin was running with css style but now only html in rendered , but the style in other pages that users can visit are working fine with style. the two problems appears in the same time.
when i turn debug to true i got :
SuspiciousFileOperation at /fr/account/login/
Storage can not find an available filename for "users/2020/07/03/users/2020/07/03/users/2020/07/03/users/2020/07/03/users/2020/07/03/users/2020/07/03/no__QKvIRQ8_2N3XJKL.png". Please make sure that the corresponding file field allows sufficient "max_length".
This is my nginx configuration
Please help me
Thanks in advance
server {
server_name server_domain_or_IP;
location = /favicon.ico { access_log off; log_not_found off; }
location /static/ {
root /home/sammy/myprojectdir;
}
location /media/ {
root /home/sammy/myprojectdir;
image_filter_buffer 10M;
}
location / {
include proxy_params;
proxy_pass http://unix:/run/gunicorn.sock;
}
client_max_body_size 100M;
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/server_domain_or_IP/fullchain.pem; # managed $
ssl_certificate_key /etc/letsencrypt/live/server_domain_or_IP/privkey.pem; # manage$
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = server_domain_or_IP) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = server_domain_or_IP) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name server_domain_or_IP;
return 404; # managed by Certbot
client_max_body_size 100M;
}
I am trying to launch a django website and I want to install and make sure https connection works with let's encrypt for my site.
I followed DigitalOcean "How To Secure Nginx with Let's Encrypt on Ubuntu 18.04" tutorial on https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-ubuntu-18-04. When my site works with http connection, after the installation of let's encrypt, neither http nor https connection works now.
My nginx/sites-available/mysite.com file code is shown below:
server {
server_name mysite.com www.mysite.com;
location = /favicon.ico { access_log off; log_not_found off; }
location /static/ {
root /root/project/app/;
}
location / {
include proxy_params;
proxy_pass http://unix:/run/gunicorn.sock;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/mysite.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/mysite.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = www.mysite.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = mysite.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name mysite.com www.mysite.com;
return 404; # managed by Certbot
}
Normally, my website with http works fine, yet when I follow the tutorial and try to connect my site, it does not load on browser. If I try with curl, I get response: curl: (7) Failed to connect to mysite.com port 443: Connection refused.
I'm having an issue with my nginx configuration.
I receive the error ERR: TOO MANY REDIRECTS
If I change the var SECURE_SSL_REDIRECT = True to False the error goes away but I believe this is causing issue with my channels setup, my websockets are unable to complete handshake.
I found this link which I think is my problem but I don't know how to fix it.
I tried changing proxy_pass http://unix... to https://unix... which causes the redirects to stop but the page won't load.
server {
server_name myproject.com;
location = /favicon.ico { access_log off; log_not_found off; }
location /static/ {
alias /home/xx/myproject/static/;
}
location /static/admin/ {
alias /home/xx/myproject/static/admin/;
}
location /media/ {
alias /home/xx/myproject/media/;
}
location / {
include proxy_params;
proxy_pass http://unix:/home/xx/myproject/myproject.sock;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/myproject.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/myproject.com/privkey.pem; # managed by Certb$
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = myproject.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name myproject.com;
return 404; # managed by Certbot
}
I am using Nginx and Gunicorn to host a Django project. I need to secure this site, and as a test I set up Let's encrypt to an unused domain of mine. While tailing the Django access log, I noticed the following entry from time to time:
Invalid HTTP_HOST header: 'aydinfatih.com'. You may need to add u'aydinfatih.com' to ALLOWED_HOSTS.
This is an unknown domain to me, and while trying to access the domain (it got 400 response), I could se more of these log entries on my server. What is this? Is it related to my SSL-setup, and an indication that it's not secure?
server {
server_name example.com example.com;
location /static/ {
root /home/user/project/django-project;
}
location /media/ {
root /home/user/project/django-project;
}
location / {
include proxy_params;
proxy_pass http://unix:/home/user/project/project.sock;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
if ($scheme != "https") {
return 301 https://$host$request_uri;
} # managed by Certbot
}
server {
listen 80;
server_name my.server.ip.here example.com;
return 301 https://example.com;
}
I added the following to my server block:
if ($host !~* ^(example.com|www.example.com)$ ) {
return 444;
}
The unknown domain now displays 520. Is this the correct way to deal with this? Something else I've missed?
I misread your question. Here's a new answer.
Someone configs their DNS record to point their domain name to your server IP. Adding hostname checking certainly helps, but normally we use a default "catch all" server block to handle all unwanted requests:
# "Catch all" server
server {
server_name _;
return 444;
}
# Your site settings
server {
server_name example.com example.com;
location /static/ {
root /home/user/project/django-project;
}
location /media/ {
root /home/user/project/django-project;
}
location / {
include proxy_params;
proxy_pass http://unix:/home/user/project/project.sock;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
if ($scheme != "https") {
return 301 https://$host$request_uri;
} # managed by Certbot
}
server {
listen 80;
server_name my.server.ip.here example.com;
return 301 https://example.com;
}