我正在使用Nginx和gunicorn来服务我的Django项目。我目前让它适用于ssl(https),但不太了解设置文件和nginx的正确设置。有人可以看看我的设置并告诉我是否有任何明显错误或可怕的执行?
我的Nginx文件,请注意,有些行被注释掉了。当我取消注释它们时,该站点停止工作。编辑:当我同时取消注释所有/
时server {
server_name example.com;
listen 443 ssl;
ssl on;
ssl_certificate /etc/ssl/mycrt.crt;
ssl_certificate_key /etc/ssl/mykey.key;
location = /favicon.ico {access_log off; log_not_found off;}
location /static/ {
gzip on;
gzip_types text/css;
alias /home/project/static/;
}
location / {
include proxy_params;
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
# proxy_set_header Host $http_host;
# proxy_redirect off;
proxy_pass http://unix:/home/project/myproject/project.sock;
}
}
server {
listen 80;
server_name example.com www.example.com;
return 301 https://example.com$request_uri;
}
我的Gunicorn文件
[Unit]
Description=gunicorn daemon
After= network.target
[Service]
User=tyler
Group=www-data
Environment="Production=production"
WorkingDirectory=/home/project/myproject
ExecStart=/home/project/projectenv/bin/gunicorn --access-logfile - --workers 3 --bind unix:/home/projecty/myproject_a$
[Install]
WantedBy=multi-user.target
最后,dajngo设置
SECURE_SSL_REDIRECT = True
SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')
SESSION_COOKIE_SECURE = True
CSRF_COOKIE_SECURE = True
此设置是否有任何问题?我对Nginx设置非常困惑,为了让https开始工作,我必须注释掉它们。另外,我知道Django在使用SECURE_PROXY_SSL_HEADER =('HTTP_X_FORWARDED_PROTO','https')设置时非常谨慎。一切顺利吗?
谢谢!