I am trying to deploy django project on digitalocean using nginx and gunicorn.
My project have the following structure
projects
|_isli
|_isli
|_forecast #project directory
|_manage.py
|_forecast.sock
|_forecast
|_wsgi.py
|_settings.py
|_urls.py
My project created inside root directory without creating additional sudo user. I know that isn't right solution but i decide so.
In my settings.py file inside allowed hosts i specified ip address
ALLOWED_HOSTS = ['165.22.23.233']
In official digitalocean docs have tutorial about deploying django using nginx and gunicorn Deploying django using Nginx and Gunicorn
in this article used method where gunicorn setted up as socet here is my setup /etc/systemd/system/gunicorn.service
[Unit]
Description=gunicorn daemon
After=network.target
[Service]
User=root
Group=root
WorkingDirectory=/root/projects/isli/isli/forecast
ExecStart=/root/projects/isli/env/bin/gunicorn --log-level debug --error-logfile /var/log/gunicorn/error.log --access-logfile /var/log/gunicorn/access.log --workers 3 --bind unix:/root/projects/isli/isli/forecast/forecast.sock forecast.wsgi:application
[Install]
WantedBy=multi-user.target
after creating gunicorn.service file i run systemctl start gunicorn than systemctl enable gunicorn after it in my project directory was created forecast.sock file
Than i setup nginx in /etc/nginx/sites-available/forecast with following
server {
listen 165.22.23.233:80;
location = /favicon.ico {access_log off; log_not_found off;}
location / {
include proxy_params;
proxy_pass http://unix:/root/projects/isli/isli/forecast/forecast.sock;
}
}
Than systemctl restart nginx
When i am trying to access http://165.22.23.233:80 from browser its promt me 502 bad gateway. After it in /var/log/nginx/error.log file i see following
2020/02/09 16:29:01 [crit] 13533#13533: *11 connect() to unix:/root/projects/isli/isli/forecast/forecast.sock failed (
13: Permission denied) while connecting to upstream, client: 178.176.218.110, server: , request: "GET / HTTP/1.1", upstream: "http://unix:/root/projects/isli/isli/forecast/forecast.sock:/", host: "165.22.23.233"
As i understood through this error my problem is that nginx can not access to /root/projects/isli/isli/forecast/forecast.sock file. After it i tried to check permissions to each entity of above path by
namei -nom /root/projects/isli/isli/forecast/forecast.sock
And here is output
f: /root/projects/isli/isli/forecast/forecast.sock
drwxr-xr-x root root /
drwx------ root root root
drwxr-xr-x root root projects
drwxr-xr-x root root isli
drwxr-xr-x root root isli
drwxr-xr-x root root forecast
srwxrwxrwx root root forecast.sock
In output above root user have permissions to each entity to my socket path but why error say me that permission denied
You need to separate listen from server_name:
server {
listen 80;
server_name 165.22.23.233; # (Example 192.168.0.1, example.com)
location = /favicon.ico { access_log off; log_not_found off; }
location /static/ {
root /root/projects/isli/isli/forecast/;
}
location / {
include proxy_params;
proxy_pass http://unix:/root/projects/isli/isli/forecast/forecast.sock;
}
}
Related
I'm deploying a django app to linode with gunicorn and nginx. I have followed a few different tutorials, but for the setting up of gunicorn and nginx I followed this, which took me to the end with no errors, but at the end I got 502 Bad Gateway error from nginx when trying to open the url directly on my browser.
