Django Channels over apache server - django

I have a Django project that's working well on my VPS over apache.
after adding Django channels to my project it's working on localhost perfectly but in my vps, my browser logged an error "WebSocket connection to '...' failed: Error during WebSocket handshake: Unexpected response code: 404" and the project failed.
according to my googling, I think apache can't support web-socket. but can't find a clear answer and trip for running channels on apache
this is my apache config in 000-default.conf:
<VirtualHost *:80>
Alias /static /opt/kalameh/static
<Directory /opt/kalameh/static>
Require all granted
</Directory>
<Directory /opt/kalameh/server>
<Files wsgi.py>
Require all granted
</Files>
</Directory>
WSGIDaemonProcess kalameh python-path=opt/kalameh python-home=opt/kalameh/kalamehenv
WSGIProcessGroup kalameh
WSGIScriptAlias / opt/kalameh/server/wsgi.py
ServerAdmin webmaster#localhost
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
and this is my wsgi.py
import os
import sys
sys.path.append('/opt/kalameh/')
from django.core.wsgi import get_wsgi_application
os.environ.setdefault("DJANGO_SETTINGS_MODULE", "server.settings")
application = get_wsgi_application()

You need to check channels' Deploying section. Be aware the slight differences between channels v1.x and v.2x documentation. Pick up the appropriate one.
As you notice, Apache does not support websocket. So you would need to run a server that exposes websocket - a native ASGI interface server (terminology used by channel documentation). You can use Django's Daphne. Daphne also supports HTTP interface.
So you have two solutions:
Keep Apache delivering your Django's HTTP request + Daphne delivering your websocket (if you go for this solution, the keywords to use to find more documentation are reverse proxy and ProxyPass)
Using Daphne for delivering your Websocket and HTTP (no need of Apache).

Related

Django Apache2 VirtualEnv - no response from server

So I am trying to migrate my app to a new production server. I'm not getting a reply from the server Apache server when I access it. The server is on AWS and it's a standard Apache config with just one site enabled:
<VirtualHost *:80>
Alias /static/ /home/ubuntu/myapp/myapp/myapp/static
Alias /media/ /home/ubuntu/myapp/myapp/myapp/media
<Directory /home/ubuntu/myapp/myapp/myapp/static>
Require all granted
</Directory>
<Directory /home/ubuntu/myapp/myapp/myapp/media>
Require all granted
</Directory>
<Directory /home/ubuntu/myapp/myapp/myapp>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
WSGIDaemonProcess myapp python-home=/home/ubuntu/myapp/myapp/myapp python-path=/home/ubuntu/myapp:/home/ubuntu/myapp/lib/python3.6/site-packages
WSGIProcessGroup myapp
WSGIScriptAlias / /home/ubuntu/myapp/myapp/myapp/myapp/wsgi.py
ErrorLog /var/log/apache2/myapp_error.log
LogLevel warn
CustomLog /var/log/apache2/myapp_access.log combined
</VirtualHost>
I have made sure that all files are owned by the ubuntu user and that www-data has group rights.
The wsgi file is the original, but I added a print statement to see the folder it's checking for the application:
"""
WSGI config for match2 project.
It exposes the WSGI callable as a module-level variable named ``application``.
For more information on this file, see
https://docs.djangoproject.com/en/1.8/howto/deployment/wsgi/
"""
import os, sys
print(sys.path)
from django.core.wsgi import get_wsgi_application
os.environ.setdefault("DJANGO_SETTINGS_MODULE", "myapp.settings")
application = get_wsgi_application()
Eventually, the error log will produce:
Timeout when reading response headers from daemon process 'myapp': /home/ubuntu/myapp/myapp/myapp/myapp/wsgi.py
I'd appreciate any advice.
Timeout when reading response headers from daemon process 'myapp' means your application is taking to long to handle the request. This could be because it is deadlocked, or is waiting on backend service.
Add WSGIApplicationGroup to your virtual host configuration.
<VirtualHost *:80>
# config remaining parts
WSGIApplicationGroup %{GLOBAL}
# config remaining parts
</VirtualHost>
From docs
... forces the WSGI application to run in the main Python interpreter context of each process. This is preferred in this scenario as some third party packages for Python which include C extensions will not run in the Python sub interpreter contexts which mod_wsgi would use by default. By using the main Python interpreter context you eliminate the possibility of such third party packages for Python causing problems.
A similar case link.
Also:
Looking at this,
python-home=/home/ubuntu/myapp/myapp/myapp python-path=/home/ubuntu/myapp:/home/ubuntu/myapp/lib/python3.6/site-packages
I think you have the wrong path for python-home. Make sure python-home path is correctly provided. Activate your virtual environment and run the command to get the python-home path [docs].
python -c 'import sys; print(sys.prefix)'

Timeout when reading response headers from daemon process even after setting WSGIApplication group to Global

