Nginx Base Auth - django

I work with Django and Nginx
I added the following entry to my config to restrict access to example.com/admin/
The function asks for a password, and everything works, but after that, as I get a 404 Not Found error from Nginx
Full config
upstream rates_core_server {
server unix:/webapps/example.com_app/example.com/run/gunicorn.sock fail_timeout=0;
}
server {
listen 80;
server_name example.com www.example.com;
client_max_body_size 4G;
access_log /webapps/example.com_app/logs/nginx-access.log;
error_log /webapps/example.com_app/logs/nginx-error.log;
location /admin/ {
auth_basic "Restricted Content";
auth_basic_user_file /etc/nginx/.htpasswd;
}
location /static/ {
alias /webapps/example.com_app/example.com/static/;
client_max_body_size 100M;
}
location /media/ {
alias /webapps/example.com_app/example.com/static/media/;
client_max_body_size 100M;
}
location / {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_redirect off;
if (!-f $request_filename) {
proxy_pass http://example.com_server;
break;
}
}
# Error pages
error_page 500 502 503 504 /500.html;
location = /500.html {
root /webapps/example.com_app/example.com/static/;
}
}
I do not understand what the problem is


With the current config, nginx does not know where to look for or redirect to for admin block. Can you include proxy_pass settings in your admin block as well, like this:
location /admin/ {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_redirect off;
if (!-f $request_filename) {
proxy_pass http://example.com_server;
break;
}
auth_basic "Restricted Content";
auth_basic_user_file /etc/nginx/.htpasswd;
}

Related

Nginx redirect after slash in location

I have domine name https://example.com/API/, I wanted to redirect anything given after /API/ for example :
https://example.com/API/test to https://example.com/API/
Below is my Nginx conf
location #error {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
root /var/www/html/test/;
index index.html index.htm;
internal;
}
location ~*/api {
rewrite ^/api(.*) $1 break;
proxy_pass http://127.0.0.1:3100;
client_max_body_size 60M;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
error_page 502 #error;
}
That from the above example if /API/ gets 502 I am redirecting it to. PHP file is working fine, But if there is anything given after /API/test it is showing 404 not found.

You can have something of this sort:
server {
root /var/www/html; #your own values
server_name _; #website name
location #error {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
root /var/www/html/test/;
index index.html index.htm;
internal;
}
location /api {
proxy_pass http://127.0.0.1:3100;
client_max_body_size 60M;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
error_page 502 #error;
}
}
So basically you would have to use location /api {} directive and that would work.

Django + Nginx + Gunicorn example.com works but www.example.com returns Bad Request (400)

I'm trying to make it possible to access www.example.com aswell as example.com which works fine but it returns Bad Request 400:
Django:
ALLOWED_HOSTS = ['librestock.com', 'www.librestock.com']
Nginx:
server {
listen 80;
server_name librestock.com www.librestock.com;
location = /favicon.ico { access_log off; log_not_found off; }
location /static/ {
root /home/david/StockSearch/stocksearch;
}
location / {
include proxy_params;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://unix:/home/david/StockSearch/stocksearch/stocksearch.sock;
}
}
any ideas for debugging and troubleshooting this?

Nginx Multiple Domains One App and Server

I want to run multiple websites on the same django app and the same nginx server.
I am successfully running http: //myip/ and http: //myip/name1 and http: //myid/name2
Now I want to link all these projects to myname.com and name1.com and name2.com
How should I change my nginx config file? The current version of the file is shown below. Thanks
upstream crsq {
server localhost:8000;
}
server {
listen 80 default;
access_log /home/ubuntu/crsq-access.log;
error_log /home/ubuntu/crsq-error.log error;
# Make site accessible from http://localhost/
server_name crsq;
location #proxy_to_crsq_app {
proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto;
proxy_set_header X-Forwarded-Port $http_x_forwarded_port;
proxy_set_header X-Forwarded-For $http_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_pass http: //crsq;
}
location /robots.txt {
alias /home/ubuntu/crsq/crsq/robots.txt;
}
location / {
try_files $uri #proxy_to_crsq_app;
}
location /static {
alias /home/ubuntu/crsq/crsq/static;
}
}

upstream crsq {
server localhost:8000;
}
server {
listen 80 ;
access_log /home/ubuntu/crsq-access.log;
error_log /home/ubuntu/crsq-error.log error;
# Make site accessible from http://localhost/
server_name a.b.c;
location #proxy_to_crsq_app {
proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto;
proxy_set_header X-Forwarded-Port $http_x_forwarded_port;
proxy_set_header X-Forwarded-For $http_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_pass http: //crsq;
}
location /robots.txt {
alias /home/ubuntu/crsq/crsq/robots.txt;
}
location / {
try_files $uri #proxy_to_crsq_app;
}
location /static {
alias /home/ubuntu/crsq/crsq/static;
}
}
server {
listen 80 ;
access_log /home/ubuntu/crsq-access.log;
error_log /home/ubuntu/crsq-error.log error;
# Make site accessible from http://localhost/
server_name b.c.d;
location #proxy_to_crsq_app {
proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto;
proxy_set_header X-Forwarded-Port $http_x_forwarded_port;
proxy_set_header X-Forwarded-For $http_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_pass http: //crsq;
}
location /robots.txt {
alias /home/ubuntu/crsq/crsq/robots.txt;
}
location / {
try_files $uri #proxy_to_crsq_app;
}
location /static {
alias /home/ubuntu/crsq/crsq/static;
}
}

How to use ngnix proxy_pass with URI?

