here is my server architecture:
port 443 --> haproxy 1.6.3 --> nginx 1.1.19 --> uwsgi 2.0.13.1 --> wsgi python server (Django)
I know it's weird to use both haproxy+nginx but I have no choice because I need haproxy for another project on the same server on port 443.
here is my haproxy config:
frontend www-https
bind *:443 ssl crt /etc/ssl/private/
mode http
option httpclose
acl nginx hdr_end(host) -i example.com
backend nginx
mode http
balance leastconn
option forwardfor
option http-server-close
option forceclose
no option httpclose
server nginx-01 nginx:52654 check
and here is my nginx config
server {
listen 52654 default_server;
charset utf-8;
client_max_body_size 75M;
chunked_transfer_encoding on;
location / {
uwsgi_pass django;
proxy_buffering off;
uwsgi_param QUERY_STRING $query_string;
uwsgi_param REQUEST_METHOD $request_method;
uwsgi_param CONTENT_TYPE $content_type;
uwsgi_param CONTENT_LENGTH $content_length;
uwsgi_param REQUEST_URI $request_uri;
uwsgi_param PATH_INFO $document_uri;
uwsgi_param DOCUMENT_ROOT $document_root;
uwsgi_param SERVER_PROTOCOL $server_protocol;
uwsgi_param HTTPS $https if_not_empty;
uwsgi_param REMOTE_ADDR $remote_addr;
uwsgi_param REMOTE_PORT $remote_port;
uwsgi_param SERVER_PORT $server_port;
uwsgi_param SERVER_NAME $server_name;
}
}
Problem I have is that when I make an upload wuth a web client using chunked encoding, I get the 411 HTTP error Content-Length required.
If I bypass haproxy it's working fine. But using haproxy + nginx gives me the 411 error for chunked encoding.
Any idea?
Your nginx version is quite old. Try upgrade it.
Related
I am trying to run my site, when i run
uwsgi --socket 0.0.0.0:8080 --protocol=http --chdir /opt/virtualenv/landivarpj/ --wsgi-file /opt/virtualenv/landivarpj/landivarpj/wsgi.py
i can access 192.xxx.xxx.xxx:8080 fine and my test text appears,
but if i try to go trought 192.xxx.xxx.xxx i only get an nginx welcome page,
and if i try to go in trought my domain www.xxxxxxxx.com, then it doesnt work at all.
in my project folder(opt/virtualenv/landivarpj) i have a uswgi_params file with
uwsgi_param QUERY_STRING $query_string;
uwsgi_param REQUEST_METHOD $request_method;
uwsgi_param CONTENT_TYPE $content_type;
uwsgi_param CONTENT_LENGTH $content_length;
uwsgi_param REQUEST_URI $request_uri;
uwsgi_param PATH_INFO $document_uri;
uwsgi_param DOCUMENT_ROOT $document_root;
uwsgi_param SERVER_PROTOCOL $server_protocol;
uwsgi_param REQUEST_SCHEME $scheme;
uwsgi_param HTTPS $https if_not_empty;
uwsgi_param REMOTE_ADDR $remote_addr;
uwsgi_param REMOTE_PORT $remote_port;
uwsgi_param SERVER_PORT $server_port;
uwsgi_param SERVER_NAME $server_name;
then in (opt/virtualenv/landivarpj/landivarpj) the wsgi.py is
import os
from django.core.wsgi import get_wsgi_application
os.environ.setdefault("DJANGO_SETTINGS_MODULE", "landivarpj.settings")
application = get_wsgi_application()
in etc/nginx/sites-available is have drlandivar.conf
upstream django {
server 192.xxx.xxx.xxx:8080; # for a web port socket (we'll use this first)
}
server {
listen 80;
server_name drlandivar.com www.drlandivar.com;
charset utf-8;
client_max_body_size 75M; # adjust to taste
location /media {
alias /opt/virtualenv/landivarpj/media;
}
location /static {
alias /opt/virtualenv/landivarpj/static;
}
location / {
uwsgi_pass django;
include /opt/virtualenv/landivarpj/uwsgi_params;
}
}
the site-available and site-enable are linked
what have i done wrong why it work on 192.xxx.xxx.xxx:8080
but not trought the domain and nginx
***** new edit as recommended on nginx/availables-site/drlandivar.conf
upstream django {
server 192.254.145.207:8080;
}
server {
listen 80;
server_name drlandivar.com www.drlandivar.com;
charset utf-8;
client_max_body_size 75M; # adjust to taste
location /media {
alias /opt/virtualenv/landivarpj/media;
}
location /static {
alias /opt/virtualenv/landivarpj/static;
}
location / {
proxy_pass http://django;
}
}
it still give me same problem page only load trought 192.xxx.xxx.xxx:8080 not trought drlandivar.com
please help
You need to proxy_pass instead. The following configuration should do the trick.