I am hosting a Django based webpage locally using Apache. However, I am getting the following error :
Timeout when reading response headers from daemon process 'office':var/www/office/office/wsgi.py.
I tried adding the line WSGIApplicationGroup %{GLOBAL} to the conf file, but still getting the same error.
This is my .conf file.
WSGIPythonPath /var/www/office
ServerName office.org
LoadModule wsgi_module /usr/lib/apache2/modules/mod_wsgi.so
WSGIApplicationGroup %{GLOBAL}
<VirtualHost 0.0.0.0:80>
ServerAlias www.office.org
DocumentRoot /var/www/example.com/public_html
<Directory /var/www/example.com>
Require all granted
</Directory>
<Directory /var/www/office/office>
<Files wsgi.py>
Require all granted
</Files>
</Directory>
WSGIDaemonProcess office python-home=/var/www/venv python-path=/var/www/office
WSGIProcessGroup office
WSGIScriptAlias /verify /var/www/office/office/wsgi.py process-group=office
ErrorLog /var/www/logs/error.log
CustomLog /var/www/logs/custom.log combined
</VirtualHost>
This is wsgi.py file:
"""
WSGI config for office project.
It exposes the WSGI callable as a module-level variable named ``application``.
For more information on this file, see
https://docs.djangoproject.com/en/2.0/howto/deployment/wsgi/
"""
import os
from django.core.wsgi import get_wsgi_application
os.environ.setdefault("DJANGO_SETTINGS_MODULE", "office.settings")
application = get_wsgi_application()
I've got the same problem and after a lot of struggling and trying different things, this tutorial helped me to solve the problems.
I created and successfully run the demo project. The problem for me were the paths in the config file and also using the server python version instead of creating a virtual environment for the project.
I hope it will help you
I have got the same problem "Timeout when reading response headers" in Flask framework
I resolved it by adding TimeOut 600 in httpd.conf/app.conf
Reference : https://ubiq.co/tech-blog/increase-request-timeout-apache/
if this happened on a working server, You can try to force renew Your ssl certificate.
the reason could be found in apache error logs:
Name-based SSL virtual hosts only work for clients with TLS server name indication support (RFC 4366)
helped for me.

How to configure apache2 on ubuntu for django restful services

I have django restful services on my ubuntu server which are running on port 84.
When the request is send, it come through the apache2 server which is running on port 80.
Now let say my server ip is "xx.xx.xx.10" and when i call with this url http://xx.xx.xx.10/user where user is the rest service running on django rest framework on port 84. Then the request should go to my django rest service through apache2 and return the desired output.
I tried by using the below configuration in the apache2 :-
<VirtualHost *:80>
WSGIScriptAlias / /myproject/myapp/test/wsgi.py
<Directory "/myproject/myapp/test/">
<Files "wsgi.py">
Require all granted
</Files>
</Directory>
</VirtualHost>
but this is giving internal error saying that test.settings does not exits.
is this the right way to configure the restful services running on different port on apache server.
Did you specify a python path? If you don't, import mysite will not work.
WSGIPythonPath /path/to/mysite.com
For more info see: Django docs modWSGI
I have solved this issued by using the below configurations :-
<VirtualHost *:80>
ServerName mydomain
ServerAlias *.mydomain
ProxyRequests off
ProxyPass / http://localhost:84/
ProxyPassReverse / http://localhost:84/
</VirtualHost>

