I'm trying to make my site work with the www prefix. I can only reach the site without the prefix. I am using Nginx+Django in digitalocean. Here is my site config file:
/etc/nginx/sites-enabled/mysite
upstream app_server {
server 127.0.0.1:9000 fail_timeout=0;
}
server{
listen 80 default_server;
listen [::]:80 default_server ipv6only=on;
server_name .example.com;
root /usr/share/nginx/html;
index index.html index.htm;
client_max_body_size 4G;
keepalive_timeout 5;
# Your Django project's media files - amend as required
location /media {
alias /home/django/proyect/media;
}
# your Django project's static files - amend as required
location /static {
alias /home/django/proyect/static;
}
location / {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_pass http://app_server;
}
}
I have tried without success these:
# rewrite ^ http://example.com$uri permanent;
# rewrite ^/(.*) http://example.com/$1 permanent;
# server_name example.com www.example.com;
What am I doing wrong?
For my site I set it up so all www traffic was sent to the non-www address of my site by having two server blocks, one to redirect www traffic to the non-www address and one the handle the non-www traffic. I think the opposite should work for your situation.
server {
listen 80;
server_name example.com;
return 301 $scheme://www.example.com$request_uri;
}
server {
listen 80;
server_name www.example.com;
...
}
I'm not sure if this is the best way to go about it as I'm still pretty new to Nginx.
The $host variable can be used to check for the occurrence of a "www" prefix. You could add this to the server section of the config to remove it:
server {
if ($host ~* www\.(.*)) {
set $host_without_www $1;
rewrite ^(.*)$ https://$host_without_www$1 permanent;
}
....
goto : DNS -> SELECT DOMAIN -> ADD RECORD -> Select record type "A"
hostname : www
IP Adress : your droplets IP
Related
I am trying to add my SSL certificate to my django application according to this tutorial. I can turn on my website using 'https://ebluedesign.online'. But web browsers return something in style 'The certificate can not be verified due to a trusted certificate authority.' After accepting the messages, my page is displayed correctly.
My nginx file looks like this:
upstream app_server {
server unix:/home/app/run/gunicorn.sock fail_timeout=0;
}
server {
#listen 80;
# add here the ip address of your server
# or a domain pointing to that ip (like example.com or www.example.com)
server_name ebluedesign.online;
listen 443 ssl;
ssl_certificate /etc/letsencrypt/live/ebluedesign.online/cert.pem;
ssl_certificate_key /etc/letsencrypt/live/ebluedesign.online/privkey.pem;
keepalive_timeout 5;
client_max_body_size 4G;
access_log /home/app/logs/nginx-access.log;
error_log /home/app/logs/nginx-error.log;
location /static/ {
alias /home/app/static/;
}
# checks for static file, if not found proxy to app
location / {
try_files $uri #proxy_to_app;
}
location #proxy_to_app {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_pass http://app_server;
}
}
server {
listen 80;
listen [::]:80;
server_name ebluedesign.online;
return 301 https://$host$request_uri;
}
My certificates are also visible here:
/etc/letsencrypt/live/ebluedesign.online/...
How can I solve this problem with SSL certificate. I use free SSL by https://letsencrypt.org/.
EDIT:
What is odd is if you go to http://bluedesign.online/ it works fine even though your file makes it seem as if port 80 isn’t listened too at all. Do you happen to have two setup files in nginx? It is possible that the one you posted is not being used.
I’ve followed this tutorial many times with success. You could try using it from scratch if you have the opportunity: https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-ubuntu-16-04
I need http://example.com to redirect to https://example.com. Whereas http://www.example.com, http://api.example.com must not redirect i.e, subdomains need not redirect to https.
I can understand the configuration here by looking at it. But don't know to move further. Please help me.