upstream django {
server 192.254.145.207:8080;
}
server {
...
location / {
proxy_pass http://django;
}
}
Comparing yours to a working example of mine, one thing stands out. Try
...
location / {
include uwsgi_params;
proxy_pass http://django;
}
Adding --logto /var/log/uwsgi/uwsgi.log to your uwsgi invocation (after creating /var/log/uswgi and making it writeable to the uwsgi process) might shed some additional light.
I have been following the http://uwsgi-docs.readthedocs.io/en/latest/tutorials/Django_and_nginx.html
and went up to the
http://uwsgi-docs.readthedocs.io/en/latest/tutorials/Django_and_nginx.html#running-the-django-application-with-uwsgi-and-nginx
and started the uwsgi --socket mysite.sock --module mysite.wsgi --chmod-socket=664 it is started but when i load my webpage on browser getting 502 Bad Gateway
Django version 1.10.2
error is
error] 25444#25444: *1 connect() failed (111: Connection refused)
while connecting to upstream, client: 127.0.0.1, server: mytest.com,
request: "GET / HTTP/1.1", upstream: "uwsgi://127.0.0.1:8001", host:
"127.0.0.1:8000"
What could be the issue ?
# configuration of the server
server {
# the port your site will be served on
listen 8000;
# the domain name it will serve for
server_name mytest.com; # substitute your machine's IP address or FQDN
charset utf-8;
# max upload size
client_max_body_size 175M; # adjust to taste
# Django media
location /media {
alias /home/karesh/tutorial/uwsgi-tutorial/mysite/media; # your Django project's media files - amend as required
}
location /static {
alias /home/karesh/tutorial/uwsgi-tutorial/mysite/static; # your Django project's static files - amend as required
}
# Finally, send all non-media requests to the Django server.
location / {
uwsgi_pass unix:/home/karesh/tutorial/uwsgi-tutorial/mysite/mysite.sock;
include /home/karesh/tutorial/uwsgi-tutorial/mysite/uwsgi_params; # the uwsgi_params file you installed
}
}
uwsgi_params file inside project directory
uwsgi_param QUERY_STRING $query_string;
uwsgi_param REQUEST_METHOD $request_method;
uwsgi_param CONTENT_TYPE $content_type;
uwsgi_param CONTENT_LENGTH $content_length;
uwsgi_param REQUEST_URI $request_uri;
uwsgi_param PATH_INFO $document_uri;
uwsgi_param DOCUMENT_ROOT $document_root;
uwsgi_param SERVER_PROTOCOL $server_protocol;
uwsgi_param REQUEST_SCHEME $scheme;
uwsgi_param HTTPS $https if_not_empty;
uwsgi_param REMOTE_ADDR $remote_addr;
uwsgi_param REMOTE_PORT $remote_port;
uwsgi_param SERVER_PORT $server_port;
uwsgi_param SERVER_NAME $server_name;
A few things, that could help you:
1) Add user, that runs uWSGI, to nginx group
2) On CentOS with enabled SE the best way to put socket is a directory under /run
3) Set socket permissions to <your_user>:nginx(in other words - set permission for socket for your user and for nginx group.
