stackoom
  简体   繁体   中英

SSL on Django, Nginx, and Gunicorn

 原文  2017-09-07 16:57:42       django/ ssl/ nginx/ https/ gunicorn

Question

I am using Nginx and gunicorn to serve my Django project. I currently have it working for ssl (https), but do not quite understand the correct settings for the settings file and nginx. Could someone have a look at my setup and tell me if anything blatantly looks wrong, or horribly executed?

My Nginx File, Please Note that some lines are commented out. When I uncomment them, the site stops working. Edit: When I uncomment them all at the same time/

server {

    server_name example.com;
    listen 443 ssl;
    ssl on;

    ssl_certificate /etc/ssl/mycrt.crt;
    ssl_certificate_key /etc/ssl/mykey.key;

    location = /favicon.ico {access_log off; log_not_found off;}
    location /static/ {
          gzip on;
          gzip_types text/css;
          alias /home/project/static/;
   }

   location / {
      include proxy_params;
    # proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
      proxy_set_header    X-Forwarded-Proto https;
    # proxy_set_header Host $http_host;
    # proxy_redirect off;
      proxy_pass http://unix:/home/project/myproject/project.sock;
 }
}
server {
        listen 80;
        server_name example.com www.example.com;
        return 301 https://example.com$request_uri;

}

My Gunicorn File

[Unit]
Description=gunicorn daemon
After= network.target

[Service]
User=tyler
Group=www-data
Environment="Production=production"
WorkingDirectory=/home/project/myproject
ExecStart=/home/project/projectenv/bin/gunicorn --access-logfile - --workers 3 --bind unix:/home/projecty/myproject_a$

[Install]
WantedBy=multi-user.target

And lastly, the dajngo settings

SECURE_SSL_REDIRECT = True

SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')

SESSION_COOKIE_SECURE = True

CSRF_COOKIE_SECURE = True

Are there any issues with this setup? I am very confused about the Nginx settings that I had to comment out in order for https to start working. Also, I know Django is very cautious on using the SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https') setting. Does all look well?

Thanks!

1 answers

solution1
 0  2021-10-02 10:38:18

It works for me. I don't sure it will work for you, but you can try.

        location / {
            proxy_set_header Host $http_host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto $scheme;
            proxy_pass http://unix:/home/project/myproject/project.sock;
        }

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Configure SSL in NGINX and Gunicorn in Django Django w/ Docker, Nginx, Gunicorn and SSL Django+gunicorn+nginx telegram webhook ssl trouble Mixed content error in using SSL with Gunicorn/Django/Nginx application Issue with admin static files in Django 3 (Ubuntu, Nginx, Gunicorn, SSL) Issue accessing a (django) app in a vagrant box with ssl / nginx /gunicorn Gunicorn workers timing out after SSL install (Django, Nginx) SSL Using Gunicorn for Django nginx + gunicorn + django not working Django deploy Gunicorn and NginX
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM