我正在尝试向我的服务器添加另一个Django应用。我已经启动并运行了xmlanalyzer.maciejg.pl,现在我正尝试在现有的nginx和gunicorn设置中添加另一个应用程序,该应用程序可在fencing.maciejg.pl中使用。
我使用了现有的 XMLAnalyzer gunicorn设置(工作正常):
#!/bin/bash
NAME="xmlanalyzer" # Name of the application
DJANGODIR=/home/django/xmlanalyzer # Django project directory
SOCKFILE=/home/django/xmlanalyzer/run/gunicorn.sock # we will communicte using this unix socket
USER=my-user-name # the user to run as
GROUP=my-user-name # the group to run as
NUM_WORKERS=3 # how many worker processes should Gunicorn spawn
DJANGO_SETTINGS_MODULE=xmlanalyzer.settings # which settings file should Django use
DJANGO_WSGI_MODULE=xmlanalyzer.wsgi # WSGI module name
echo "Starting $NAME as `whoami`"
# Activate the virtual environment
cd $DJANGODIR
source ../venv/bin/activate
export DJANGO_SETTINGS_MODULE=$DJANGO_SETTINGS_MODULE
export PYTHONPATH=$DJANGODIR:$PYTHONPATH
# Create the run directory if it doesn't exist
RUNDIR=$(dirname $SOCKFILE)
test -d $RUNDIR || mkdir -p $RUNDIR
# Start your Django Unicorn
# Programs meant to be run under supervisor should not daemonize themselves (do not use --daemon)
#exec gunicorn -b 127.0.0.1:8001 xmlanalyzer.wsgi:application --pid /tmp/gunicorn.pid ;
exec gunicorn -b 127.0.0.1:8001 ${DJANGO_WSGI_MODULE}:application \
--name $NAME \
--workers $NUM_WORKERS \
--user=$USER --group=$GROUP \
## --bind=unix:$SOCKFILE \
--bind=127.0.0.1:8001 \
--log-level=debug \
--log-file=-
以下是 Fencing 应用程序的Gunicorn设置(不起作用):
#!/bin/bash
NAME="fencing" # Name of the application
DJANGODIR=/home/django/fencing # Django project directory
SOCKFILE=/home/django/fencing/run/gunicorn.sock # we will communicte using this unix socket
USER=my-user-name # the user to run as
GROUP=my-user-name # the group to run as
NUM_WORKERS=3 # how many worker processes should Gunicorn spawn
DJANGO_SETTINGS_MODULE=mysite.settings # which settings file should Django use
DJANGO_WSGI_MODULE=mysite.wsgi # WSGI module name
echo "Starting $NAME as `whoami`"
# Activate the virtual environment
cd $DJANGODIR
source ../venv/bin/activate
export DJANGO_SETTINGS_MODULE=$DJANGO_SETTINGS_MODULE
export PYTHONPATH=$DJANGODIR:$PYTHONPATH
# Create the run directory if it doesn't exist
RUNDIR=$(dirname $SOCKFILE)
test -d $RUNDIR || mkdir -p $RUNDIR
# Start your Django Unicorn
# Programs meant to be run under supervisor should not daemonize themselves (do not use --daemon)
exec gunicorn -b 127.0.0.1:8002 ${DJANGO_WSGI_MODULE}:application \
--name $NAME \
--workers $NUM_WORKERS \
--user=$USER --group=$GROUP \
## --bind=unix:$SOCKFILE \
--bind=127.0.0.1:8002 \
--log-level=debug \
--log-file=-
两者似乎都在起作用:
ps -ef | grep gunicorn
my-user-name 780 20697 0 10:20 ? 00:00:01 /home/django/venv/bin/python3 /home/django/venv/bin/gunicorn -b 127.0.0.1:8002 mysite.wsgi:application --name fencing --workers 3 --user=my-user-name --group=my-user-name
my-user-name 787 780 0 10:20 ? 00:00:00 /home/django/venv/bin/python3 /home/django/venv/bin/gunicorn -b 127.0.0.1:8002 mysite.wsgi:application --name fencing --workers 3 --user=my-user-name --group=my-user-name