The error.log I get when refreshing the page is the following:
tail -f /var/log/nginx/error.log
2022/11/20 11:24:33 [crit] 4949#4949: *5 connect() to unix:/home/djangouser/djangoproject/djangoproject.sock failed (13: Permission denied) while connecting to upstream, client: 181.43.95.34, server: 555.555.55.555, request: "GET / HTTP/1.1", upstream: "http://unix:/home/djangouser/djangoproject/djangoproject.sock:/", host: "555.555.55.555"
(The IP, user and project names have been changed, not sure if this is unsafe, but just in case)
The relevant settings are as follows:
ufw status on server:
To Action From
-- ------ ---- 22/tcp ALLOW Anywhere Nginx Full
ALLOW Anywhere 22/tcp (v6)
ALLOW Anywhere (v6) Nginx Full (v6)
ALLOW Anywhere (v6)
/etc/systemd/system/gunicorn.service
[Unit] Description=gunicorn daemon After=network.target
[Service] User=djangouser Group=www-data
WorkingDirectory=/home/djangouser/djangoproject
ExecStart=/home/djangouser/djangoproject/.venv/bin/gunicorn
--access-logfile - --workers 3 --bind unix:/home/djangouser/djangoproject/djangoproject.sock
polman_project.wsgi:application
[Install] WantedBy=multi-user.target
/etc/nginx/sites-available/djangoproject
server {
listen 80;
server_name 555.555.55.555;
location = /favicon.ico { access_log off; log_not_found off; }
location /static/ {
root /home/djangouser/djangoproject;
}
location / {
include proxy_params;
proxy_pass http://unix:/home/djangouser/djangoproject/djangoproject.sock;
}
}
I would appreciate any advice.
I have a Django system that has gunicorn hosting the dynamic content and nginx the static, nginx passing through to gunicorn as required via a Unix socket.
Every request that requires static content is generating an error like that below. Is this because the request comes from a Unix socket and not via IP? How do I fix this? A Quick "Google" hasn't helped but perhaps I've not found the right question yet :-(.
django.db.utils.IntegrityError: null value in column "ip" violates not-null constraint
DETAIL: Failing row contains (48, 302, GET, /, 2022-05-25 07:51:28.855717+00, f, f, null, , Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KH..., en-GB,en;q=0.9,en-US;q=0.8,mt;q=0.7, null).
Thanks for any suggestions.
Here is the configuration of NGINX using a Gunicorn socket:
server {
listen 80;
server_name YOUR_IP_OR_DOMAIN;
location = /favicon.ico { access_log off; log_not_found off; }
location /static {
root WHERE YOUR STATIC FOLDER IS, DO NOT INCLUDE STATIC FOLDER IN THIS PATH;
}
location / {
include proxy_params;
proxy_pass http://unix:/run/gunicorn.sock; <<<<<<====== HERE IS YOUR SOCKET FILE, I WILL EXPLAIN ITS CONTENT BELOW
}
client_max_body_size 100M; <= this is just something I added to not have timeout issues if the user uploads large files, you don't have to have this line
}
Gunicorn:
sudo nano /etc/systemd/system/gunicorn.service:
[Unit]
Description=gunicorn daemon
After=network.target
[Service]
User=sammy
Group=www-data
WorkingDirectory=/home/sammy/myproject
ExecStart=/home/sammy/myproject/myprojectenv/bin/gunicorn --access-logfile - --workers 3 --bind unix:/home/sammy/myproject/myproject.sock myproject.wsgi:application
[Install]
WantedBy=multi-user.target
After saving the service file:
sudo systemctl start gunicorn
sudo systemctl enable gunicorn
You can check the socket working by typing : sudo systemctl status gunicorn
I'm trying to deploy a django project with uWSGI and nginx. I have the next configuration files:
uwsgi.ini
[uwsgi]
#Django-related settings
chdir = /home/amlalchy/api_aml_platform
module = api.wsgi
#static-map = /static=/home/amlalchy/api_aml_platform/services/static
#Process-related settings
master = true
processes = 10
# The socket(use the full path to be safe)
socket = /tmp/aml.sock
chmod-socket = 664
uid = www-data
gid = www-data
# Clear environment on exit
vacuum = true
uwsgi.service
[Unit]
Description=uWSGI Emperor service
After=network.target
[Service]
#User=amlalchy
#Group=www-data
ExecStartPre=/bin/bash -c 'mkdir -p /run/uwsgi; chown amlalchy:www-data /run/uwsgi'
ExecStart=/bin/bash -c 'cd /home/amlalchy/api_aml_platform && source /home/amlalchy/anaconda3/bin/activate AmlPlatform && uwsgi --ini /etc/uwsgi/sites/uwsgi.ini'
Restart=always
KillSignal=SIGQUIT
Type=notify
NotifyAccess=all
[Install]
WantedBy=multi-user.target
api.conf for the nginx configuration
server {
listen 80;
server_name server.prueba.com;
charset utf-8;
client_max_body_size 128M;
location = /favicon.ico { access_log off; log_not_found off; }
location /static {
root /home/amlalchy/api_aml_platform/services;
}
location /media {
root /home/amlalchy/api_aml_platform;
}
location / {
include uwsgi_params;
uwsgi_pass unix:/tmp/aml.sock;
uwsgi_read_timeout 300s;
uwsgi_send_timeout 300s;
}
}
I'm getting this error in /var/log/enginx/error.log :
2020/01/13 10:30:12 [error] 12641#12641: *1 open() "/home/amlalchy/api_aml_platform/services/static/css/global.css" failed (2: No such file or directory), client: 127.0.0.1, server: server.prueba.com, request: "GET /static/css/global.css HTTP/1.1", host: "127.0.0.1", referrer: "http://127.0.0.1/api/login/
I am newbie and I don't know what I'm missing because the static files exists... so I would be really grateful for any tip on my error.