My configuration so far is:
sites-available/default.py
upstream app_server {
server unix:/home/django/gunicorn.socket fail_timeout=0;
}
server {
server_name example.com www.example.com cloud.example.com api.example.com;
listen 80;
return 301 https://example.com$request_uri;
}
server {
server_name example.com www.example.com cloud.example.com api.example.com;
listen 443; # <-
ssl on; # <-
ssl_certificate /etc/ssl/example_cert_chain.crt; # <-
ssl_certificate_key /etc/ssl/example.key; # <-
#listen 80 default_server;
#listen [::]:80 default_server ipv6only=on;
root /usr/share/nginx/html;
index index.html index.htm;
client_max_body_size 4G;
server_name _;
keepalive_timeout 5;
# Your Django project's media files - amend as required
location /media {
alias /home/django/django_project/media;
}
# your Django project's static files - amend as required
location /static {
alias /home/django/django_project/static/;
}
# Proxy the static assests for the Django Admin panel
location /static/admin {
alias /usr/lib/python2.7/dist-packages/django/contrib/admin/static/admin/;
}
location / {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https; # <-
proxy_set_header X-Forwarded-Protocol $scheme;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_buffering off;
proxy_pass http://app_server;
}
}
Edit this:
server {
server_name example.com www.example.com cloud.example.com api.example.com;
listen 80;
return 301 https://example.com$request_uri;
}
Into:
server {
server_name example.com www.example.com cloud.example.com api.example.com;
listen 80;
if ($http_host = "example.com") {
rewrite ^ https://example.com$request_uri permanent;
}
}
I have nginx to server to browser. I want nginx to serve for websocket requests from browser. Nginx has internally proxy to django (gunicorn uwsgi) using proxy configs. I am not able to set up the config in nginx for websocket. Tried different configs from internet but no success. My default file in nginx config file :
server {
listen 80 default_server;
listen [::]:80 default_server;
root /usr/share/gmc/dist;
# Add index.php to the list if you are using PHP
index index.html index.htm index.nginx-debian.html;
server_name _;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404 /index.html index.js;
}
location ~ /redfish.* {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://localhost:8000;
}
}
These are the basic settings you need to apply for your django-project:
server {
listen 80;
server_name **Server Name or IP**;
#Website LOGO:
location = /favicon.ico { access_log off; log_not_found off;}
#Static Files like CSS, JS
location = /static/ {
root /home/hitshell/website/project/
}
#Media Files like Images, Videos etc.
location = /media/ {
root /home/hitshell/website/project/
}
#proxy
location = / {
include proxy_params;
proxy_pass http://unix:/home/hitshell/website/project/project.sock;
}
}
REFERENCE:
https://www.digitalocean.com/community/tutorials/how-to-install-and-configure-django-with-postgres-nginx-and-gunicorn
https://www.shellvoide.com/hacks/installing-django-application-with-nginx-mysql-and-gunicorn-on-ubuntu-vps/
The First one has some missing configurations in the middle of the tutorial.
Hi im having trouble with my first Django site and not sure what im doing wrong.
I basically want to redirect http:// www. example.com and http:// example.com and https:// www. example.com all to > https://example.com
The redirect from http:// example.com seems to work.
This is what my conf file looks like.
server {
#listen 80 default_server;
#listen [::]:80 default_server ipv6only=on;
listen 443 ssl;
server_name example.com;
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
root /usr/share/nginx/html;
index index.html index.htm;
client_max_body_size 4G;
server_name _;
keepalive_timeout 5;
# Your Django project's media files - amend as required
location /media {
alias /home/django/django_project/django_project/media;
}
# your Django project's static files - amend as required
location /static {
alias /home/django/django_project/django_project/static;
}
# Proxy the static assests for the Django Admin panel
location /static/admin {
alias /usr/lib/python2.7/dist-packages/django/contrib/admin/static/admin/;
}
location / {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_pass http://app_server;
}
}
server {
listen 80;
server_name www.example.com;
return 301 $scheme://$host$request_uri;
}
server {
listen 80;
server_name example.com;
return 301 $scheme://$host$request_uri;
}
server {
listen [::]:443 ssl;
listen 443 ssl;
server_name www.example.com;
return 301 $scheme://$host$request_uri;
}
What am i doing wrong?
The answer from Richard has solved my problem.
I tried to run site on https instead of http and therefore to create a redirect. At the moment site works at https adress. If I enter http adress, redirect to https takes place but it says it can't find server. What am I doing wrong? Commented is what I have also tried. I don't really understand why server_name is _ in second configuration(which works), because it's a pre-installed image configuration on VPS
upstream app_server {
server unix:/home/django/gunicorn.socket fail_timeout=0;
}
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name _;
return 301 https://$host$request_uri;
#listen 80;
#server_name solomon;
#return 301 https://closer.com$request_uri;
#server_name solomon;
#listen 80;
#return 301 https://closer.com;
}
server {
#listen 80 default_server;
#listen [::]:80 default_server ipv6only=on;
listen 443;
ssl on;
ssl_certificate /etc/ssl/simple_academy_cert_chain.crt;
ssl_certificate_key /etc/ssl/server.key;
root /usr/share/nginx/html;
index index.html index.htm;
client_max_body_size 4G;
server_name _;
keepalive_timeout 5;
# Your Django project's media files - amend as required
location /media {
alias /home/django/django_project/django_project/media;
}
# your Django project's static files - amend as required
location /static {
alias /home/django/django_project/static;
}
# Proxy the static assests for the Django Admin panel
location /static/admin {
alias /usr/lib/python2.7/dist-packages/django/contrib/admin/static/admin/;
}
location / {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header Host $host;
proxy_redirect off;
proxy_buffering off;
proxy_pass http://app_server;
}
}
Here's how I handle it on my server:
server {
listen 80;
server_name mysite.com www.mysite.com;
return 301 https://$server_name$request_uri;
}
All HTTP traffic gets redirected to HTTPS.