These steps normally helps me to figure out with permissions error.
In the following i am trying to configure from http://uwsgi-docs.readthedocs.org/en/latest/tutorials/Django_and_nginx.html
The following is my conf file below placed in my project directory and have linked the same in the sites-enabled of the nginx directory.
Now when i access my http://127.0.0.1:8000/app1/files?path=/ i end up with 502 Bad Gateway and the nginx error log says
2015/09/21 14:07:41 [error] 8023#0: *7 connect() failed (111: Connection refused) while connecting to upstream, client: 127.0.0.1, server: 127.0.0.1, request: "GET / HTTP/1.1", upstream: "uwsgi://127.0.0.1:8001", host: "127.0.0.1:8000"
but i am able to access this link http://127.0.0.1:8000/media/a.jpg what am i doing wrong here and how can access my django application
# mysite_nginx.conf
# the upstream component nginx needs to connect to
upstream django {
# server unix:///path/to/your/mysite/mysite.sock; # for a file socket
server 127.0.0.1:8001; # for a web port socket (we'll use this first)
}
# configuration of the server
server {
# the port your site will be served on
listen 8000;
# the domain name it will serve for
server_name 127.0.0.1; # substitute your machine's IP address or FQDN
charset utf-8;
# max upload size
client_max_body_size 75M; # adjust to taste
# Django media
location /media {
alias /home/rajeev/django-test/mysite/media; # your Django project's media files - amend as required
}
location /static {
#alias /path/to/your/mysite/static; # your Django project's static files - amend as required
alias /home/rajeev/django-test/mysite/static/; # your Django project's static files - amend as required
}
# Finally, send all non-media requests to the Django server.
location / {
uwsgi_pass django;
include /home/rajeev/django-test/mysite/conf/uwsgi_params; # the uwsgi_params file you installed
}
}
Edit1: uwsgi_params file
uwsgi_param QUERY_STRING $query_string;
uwsgi_param REQUEST_METHOD $request_method;
uwsgi_param CONTENT_TYPE $content_type;
uwsgi_param CONTENT_LENGTH $content_length;
uwsgi_param REQUEST_URI $request_uri;
uwsgi_param PATH_INFO $document_uri;
uwsgi_param DOCUMENT_ROOT $document_root;
uwsgi_param SERVER_PROTOCOL $server_protocol;
uwsgi_param REQUEST_SCHEME $scheme;
uwsgi_param HTTPS $https if_not_empty;
uwsgi_param REMOTE_ADDR $remote_addr;
uwsgi_param REMOTE_PORT $remote_port;
uwsgi_param SERVER_PORT $server_port;
uwsgi_param SERVER_NAME $server_name;
You've missed one point in this tutorial. Configuration of uWSGI for nginx is different than configuration for checking in browser if uWSGI is working not only by used port, but also by protocol.
When deploying uWSGI for nginx, --http should be replaced by --socket. By that change, nginx will understand properly output from your uWSGI server, but your browser won't.
Configuration for browser (to check if uWSGI is working) can work for nginx also, but you must use proxy_pass instead of uwsgi_pass in nginx, and using it is not recommended, uwsgi protocol is faster and better for communication between web server and uWSGI server.
I'm writing a RESTful server application using Django 1.7.7 and Django REST framework. The application has been working perfectly when I've run it on the Django test server.
Now, I deployed it to a staging server on AWS running Nginx and uWSGI. The server seems to be running otherwise fine, but calling a POST method causes a "403 Forbidden" response. If I disable HTTPS, the call works just fine, so it has got something to do with the HTTPS.
