Warning: file_get_contents(/data/phpspider/zhask/data//catemap/9/ssl/3.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181

Warning: file_get_contents(/data/phpspider/zhask/data//catemap/4/r/88.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
带有django gunicorn和nginx的ssl_Django_Ssl_Nginx_Gunicorn - Fatal编程技术网
Fatal编程技术网
  • django/
  • 带有django gunicorn和nginx的ssl

带有django gunicorn和nginx的ssl

django ssl nginx

带有django gunicorn和nginx的ssl,django,ssl,nginx,gunicorn,Django,Ssl,Nginx,Gunicorn,我目前正在通过https部署我的项目,但是我遇到了一些问题。我使用http,但当我尝试合并ssl时,它会中断。我认为我在nginx区块错误配置了gunicorn上游客户,但我不确定。问题可能出在我的gunicorn服务文件中的unix绑定中吗?我对gunicorn很陌生,所以我有点迷路了 [Unit] Description=gunicorn daemon After=network.target [Service] Environment=PYTHONHASHSEED=random User

我目前正在通过https部署我的项目,但是我遇到了一些问题。我使用http,但当我尝试合并ssl时,它会中断。我认为我在nginx区块错误配置了gunicorn上游客户,但我不确定。问题可能出在我的gunicorn服务文件中的unix绑定中吗?我对gunicorn很陌生,所以我有点迷路了

[Unit]
Description=gunicorn daemon
After=network.target

[Service]
Environment=PYTHONHASHSEED=random
User=USER
Group=www-data
WorkingDirectory=/path/to/project
ExecStart=/path/to/project/project_env/bin/gunicorn --workers 3 --bind unix:/path/to/project/project.sock project.wsgi:application

[Install]
WantedBy=multi-user.target
下面是我的配置

[Unit]
Description=gunicorn daemon
After=network.target

[Service]
Environment=PYTHONHASHSEED=random
User=USER
Group=www-data
WorkingDirectory=/path/to/project
ExecStart=/path/to/project/project_env/bin/gunicorn --workers 3 --bind unix:/path/to/project/project.sock project.wsgi:application

[Install]
WantedBy=multi-user.target
古尼康:

[Unit]
Description=gunicorn daemon
After=network.target

[Service]
Environment=PYTHONHASHSEED=random
User=USER
Group=www-data
WorkingDirectory=/path/to/project
ExecStart=/path/to/project/project_env/bin/gunicorn --workers 3 --bind unix:/path/to/project/project.sock project.wsgi:application

[Install]
WantedBy=multi-user.target
Nginx(工作http):

[Unit]
Description=gunicorn daemon
After=network.target

[Service]
Environment=PYTHONHASHSEED=random
User=USER
Group=www-data
WorkingDirectory=/path/to/project
ExecStart=/path/to/project/project_env/bin/gunicorn --workers 3 --bind unix:/path/to/project/project.sock project.wsgi:application

[Install]
WantedBy=multi-user.target
Nginx(https):

[Unit]
Description=gunicorn daemon
After=network.target

[Service]
Environment=PYTHONHASHSEED=random
User=USER
Group=www-data
WorkingDirectory=/path/to/project
ExecStart=/path/to/project/project_env/bin/gunicorn --workers 3 --bind unix:/path/to/project/project.sock project.wsgi:application

[Install]
WantedBy=multi-user.target
您的gunicorn systemd单位文件似乎没有问题。你的nginx一般也可以。您发布的信息太少,无法获得适当的诊断。我猜您没有将
X-Forwarded-Proto
头传递给gunicorn,但可能是其他原因。下面是一个适用于我的nginx配置文件:

[Unit]
Description=gunicorn daemon
After=network.target

[Service]
Environment=PYTHONHASHSEED=random
User=USER
Group=www-data
WorkingDirectory=/path/to/project
ExecStart=/path/to/project/project_env/bin/gunicorn --workers 3 --bind unix:/path/to/project/project.sock project.wsgi:application

[Install]
WantedBy=multi-user.target

upstream gunicorn{
    # fail_timeout=0 means we always retry an upstream even if it failed
    # to return a good HTTP response (in case the Unicorn master nukes a
    # single worker for timing out).

    # for UNIX domain socket setups:

    server unix:/path/to/project/project.sock fail_timeout=0;

    # for TCP setups, point these to your backend servers
    # server 127.0.0.1:9000 fail_timeout=0;
}
server {
    listen 80;
    listen 443 ssl http2;
    server_name server_domain;
    ssl_certificate /etc/ssl/server_domain.crt; 
    ssl_certificate_key /etc/ssl/server_domain.key; 



    # path for static files
    root /path/to/collectstatic/dir;

    location / {
      # checks for static file, if not found proxy to app
      try_files $uri @proxy_to_app;
    }

    location @proxy_to_app {
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

        # When Nginx is handling SSL it is helpful to pass the protocol information
        # to Gunicorn. Many web frameworks use this information to generate URLs.
        # Without this information, the application may mistakenly generate http
        # URLs in https responses, leading to mixed content warnings or broken
        # applications. In this case, configure Nginx to pass an appropriate header:
        proxy_set_header X-Forwarded-Proto $scheme;

        # pass the Host: header from the client right along so redirects
        # can be set properly within the Rack application
        proxy_set_header Host $http_host;

        # we don't want nginx trying to do something clever with
        # redirects, we set the Host: header above already.
        proxy_redirect off;


        # Try to serve static files from nginx, no point in making an
        # *application* server like Unicorn/Rainbows! serve static files.
        proxy_pass http://gunicorn;
    }


}
嗨,巴勃罗,谢谢你的回复。我尝试过这种配置,但得到的结果与以前相同。有了这个实现,我可以访问我的应用程序,但它不安全。当我试图通过访问我的应用程序时,我发现一个错误,无法访问此站点。请检查显示
listen443ssl确实在443之后显示ssl。