My goal is redirect one domain to another using ngnix:
http://abc.mydomain1.com -> http://mydomain2.com:8080/test1
I tried the following:
server {
listen 80;
server_name abc.mydomain1.com;
access_log off;
location / {
proxy_pass http://mydomain2.com:8080/test1/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
port_in_redirect off;
proxy_connect_timeout 300;
}
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
} }
It works with the first page index.html however this page needs to load javascripts and css resources and viewing the source code I notice that all links are generated like this:
<link rel="stylesheet" href="/test1/css/bootstrap.min.css"/>
How to avoid contextPath "test1"? I think something is missing in the header but I don't know what :(
Thanks in advance for your help

I think my approach was incorrect because the server http://mydomain2.com:8080/test1/ will generate the links based in the context in this case "test1". Therefore ngnix is working good.
I resolved the problem creating virtual host in http://mydomain2.com:8080 for "test1"
<Host name="abc.mydomain1.com" appBase="abc.mydomain1.com"
unpackWARs="true" autoDeploy="true"></Host>
and I changed my redirection to (removing test1):
server {
listen 80;
server_name abc.mydomain1.com;
access_log off;
location / {
proxy_pass http://mydomain2.com:8080/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
port_in_redirect off;
proxy_connect_timeout 300;
}
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
} }

Nginx / Django: Accessing static files results in 403 Forbidden

I've been trying to debug this for several hours and I'm not sure what else to check. My problem is that Nginx doesn't server Django static files. Accessing static files results in the error 403 Forbidden.
The exact error from nginx error log is:
2013/02/11 05:42:13 [error] 22526#0: *29 open() "/home/mydomain/public_html/test2/src/bootstrap.css" failed (13: Permission denied), client: XXX.XXX.XX.XX, server: mydomain.com, request: "GET /src/bootstrap.css HTTP/1.1", host: "www.mydomain.com"
Here is my nginx config file:
server {
listen XX.XX.X.XXX:80;
server_name mydomain.com;
root /home/mydomain/public_html/test2/app;
# serve directly - analogous for static/staticfiles
location /media/ {
# if asset versioning is used
if ($query_string) {
expires max;
}
}
location /admin/media/ {
# this changes depending on your python version
root /home/mydomain/public_html/test2/lib/python2.7/site-packages/django/contrib;
}
location /src/ {
autoindex on;
root /home/mydomain/public_html/test2;
}
location / {
proxy_pass_header Server;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Scheme $scheme;
proxy_connect_timeout 10;
proxy_read_timeout 10;
proxy_pass http://localhost:8000/;
}
# what to serve if upstream is not available or crashes
error_page 500 502 503 504 /media/50x.html;
}
Static files are stored in /home/mydomain/public_html/test2/src.
I've tried chown mydomain.mydomain -R * and chmod 755 /home/mydomain -R * without any effect.

use this
btw. IfIsEvil
server {
listen 80;
server_name mydomain.com;
#access_log /var/log/nginx/x_access.log;
#error_log /var/log/nginx/x_error.log;
location /static {
alias /path/to/your/static;
}
location /media {
alias /path/to/your/media;
}
location / {
proxy_pass_header Server;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Scheme $scheme;
proxy_connect_timeout 10;
proxy_read_timeout 10;
proxy_pass http://localhost:8000/;
}
}

Here is a working solution to my initial problem:
server {
listen XX.XX.X.XXX:80;
server_name mydomain.com;
root /home/mydomain/public_html/test2/app;
location /admin/media/ {
# this changes depending on your python version
root /home/mydomain/public_html/test2/lib/python2.7/site-packages/django/contrib;
}
location /src {
root /home/mydomain/public_html/test2;
}
location / {
proxy_pass_header Server;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Scheme $scheme;
proxy_connect_timeout 10;
proxy_read_timeout 10;
proxy_pass http://localhost:8000/;
}
# what to serve if upstream is not available or crashes
error_page 500 502 503 504 /media/50x.html;
}

Another way to do this is to use try_files. The advantage of this is that Nginx will first look for a real file to serve, and if it fails to find one it passes execution to your django app. This is perfect for serving a dynamic sitemap.xml for example since you do not need to special-case the file in nginx.conf.
# Set default expires headers (used for static assets)
expires 30d;
server {
listen 80;
server_name mydomain.com;
root /some/path/assets/;
try_files $uri #django;
location #django {
expires -1d;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_redirect off;
proxy_pass http://unix:/some/path/server.sock;
}
location /static/admin/ {
alias /some/path/lib/python2.7/site-packages/django/contrib/admin/static/admin/;
}
}