Here's my Nginx config file for the site:
server {
listen 443 ssl;
charset utf-8;
server_name <HERE'S MY SERVER ADDRESS>;
ssl on;
ssl_certificate /etc/nginx/ssl/myapp.crt;
ssl_certificate_key /etc/nginx/ssl/myapp.key;
ssl_ciphers 'AES128+EECDH:AES128+EDH:!aNULL';
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_session_cache shared:SSL:10m;
ssl_prefer_server_ciphers on;
add_header Strict-Transport-Security max-age=63072000;
add_header X-Frame-Options DENY;
add_header X-Content-Type-Options nosniff;
location / {
include uwsgi_params;
uwsgi_pass 127.0.0.1:3031;
uwsgi_param UWSGI_SCHEME https;
uwsgi_param UWSGI_SCRIPT myapp.wsgi;
uwsgi_param REQUEST_URI $request_uri;
uwsgi_param DOCUMENT_ROOT $document_root;
uwsgi_param SERVER_PROTOCOL $server_protocol;
uwsgi_param HTTPS $https if_not_empty;
}
}
To reiterate, if I change listen 443 ssl to listen 80 default_server and change ssl on to ssl off, the POST methods work just as they should.
Here's the uWSGI config file:
[uwsgi]
socket = 127.0.0.1:3031
chdir = /web/myapp/source/myapp
module = myapp.wsgi
One thing I suspect is that the CSRF header gets stripped off somewhere before it reachers Django's CSRF middleware, but I don't know how to verify this. It could be something completely different, too.
I am following the tutorial Setting up Django and your web server with uWSGI and nginx.
uWSGI is up and running
I set up uwsgi to serve my Django project with the following line.
mydjangoproj $ uwsgi --http 0.0.0.0:8002 --module wsgi --harakiri 5
This works when I go there in a browser, to 42.42.42.42:8002.
My nginx setup
nginx is running as a daemon, and visiting it's default site, port 80, works.
I added this as a site to nginx using the following mydjangoproj_nginx.conf file:
server {
listen 8000;
server_name 42.42.42.42;
charset utf-8;
client_max_body_size 75M;
location /static {
alias /home/myuser/mydjangoproj/static;
}
location / {
uwsgi_pass 127.0.0.1:8002;
include /home/myuser/mydjangoproj/uwsgi_params;
}
}
I use the unmodified version of uwsgi_params, from the tutorial:
uwsgi_param QUERY_STRING $query_string;
uwsgi_param REQUEST_METHOD $request_method;
uwsgi_param CONTENT_TYPE $content_type;
uwsgi_param CONTENT_LENGTH $content_length;
uwsgi_param REQUEST_URI $request_uri;
uwsgi_param PATH_INFO $document_uri;
uwsgi_param DOCUMENT_ROOT $document_root;
uwsgi_param SERVER_PROTOCOL $server_protocol;
uwsgi_param HTTPS $https if_not_empty;
uwsgi_param REMOTE_ADDR $remote_addr;
uwsgi_param REMOTE_PORT $remote_port;
uwsgi_param SERVER_PORT $server_port;
uwsgi_param SERVER_NAME $server_name;
It does serve the static files perfectly.
Error
If I visit 42.42.42.42:8000 it hangs for a long time, until the nginx timeout I guess, and I get 504 Gateway Time-out.
uWSGI writes nothing in the shell. If visiting directly in browser, it does write about receiving a request.
The nginx error log writes, only after the timeout:
2014/12/11 05:31:12 [error] 28895#0: *1 upstream timed out (110: Connection timed out) while reading response header from upstream, client: 66.66.66.66, server: 42.42.42.42, request: "GET / HTTP/1.1", upstream: "uwsgi://42.42.42.42:8002", host: "42.42.42.42:8000"
If I close the uWSGI, which is just run from a shell, I instantly get a 502 Bad Gateway.
When searching online, people just recommend setting the uWSGI timeout lower than the nginx timeout, that's why I run uWSGI with --harakiri 5.
So, what is my problem here?
I think you are running uwsgi in http mode --http 0.0.0.0:8002 but you have configured nginx as uwsgi proxy. You should change your uwsgi script to something like:
uwsgi --socket :8002 --module uwsgi --harakiri 5
Note that if you are running nginx and uwsgi on the same machine is better to use unix sockets