React build files giving net::ERR_ABORTED 403 (Forbidden) in Nginx - django

I'm using nginx and gunicorn to deploy my Django+React web application. When I start the nginx services and try to access the application in the browser, in the browser's console I'm getting an error saying
GET http://server_ip/static/css/2.2546a949.chunk.css net::ERR_ABORTED 403 (Forbidden)
Below is what my nginx conf file looks like
server {
listen 80;
server_name server_ip;
location / {
proxy_pass http://127.0.0.1:8000;
}
location /static/ {
autoindex on;
alias react_build_folder_location;
}
}
Also, I've given read and execute permission to the static files still not able to fix the issue! Can anyone please help me. Kindly excuse if its a repeated question.

Related

nginx throws bad request 400 when accessed through ddns domain

Working perfect when accessed through local web server IP but throws 400 error when accessed through NOIP hostname.
For context, router is configured to forward requests to the web server on that port.
This is the nginx config file:
server {
listen 80;
server_name 192.168.1.64;
#server_name example.ddns.net;
location = /favicon.ico { access_log off; log_not_found off; }
location /static/ {
root /home/projectdir;
}
location / {
include proxy_params;
# proxy_pass http://example.ddns.net;
proxy_pass http://unix:/run/gunicorn.sock;
}
}
I tried adding the lines where the hashtags are but to no avail.
Assuming your server is properly configured, edit your setting.py in your Django project with the following:
ALLOWED_HOSTS = ["192.168.1.64"]
For future reference, in my case, although I had ALLOWED_HOSTS configured correctly, the problem was reloading gunicorn/nginx after making changes to the django settings file. The following line solved it:
sudo systemctl restart gunicorn
sudo systemctl restart nginx
Credit where it's due, comments from Iain Shelvington and Gaƫtan GR were spot on, the underlying problem was ALLOWED_HOSTS setting (which in my case was not applied until a gunicorn/nginx restart was done.

Correctly serving manifest.json via Django's gunicorn

I have a Django web app that utilizes an nginx reverse proxy with a gunicorn application server (upstream).
My nginx logs are filling up with errors like these: 2020/03/03 22:51:57 [error] 9605#9605: *162393 upstream sent too big header while reading response header from upstream, client: 168.155.46.104, server: example.com, request: "GET /static/img/favicons/manifest.json HTTP/2.0", upstream: "http://unix:/home/ubuntu/app/myproj/gunicorn.sock:/static/img/favicons/manifest.json", host: "example.com", referrer: "https://example.com/signup/create-pass/new/6d756265726e2d3131/18/"
I'm assuming gunicorn was unable to serve manifest.json.
This shouldn't have happened. I've created manifest.json and placed it in the relevant location. Using the Favicon checker at https://realfavicongenerator.net/ shows me this error:
The Web App Manifest at https://example/com/static/img/favicons/site.webmanifest cannot be downloaded. If I hit that url directly in the brower, I end up seeing a 502 Bad Gateway error.
How can I fix this?
I figured out the error.
Files placed in the /static/ folder in my project are supposed to be served directly via nginx. But the json file in question wasn't included in nginx conf in a manner that allowed it to be served by the web server.
Once I fixed that (see below), the manifest file was directly served by nginx (and gunicorn never came in the loop). Problem solved!
This is what I added to nginx's virtual host file to solve the issue: Notice this includes the json extension:
location ~* \.(?:ico|css|js|gif|jpg|jpeg|png|svg|woff|ttf|eot|json)$ {
root /home/ubuntu/app/my_proj;
expires 120d;
access_log off;
error_log off;
}

Nginx not show urls of angular 4

I am deploy my web server in Django with Angular4 into my LightSail server but I have a problem, because I try access to my page example.com and redirect to example.com/home, no problem I see my page without problems, but If I try to reload the page it sends me a message as if the route did not exist, being that in my local if I can do it without problem.
this is my config in vim /etc/nginx/sites-enabled/trackerServer,
I will be honest, I followed a guide since I do not handle much with nginx from
LightSail with Django
server {
listen 80;
server_name 54.175.253.151;
location = /favicon.ico { access_log off; log_not_found off; }
location /static/ {
root /home/ubuntu/tracker-web/trackerServer;
}
location / {
include proxy_params;
proxy_pass http://unix:/home/ubuntu/tracker-web/trackerServer/trackerServer.sock;
}
}
I discard that my problem is with gunicorn.
Someone has gone through the same and has managed to solve this problem of routing?
This question has nothing related to django, and it's not an nginx or gunicorn problem.
You need to add LocationStrategy on your providers.
Take a look at this question
Angular's documentation has a section for server configuration. When using the HTML5 style routing you have to redirect all urls to index.html in nginx configuration:
NGinx: use try_files, as described in Front Controller Pattern Web
Apps, modified to serve index.html:
try_files $uri $uri/ /index.html;
OR
Use the HashLocationStrategy as mentioned in another answer.