my-user-name 788 780 0 10:20 ? 00:00:00 /home/django/venv/bin/python3 /home/django/venv/bin/gunicorn -b 127.0.0.1:8002 mysite.wsgi:application --name fencing --workers 3 --user=my-user-name --group=my-user-name
my-user-name 789 780 0 10:20 ? 00:00:00 /home/django/venv/bin/python3 /home/django/venv/bin/gunicorn -b 127.0.0.1:8002 mysite.wsgi:application --name fencing --workers 3 --user=my-user-name --group=my-user-name
my-user-name 1712 1656 0 12:40 pts/1 00:00:00 grep --color=auto gunicorn
root 1730 1 0 2018 ? 01:04:09 /home/django/venv/bin/python3 /home/django/venv/bin/gunicorn -b 127.0.0.1:8001 xmlanalyzer.wsgi:application --name xmlanalyzer --workers 3 --user=my-user-name --group=my-user-name
my-user-name 17483 1730 0 Mar25 ? 00:01:12 /home/django/venv/bin/python3 /home/django/venv/bin/gunicorn -b 127.0.0.1:8001 xmlanalyzer.wsgi:application --name xmlanalyzer --workers 3 --user=my-user-name --group=my-user-name
my-user-name 17554 1730 0 Mar25 ? 00:01:05 /home/django/venv/bin/python3 /home/django/venv/bin/gunicorn -b 127.0.0.1:8001 xmlanalyzer.wsgi:application --name xmlanalyzer --workers 3 --user=my-user-name --group=my-user-name
my-user-name 17953 1730 0 Mar25 ? 00:00:41 /home/django/venv/bin/python3 /home/django/venv/bin/gunicorn -b 127.0.0.1:8001 xmlanalyzer.wsgi:application --name xmlanalyzer --workers 3 --user=my-user-name --group=my-user-name
我使用以下方法创建了nginx安装程序:
/etc/nginx/sites-available# more xmlanalyzer
server {
server_name xmlanalyzer.maciejg.pl;
access_log off;
location /static/ {
alias /home/django/xmlanalyzer/XMLAnalyzer/static/;
}
location / {
proxy_set_header Host $host;
proxy_pass http://127.0.0.1:8001;
proxy_set_header X-Forwarded-Host $server_name;
proxy_set_header X-Real-IP $remote_addr;
add_header P3P 'CP="ALL DSP COR PSAa PSDa OUR NOR ONL UNI COM NAV"';
}
# managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/xmlanalyzer.maciejg.pl/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/xmlanalyzer.maciejg.pl/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = xmlanalyzer.maciejg.pl) {
return 301 https://$host$request_uri;
} # managed by Certbot
server_name xmlanalyzer.maciejg.pl;
listen 80;
return 404; # managed by Certbot
client_max_body_size 64M;
}
我已经将文件夹和端口从8001更改为8002。结果,我得到了:
/etc/nginx/sites-available# more fencing
server {
server_name fencing.maciejg.pl;
access_log off;
location = /favicon.ico { access_log off; log_not_found off; }
location /static/ {
alias /home/django/fencing/fencingtournament/static/;
}
access_log /home/django/fencing/logs/nginx-access.log;
error_log /home/django/fencing/logs/nginx-error.log;
location / {
proxy_set_header Host $host;
proxy_pass http://127.0.0.1:8002;
proxy_set_header X-Forwarded-Host $server_name;
proxy_set_header X-Real-IP $remote_addr;
add_header P3P 'CP="ALL DSP COR PSAa PSDa OUR NOR ONL UNI COM NAV"';
}
# managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/fencing.maciejg.pl/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/fencing.maciejg.pl/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = fencing.maciejg.pl) {
return 301 https://$host$request_uri;
} # managed by Certbot
server_name fencing.maciejg.pl;
listen [::]:80;
return 404; # managed by Certbot
}
现在,尽管https://xmlanalyzer.maciejg.pl运作良好,但尝试访问https://fencing.maciejg.pl/时却收到ERR_TOO_MANY_REDIRECTS
Curl证明域设置正确,并且nginx可用。由于某些原因,它无法重定向到我的应用程序:
curl fencing.maciejg.pl
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
body {
width: 35em;
margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif;
}
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>
两个站点均可用。
ll ../sites-enabled/
total 12
drwxr-xr-x 2 root root 4096 Mar 25 20:39 ./
drwxr-xr-x 6 root root 4096 Mar 25 22:59 ../
lrwxrwxrwx 1 root root 26 Mar 25 20:39 fencing -> ../sites-available/fencing
lrwxrwxrwx 1 root root 30 Feb 23 2018 xmlanalyzer -> ../sites-available/xmlanalyzer
独角兽日志对我来说很好:
tail gunicorn-error.log
Starting fencing as my-user-name
[2019-03-26 10:20:01 +0000] [780] [INFO] Starting gunicorn 19.7.1
[2019-03-26 10:20:01 +0000] [780] [INFO] Listening at: http://127.0.0.1:8002 (780)
[2019-03-26 10:20:01 +0000] [780] [INFO] Using worker: sync
[2019-03-26 10:20:01 +0000] [787] [INFO] Booting worker with pid: 787
[2019-03-26 10:20:01 +0000] [788] [INFO] Booting worker with pid: 788
[2019-03-26 10:20:02 +0000] [789] [INFO] Booting worker with pid: 789
nginx-access.log和nginx-error.log是空的。
我想念什么?我将不胜感激。
编辑只是添加-如果手动启动,则可以访问该应用:
Starting development server at http://159.65.24.62:8002/
[26/Mar/2019 14:24:37] You're accessing the development server over HTTPS, but it only supports HTTP.
这是预料中的错误-这只是表明对https://fencing.maciejg.pl:8002/的Web请求确实找到了正确的位置,因此域名设置正确。
编辑2 将Fencing应用程序的Nginx设置更改为access_log on;,结果如下:
more nginx-access.log
37.30.26.37 - - [26/Mar/2019:14:14:04 +0000] "GET / HTTP/1.1" 301 5 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko
) Chrome/73.0.3683.86 Safari/537.36"
37.30.26.37 - - [26/Mar/2019:14:14:04 +0000] "GET / HTTP/1.1" 301 5 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko
) Chrome/73.0.3683.86 Safari/537.36"
所以我可以看到请求到达了nginx并且正在拒绝。
编辑3 使用certbot禁用重定向后,我现在在访问http://fencing.maciejg.pl/时会得到nginx登陆页面-因此,它仍然可以通过,只是没有重定向到{{1 }}。因此,我仍然相信这是我的Nginx设置中的错误-但是,我仍然看不到...
答案 0 :(得分:0)
好的,我终于解决了这个问题!有多个问题。
首先,我在nginx设置中遇到了冲突。 尽管,即使我解决了这一问题,我仍然遇到HTTP错误。这是由于事实,即Gunicorn设置无效。 尽管,即使我解决了这一问题,我仍然遇到HTTP错误。这是由于Django设置无效。
所以我一遍又一遍地弄乱了每一件,而我提出的解决建议和建议是:进行逐步分析。
首先:我已通过在python manage.py runserver 127.0.0.1:8000禁用SSL的情况下启动Debug = True来在开发模式下运行Django应用。通过curl的这种方式,我可以使其响应并确认其有效。
接下来,我杀死了该应用程序并通过gunicorn脚本运行它。我发现由于持有SECRET_KEY的环境变量不可用而引发错误。老实说-我没有解决这个问题,我改成了将密钥保存在单独的文件中。因此,一个问题解决了,我的枪械运转良好。
嵌套步骤:杀死Gunicorn进程并使用supervisiord调用它。原来有一个特权问题,因为supervisiord在另一个帐户上运行。
一旦解决了这个问题,我就会从头开始重新创建nginx设置,直到它开始转发请求为止。没有SSL。
接下来,我重新运行certbot以放回SSL。在这里,我还发现您需要清除浏览器缓存,因为即使下面的设置很好,它也不会显示页面。这也花了一段时间-当我尝试在另一台笔记本电脑上访问我的网站以发现它运行正常时,偶然发现了它。
最后,我将其他其他nginx服务器配置一一放回启用了站点的位置。
我希望我永远不需要这种解决方案,并且它只会对其他人有用:)