Thanks in advance.
Where are your static files (css/js/images)? How do you deploy them?
As #ruddra suggested, how do you run your?
./manage.py collectstatic
I am trying to run multiple dashboards written in Django to run on my server, but am not getting it up and running. Followed this digital ocean tutorial and modified it according to this SO answer. Now everything is up and running and but when am pointing to my URL, it shows Nginx welcome page http://ipaddr/first_dashboard
Below is the gunicorn_fdab.socket file :
[Unit]
Description=gunicorn socket
[Socket]
ListenStream=/run/gunicorn_fdab.sock
[Install]
WantedBy=sockets.target
Below is gunicorn_fdab.service file :
[Unit]
Description=gunicorn daemon for fdab
Requires= gunicorn_fdab.socket
After=network.target
[Service]
User=root
Group=root
WorkingDirectory=/opt/fdab
ExecStart=/opt/anaconda/envs/fdab/bin/gunicorn \
--access-logfile - \
--workers 3 \
--bind unix:/run/gunicorn_fdab.sock \
fdab.wsgi:application
[Install]
WantedBy=multi-user.target
Now this is my Nginx conf file :
server {
listen 80;
server_name 111.11.11.111;
location = /favicon.ico { access_log off; log_not_found off; }
location /static/ {
root /opt/fdab/fdab;
}
location /fdab {
include proxy_params;
rewrite /fdab(.*) $1;
proxy_pass http://unix:/run/gunicorn_fdab.sock;
}
}
Am not able to understand where am doing it wrong.
If am doing curl --unix-socket /run/gunicorn_fdab.sock localhost , it just returning nothing.
(base) root#virtualserver01:~# curl --unix-socket /run/gunicorn_fdab.sock localhost
(base) root#virtualserver01:~#
Project is stored at /opt/fdab.
Additional information:
Basically, my project structure for both the project is like this :
/opt/fdab
/fdab
/fdab_dashboard
/opt/pdab
/pdab
/pdab_dashboard
The structure for the project is like this because I intend to have multiple apps in fbad and fdab2(second project name.
EDIT
Updated conf file for Nginx :
server {
listen 80;
server_name 111.11.11.111;
location = /favicon.ico { access_log off; log_not_found off; }
location /static/ {
root /opt/fdab/fdab;
}
location /fdab {
include proxy_params;
rewrite /fdab/(.*) /$1 break;
proxy_pass http://unix:/run/gunicorn_fbad.sock;
}
location /pdab/static/ {
alias /opt/pdab/pdab/static/;
}
location /pdab {
include proxy_params;
rewrite /pdab/(.*) /$1 break;
proxy_pass http://unix:/run/gunicorn_pdab.sock;
}
}
Now I have added FORCE_SCRIPT_NAME = '/exampleproject' in both the project.
Now what's happening is that, if am typing in, http://<ipaddr>/fdab/fdab_dashboard it's working fine, but if am typing in http://<ipaddr>/fdab/ or http://<ipaddr>/pdab/, am getting redirected to http://<ipaddr>/fdab_dashboard and http://<ipaddr>/pdab_dashboard , this is not what is required and moreover, http://<ipaddr>/fdab_dashboard seems to be working properly. But the fdab part of the url is missing, once I get into the app after logging in, the url seems fine, maybe because of the FORCE_SCRIPT_NAME = '/fdab' , but the url http://<ipaddr>/pdab_dashboard gives me 404 error page.