Defining correctly Nginx server block for two django apps and no server_name

I have been following the Digital Ocean tutorial How To Serve Django Applications with uWSGI and Nginx on Ubuntu 14.04, so that later i can deploy my own django application using Nginx+uWSGI.
In this tutorial they create 2 basic Django apps to be later served by Nginx. I have tested that the apps were working using the Django server and uWSGI alone.
When i passed to the Nignx part i ran into a problem, basically i dont have a server_name for now only have an IP to work with, and i tried to differentiate between Django apps using the port number.
The default Nginx server (xxx.xxx.xxx.xxx:80) is responding correctly, but when i try to access the Django apps using (xxx.xxx.xxx.xxx:8080 or xxx.xxx.xxx.xxx:8081) i get 502 bad gateway.
I think i have a problem in the way or logic i am defining my listen inside the server block. What would be the correct way of doing this, or what might i be doing incorrectly.
This are my server blocks (in sites-enabled):
firstsite app
server {
listen xxx.xxx.xxx.xxx:8080;
#server_name _;
location = /favicon.ico { access_log off; log_not_found off; }
location /static/ {
root /root/firstsite;
}
location / {
include uwsgi_params;
uwsgi_pass unix:/root/firstsite/firstsite.sock;
}
}
econdsite app
server {
listen xxx.xxx.xxx.xxx:8081;
#server_name _;
location = /favicon.ico { access_log off; log_not_found off; }
location /static/ {
root /root/secondsite;
}
location / {
include uwsgi_params;
uwsgi_pass unix:/root/secondsite/secondsite.sock;
}
}
default Nginx
server {
listen 80 default_server;
#listen [::]:80 default_server ipv6only=on;
root /usr/share/nginx/html;
index index.html index.htm;
# Make site accessible from http://localhost/
server_name localhost;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
# Uncomment to enable naxsi on this location
# include /etc/nginx/naxsi.rules
}
}
UPDATE:
I was checking the error log under /var/log/nginx and when i try to connect to firstsite i get the following error:
2016/02/05 15:55:23 [crit] 11451#0: *6 connect() to
unix:/root/firstsite/firstsite.sock failed (13: Permission denied)
while connecting to upstream, client: 188.37.180.101, server: ,
request: "GET / HTTP/1.1", upstream:
"uwsgi://unix:/root/firstsite/firstsite.sock:", host:
"178.62.229.183:8080"
Nginx server on ubuntu will run on www-data user by default, uWSGI server won't (which is actually a good thing, unless it runs on root). If you're creating unix socket for uWSGI, access to it will be defined as for any system file. And by default, access to it might be restricted only to user that created socket.
More on that, you're creating your sockets in /root/ directory. That directory is readable only by root user and some of Linux distributions won't allow accessing anything inside even if permissions are set correctly.
So what you have to do is:
put sockets outside of /root/ directory (/var/run is good place for that)
Make sure that nginx will have access to that sockets (put --chmod-socket 666 or `--chown-socket yourusername:www-data into your uWSGI startup line)
And if you're running that uWSGI server on root, be aware that this is really dangerous. Any process running on root can do anything with your system, so if you will make mistake in your code or someone will hack in, he can inject any malicious software into your server, steal some data from it or just destroy everything.

Amazon EC2 Deployment Not Working When IP Address Typed Into Browser Suspect Ngnix Problems

I am nearing the last step of deploying my Django app and I think I am having a Nginx problem. This is my first time deploying, so give me a break.
Basically, the problem is that when I navigate to my public IP on my browser I am getting a webpage is not available error.
I am thinking it is an issue with how I am writing out my directory structure in my Nginx configuration script, but am unsure. I am following a tutorial and don't really understand the script they are asking me to run.
Here is my app's directory structure within my server...
/home/ubuntu/flower_shop/flowershop
Here is my Nginx's file that configures Nginx
server {
listen 80;
server_name 54.213.141.60;
location = /favicon.ico { access_log off; log_not_found off;}
location /static/ {
root /home/ubuntu/flower_shop/flowershop;
}
location / {
include proxy_params;
proxy_pass http://unix:/home/ubuntu/flower_shop/flowershop/flowershop.sock;
}
I am creating the above file by typing the following into my command line...
sudo vim /etc/nginx/sites-available/flower_shop
Can you see anything obvious that I am doing wrong? Gunicorn is set up fine and my app works on my local host. I have tried restarting Nginx, but I get the same results.
Hope you have done the following step:
sudo ln -s /etc/nginx/sites-available/flower_shop /etc/nginx/sites-enabled/flower_shop
Some other diagnostic commands which will help pin down the problem:
Supply nginx error and access logs
output of netstat -tulpn | grep nginx
In ssh session do curl -D - http://localhost:80
Try replacing the above snippet with the following extremely simple server config. Notice the only filtering it has for now is for port 80. It assumes your gunicorn is serving at 8080. Change port appropriately, if required.
```
server{
listen 80;
location / {
proxy_pass http://localhost:8080;
}
}
```