Fatal编程技术网
  • python/
  • Python 使用Nginx&;Gunicorn使用IP:端口的自定义域名

Python 使用Nginx&;Gunicorn使用IP:端口的自定义域名

python ubuntu nginx flask

Python 使用Nginx&;Gunicorn使用IP:端口的自定义域名,python,ubuntu,nginx,flask,firewall,Python,Ubuntu,Nginx,Flask,Firewall,我在Ubuntu上部署了一个Flask应用程序,Gunicorn和Nginx提供请求服务 Nginx配置: server { server_name server_name domain_name; location / { include proxy_params; proxy_pass http://unix:/home/darshit/myproject/myproject.sock; } listen 443 ssl; # managed by Certbot ssl

我在Ubuntu上部署了一个Flask应用程序,Gunicorn和Nginx提供请求服务

Nginx配置:

server {
server_name server_name domain_name;

location / {
    include proxy_params;
    proxy_pass http://unix:/home/darshit/myproject/myproject.sock;
}

listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/domain_name/fullchain.pem; # managed by 
Certbot
ssl_certificate_key /etc/letsencrypt/live/domain_name/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}
server {
if ($host = domain_name) {
    return 301 https://$host$request_uri;
} # managed by Certbot


listen 80;
server_name server_name domain_name;
return 404; # managed by Certbot
}
现在,应用程序在端口443上接受httos的请求。专用ip已映射到公共ip,服务器的端口443已映射到端口9991上的服务请求。 为了通过internet访问应用程序,用户必须点击:

我希望应用程序在不提及端口名称的情况下服务请求,即

要做什么改变?如果您的gunicorn正在侦听端口9991,您需要将nginx配置为向其发送上游请求,我们将不胜感激

以下是您的操作方法:

server {
    listen 80 default_server;

    server_name _;

    return 301 https://$host$request_uri;
}

server {
    listen 443 ssl;
    server_name _;

    ssl_certificate /etc/letsencrypt/live/domain_name/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/domain_name/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

    location /static  {
    alias /path/to/static/folder/of/application;
    }

    location / {
         proxy_pass http://localhost:9991;
         proxy_http_version 1.1;
         proxy_set_header Upgrade $http_upgrade;
         proxy_set_header Connection 'upgrade';
         proxy_set_header Host $host;
         proxy_cache_bypass $http_upgrade;
     }
}
注意事项:

第一块代码侦听端口80上的任何连接,并简单地永久重定向到端口443。这是必需的,这样如果您的用户在其中键入内容,就应该重定向到

现在,第二个块在端口443上侦听使用下面配置的密钥的安全连接,并将请求向上传输到gunicorn正在运行的端口9991

Pro提示:我添加了一个额外的
位置/静态
块,它基本上将任何请求与其中的
/static
匹配,并从应用程序的静态文件夹提供服务。静态文件(如图像、样式表等)不应由应用程序服务器提供,最好由nginx等web服务器提供。

这是否回答了您的问题?