So the good news is that your gunicorn and nginx configs as posted look correct.
(1) Problem #1 default web page shows:
This is almost always caused by the default nginx config file default.conf. Just remove that file and you should see your site popping up instead. The only other thing to check for is to test and reload nginx to make sure your configuration is valid and loaded:
sudo nginx -t
sudo systemctl reload nginx
(2) Problem #2 curl to the unix socket doesn't return what you'd expect. The curl command looks slightly off: try something like:
curl -v --no-buffer --unix-socket /run/gunicorn_fdab.sock http://localhost/route/available/in/django
You can pair that curl while tailing the gunicorn logs with journalctl --since today -u gunicorn -f
I suggest you try not doing any URL rewrites in the nginx config. Do the proxy_pass to the sockets as required, and then adapt your Django URL configs to match the URLs you want to use in the different apps.
I'm using the Digital Ocean tutorial (here) to set up a app that allows for a file upload (videos ranging from 5 mb to 1 GB). I know that large file uploads is not an ideal use case, but the client and the server are sitting in neighboring buildings connected via LAN (fast speeds in transfer) and FTP was not an option provided to me.
When the files are small enough (30-40 mb), the app works fine. With 100 mb+ videos, I get a "502 - bad gateway" error on the client side.
Nginx error log shows the following:
2017/07/17 15:52:18 [error] 18503#18503: *9 recv() failed (104: Connection reset by peer) while reading response header from upstream, client: <client-ip>, server: <my-hostname>, request: "POST /videos HTTP/1.1", upstream: "http://unix:/www/app/app.sock:/videos", host: "<my-hostname>", referrer: "<app-domain>/videos"
The Gunicorn error log shows no errors.
My gunicorn settings:
[Unit]
Description=gunicorn daemon
After=network.target
[Service]
User=django
Group=www-data
WorkingDirectory=/www/app
EnvironmentFile=/www/app/.env2
ExecStart=/home/django/.pyenv/versions/django/bin/gunicorn --access-logfile /backup/logs/app_gunicorn_access.log --error-logfile /backup/logs/app_gunicorn_errors.log --workers 3 --worker-class=tornado --timeout=600 --graceful-timeout=10 --log-level=DEBUG --capture-output --bind unix:/www/app/app.sock app.wsgi:application
[Install]
WantedBy=multi-user.target
What am I doing wrong?
EDIT ->
NGINX config
server {
listen 80;
server_name <my-hostname>;
rewrite ^/(.*) https://<my-domain>/$1 permanent;
}
server {
listen 443 ssl;
proxy_read_timeout 600s;
keepalive_timeout 5;
fastcgi_buffers 8 16k;
fastcgi_buffer_size 32k;
server_name <my-hostname>;
client_max_body_size 0;
ssl_certificate /ssl_certs/hostname_bundle.cer;
ssl_certificate_key /ssl_certs/hostname.key;
root /www/app;
location = /favicon.ico { access_log off; log_not_found off; }
location /static/ {
alias /www/app/staticfiles/;
}
location /media/ {
alias /backup/app_media/;
}
location / {
include proxy_params;
proxy_pass http://unix:/www/app/app.sock;
include /etc/nginx/mime.types;
}
location /robots.txt {
alias /www/app/robots.txt;
}
}
Fixed the issue by changing the worker class from tornado to default (sync) workers while keeping the timeout long enough for large uploads to complete. Obviously there might be more elegant solutions to this issue, but I'm yet to come across anything. Exec line in gunicorn.service is as follows:
ExecStart=/home/django/.pyenv/versions/django/bin/gunicorn --access-logfile /backup/logs/app_gunicorn_access.log --error-logfile /backup/logs/app_gunicorn_errors.log --workers 3 --timeout=600 --graceful-timeout=10 --log-level=DEBUG --capture-output --bind unix:/www/app/app.sock app.wsgi:application