apache + django + mod_wsgi conversion to https keeps going back to http

I've had a django (satchmo) site using Apache and mod_wsgi running fine for a couple of years now. Until now it has only served http, and I'm trying to convert the entire site to https. I have a signed ssl certificate which I believe is fine.
I have adapted my Apache configuration according to my understanding of the docs.
When I try to connect to the site using https, the browser connects fine on port 443, and the Apache server responds with the correct ssl certificate followed by the TLS key exchange etc (according to what I see in Wire Shark). At that point everything looks fine and there are no errors. But..
Once the ssl connection is established, the browser then initiates a "GET / HTTP/1.1" in a new TCP connection to port 80 (i.e. http). It's like it knew nothing about the https connection already in place.
Is it possible that django is at fault? I have not changed the django configuration at all, as I was under the impression that only Apache needs to know about it? (I don't use nginx - Apache handles all of the content.)
I can't "see" what is going on in the ssl conversation, but presumably django is telling the browser client to connect on port 80 somehow? Is that possible?
To make things simple, I now have a plain index.html page when you connect to http, and I've moved all of the django & mod_wsgi to port 443. If I connect straight to the http address, I get the simple index page, no problem.
When I try to connect to the https address, the browser effectively gets redirected to the index.html page. (I don't have any Redirect or Rewrite commands in Apache though.)
Here is my Apache configuration:
<VirtualHost *:80>
ServerName demo.pasta.co.za
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
DocumentRoot /var/www/http_site
</VirtualHost>
<VirtualHost *:443>
SSLEngine on
SSLProtocol all -SSLv2
SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM
SSLCertificateFile /etc/ssl/private/pasta.co.za.crt
SSLCertificateKeyFile /etc/ssl/private/pasta.co.za.key
SSLCertificateChainFile /etc/ssl/private/root_bundle.crt
ServerName demo.pasta.co.za
Alias /favicon.ico /usr/local/django/pasta/static/favicon.ico
Alias /robots.txt /usr/local/django/pasta/static/robots.txt
AliasMatch ^/([^/]*\.css) /usr/local/django/pasta/store/static/$1
WSGIDaemonProcess demo.pasta.co.za processes=2 threads=25 display-name=%{GROUP}
WSGIProcessGroup demo.pasta.co.za
WSGIScriptAlias / /usr/local/django/pasta/apache/django.wsgi
<Directory /usr/local/django/pasta/apache>
Order allow,deny
Allow from all
</Directory>
Alias /static/admin/ /usr/share/pyshared/django/contrib/admin/static/admin/
Alias /static/images/ /usr/local/django/pasta/store/static/images/
Alias /static/ /usr/local/django/pasta/store/static/
Alias /media/ /usr/local/django/pasta/store/static/
<Directory /usr/local/django/pasta/store/static>
Order deny,allow
Options -Indexes
Allow from all
</Directory>
<Directory /usr/share/pyshared/django/contrib/admin/static/admin>
Order deny,allow
Allow from all
</Directory>
</VirtualHost>
And here is my mod_wsgi file:
import os, sys
sys.path.insert (0,"/usr/local/django/pasta/store")
import settings
import django.core.management
django.core.management.setup_environ(settings)
utility = django.core.management.ManagementUtility()
command = utility.fetch_command('runserver')
command.validate()
import django.conf
import django.utils
django.utils.translation.activate(django.conf.settings.LANGUAGE_CODE)
import django.core.handlers.wsgi
application = django.core.handlers.wsgi.WSGIHandler()
There are dozens of examples on SO where people accomplish what I'm trying to do with more or less what I have above.
What am I missing? It feels like I've left out something really obvious.
I have Debian stable running django v1.4.5 python v2.7.3 and apache v2.2.22 with mod-wsgi v3.3-4.
Many thanks!
Accepted answer for satchmo nginx redirect to https then to http and back by mipadi ...
Satchmo includes a piece of middleware called satchmo_store.shop.SSLMiddleware.SSLRedirect, which automatically does redirecting to SSL/non-SSL portions of the site. You have to set up URLs to be served via SSL if you want them to be served via SSL, otherwise the middleware redirects to a non-SSL page. From the docs:
This middleware answers the problem of redirecting to (and from) a SSL secured path by stating what paths should be secured in urls.py file. To secure a path, add the additional view_kwarg 'SSL':True to the view_kwargs.
For example
urlpatterns = patterns('some_site.some_app.views',
(r'^test/secure/$','test_secure',{'SSL':True}),
)
All paths where 'SSL':False or where the kwarg of 'SSL' is not specified are routed to an unsecure path.
For example
urlpatterns = patterns('some_site.some_app.views',
(r'^test/unsecure1/$','test_unsecure',{'SSL':False}),
(r'^test/unsecure2/$','test_unsecure'),
)
In your case, since you're serving the entire site via SSL, you can probably just disable that middleware in your settings.py file.
(From my experiance you need to change quite a few urlpatterns in a few files.)

apache mod_wsgi basic authentication for django app

I've finished a first website based on django and I'm ready to deploy on a liveserver. However, I don't want this site to be visible to the public for now while tweaking and testing.
On PHP sites I always used basic http authentication via .htaccess to make last changes. This is a two liner which denies access for the whole site.
Ideally I want to run a environment like this:
static.mydomain.com (served by apache2 for static files)
mydomain.com (served by apache2 with mod_wsgi latest stable release -> available for public)
dev.mydomain.com (served by apache2 with mod_wsgi dev/testing -> not available for public (basic authentication))
Can this be done with django/apache2/mod_wsgi?
You could setup basic auth for your virtual host dev.mydomain.com. Look at http://httpd.apache.org/docs/2.2/mod/mod_auth_basic.html and http://httpd.apache.org/docs/2.2/vhosts/name-based.html for more details
EDIT: Your virtual host config will look somthing like:
<VirtualHost *:80>
ServerName mydomain.com
DocumentRoot /srv/www/wsgi
<Directory /srv/www/wsgi>
Order allow,deny
Allow from all
</Directory>
WSGIScriptAlias / /srv/www/wsgi/app.wsgi
</VirtualHost>
<VirtualHost *:80>
ServerName dev.mydomain.com
DocumentRoot /srv/www/wsgi-dev
<Directory /srv/www/wsgi-dev>
Order allow,deny
Allow from all
</Directory>
WSGIScriptAlias / /srv/www/wsgi-dev/app.wsgi
<Location />
AuthType Basic
AuthName "Restricted Files"
AuthUserFile /usr/local/apache/passwd/passwords
Require valid-user
</Location>
</VirtualHost>
mod_wsgi doesn't care if you use HTTP auth over it. The only provision would be that if you want it to be visible to the WSGI application then you'd need to use WSGIPassAuthorization, but this is not a concern in this case since Django has its own authentication scheme independent of HTTP auth.