Python 使用Nginx&;Gunicorn使用IP:端口的自定义域名
我在Ubuntu上部署了一个Flask应用程序,Gunicorn和Nginx提供请求服务 Nginx配置:Python 使用Nginx&;Gunicorn使用IP:端口的自定义域名,python,ubuntu,nginx,flask,firewall,Python,Ubuntu,Nginx,Flask,Firewall,我在Ubuntu上部署了一个Flask应用程序,Gunicorn和Nginx提供请求服务 Nginx配置: server { server_name server_name domain_name; location / { include proxy_params; proxy_pass http://unix:/home/darshit/myproject/myproject.sock; } listen 443 ssl; # managed by Certbot ssl
server {
server_name server_name domain_name;
location / {
include proxy_params;
proxy_pass http://unix:/home/darshit/myproject/myproject.sock;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/domain_name/fullchain.pem; # managed by
Certbot
ssl_certificate_key /etc/letsencrypt/live/domain_name/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = domain_name) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name server_name domain_name;
return 404; # managed by Certbot
}
现在,应用程序在端口443上接受httos的请求。专用ip已映射到公共ip,服务器的端口443已映射到端口9991上的服务请求。
为了通过internet访问应用程序,用户必须点击:
我希望应用程序在不提及端口名称的情况下服务请求,即
要做什么改变?如果您的gunicorn正在侦听端口9991,您需要将nginx配置为向其发送上游请求,我们将不胜感激 以下是您的操作方法:
server {
listen 80 default_server;
server_name _;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl;
server_name _;
ssl_certificate /etc/letsencrypt/live/domain_name/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/domain_name/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
location /static {
alias /path/to/static/folder/of/application;
}
location / {
proxy_pass http://localhost:9991;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}
注意事项:
第一块代码侦听端口80上的任何连接,并简单地永久重定向到端口443。这是必需的,这样如果您的用户在其中键入内容,就应该重定向到
现在,第二个块在端口443上侦听使用下面配置的密钥的安全连接,并将请求向上传输到gunicorn正在运行的端口9991
Pro提示:我添加了一个额外的
位置/静态
块,它基本上将任何请求与其中的/static
匹配,并从应用程序的静态文件夹提供服务。静态文件(如图像、样式表等)不应由应用程序服务器提供,最好由nginx等web服务器提供。这是否回答了您的问题?