This is giving me an infinite redirect loop for some reason. Here is what I see on my console when I go to the website. I think it has to do with the final server block. It used to check if the host was equal to stringapi.net and then redirect you to https.
Any help would be appreciated!
From,
A confused 17 year old.
##
# You should look at the following URL's in order to grasp a solid understanding
# of Nginx configuration files in order to fully unleash the power of Nginx.
# https://www.nginx.com/resources/wiki/start/
# https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/
# https://wiki.debian.org/Nginx/DirectoryStructure
#
# In most cases, administrators will remove this file from sites-enabled/ and
# leave it as reference inside of sites-available where it will continue to be
# updated by the nginx packaging team.
#
# This file will automatically load configuration files provided by other
# applications, such as Drupal or Wordpress. These applications will be made
# available underneath a path with that package name, such as /drupal8.
#
# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.
##
# Default server configuration
#
upstream stringapi {
server 127.0.0.1:8000;
}
server {
# SSL configuration
#
# listen 443 ssl default_server;
# listen [::]:443 ssl default_server;
#
# Note: You should disable gzip for SSL traffic.
# See: https://bugs.debian.org/773332
#
# Read up on ssl_ciphers to ensure a secure configuration.
# See: https://bugs.debian.org/765782
#
# Self signed certs generated by the ssl-cert package
# Don't use them in a production server!
#
# include snippets/snakeoil.conf;
root /var/www/html;
# Add index.php to the list if you are using PHP
index index.html index.htm index.nginx-debian.html;
server_name stringapi.net;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
proxy_pass http://stringapi.net;
}
# pass PHP scripts to FastCGI server
#
#location ~ \.php$ {
# include snippets/fastcgi-php.conf;
#
# # With php-fpm (or other unix sockets):
# fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
# # With php-cgi (or other tcp sockets):
# fastcgi_pass 127.0.0.1:9000;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/stringapi.net/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/stringapi.net/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
# Virtual Host configuration for example.com
#
# You can move that to a different file under sites-available/ and symlink that
# to sites-enabled/ to enable it.
#
#server {
# listen 80;
# listen [::]:80;
#
# server_name example.com;
#
# root /var/www/example.com;
# index index.html;
#
# location / {
# try_files $uri $uri/ =404;
# }
#}
server {
listen 80;
server_name stringapi.net;
return 301 https://stringapi.net$request_uri;
}
I re-did the entire process (uninstalled and reinstalled NGINX) and then followed the guide for ec2 setup again and then configured certbot again and it worked.
Related
I'm using smtplib to send simple emails for booking in a flask application I'm using google mail and have an app password as well as allowed less secure applications. I have the booking system running on my personal computer, but as soon as I port it over to the VPS it stops working, for an unknown reason other than the username and password are not accepted, but they are definitely correct, and it will run by itself but wont when run in wsgi and nginx.
Nginx config
server {
listen 80;
server_name example.com;
# return 301 https://$server_name$request_uri;
location / {
uwsgi_pass unix:/path/too/chatbot.sock;
include uwsgi_params;
}
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name example.com;`
ssl_certificate /path/too/keys.pem;
ssl_certificate_key /path/too//primarykey.pem;
ssl_trusted_certificate /path/too//keys.pem;
ssl_session_timeout 1d;
ssl_session_cache shared:MozSSL:10m; # about 40000 sessions
# curl https://ssl-config.mozilla.org/ffdhe2048.txt > /path/to/dhparam
#ssl_dhparam /path/to/dhparam;
# intermediate configuration
ssl_protocols TLSv1.2;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
ssl_prefer_server_ciphers on;
# HSTS (ngx_http_headers_module is required) (63072000 seconds)
add_header Strict-Transport-Security "max-age=63072000" always;
# replace with the IP address of your resolver
resolver 8.8.8.8;
location / {
include uwsgi_params;
uwsgi_pass unix:/path/too/chatbot.sock;
}
}
UWSGI.ini file
[uwsgi]
module=wsgi:app
master = true
processes = 5
enable-threads = true
socket = chatbot.sock
chmod.socket = 666
vacuum = true
die-on-term = true
.env
DIALOGFLOW_PROJECT_ID=projectid
GOOGLE_APPLICATION_CREDENTIALS=Ajsonfile.json
RESTFUL_CREDENTIALS=restful_credentials.json
MAIL_USERNAME=example#gmail.com
MAIL_PASSWORD=apasswordforemailaddress
My current thinking is that wsgi or nginx are unable too find the file due to some sort of permissions issue but I've chown'ed all the related files, I'm getting the same issue with my google api key now too.
all the information is stored in a .env file which has the correct group access, along with all the other files running on the site already.
I don't know what would be helpful to post here other than I'm using nginx and wsgi to expose a flask application, some items are stored in a .env file that doesn't seem to be read.
To get them to load while running in WSGI you need to use dot-env package
from dotenv import load_dotenv, find_dotenv
load_dotenv(find_dotenv())
[uwsgi]
base = /var/www/html/poopbuddy-api
chdir = %(base)
app = app
I don't know exactly what chdir does but I think it at least sets the default location to the root directory of the app. From there, load_dotenv() works.
to be honest i am a Noob if it comes to servers & maintenance.
I followed exactly the following guide to create my first "Hello There" page which worked out so far.
https://www.digitalocean.com/community/tutorials/how-to-serve-flask-applications-with-uwsgi-and-nginx-on-centos-7
But after trying to update my homepage by inserting more code into my Application and saving the script the server output in my Browser still remains the same old "hello there".
I am better with functional programming (mathematics) and database handling, but since I have to supply my team colleagues with some tools i thought about a quick homepage. Unfortunatley it is harder than expected to set up a python hp.
Thank you in advanced
Stefan
EDIT:
I really followed the link above 1 to 1. Ht here are my codes:
TAOWeb.py
from flask import Flask, render_template
application = Flask(__name__)
#application.route("/")
def hello():
return "<h style='color:green'> HELLO ASDF! </h1>"
if __name__ == "__main__":
application.run(host='0.0.0.0')
TAOWeb.ini
[uwsgi]
module = wsgi
master = true
processes = 5
socket = TAOWeb.sock
chmod-socket = 660
vacuum = true
die-on-term = true
wsgi.py
from TAOWeb import application
if __name__ == "__main__":
application.run()
and the /etc/systemd/system/TAOWeb.service
[Unit]
Description=uWSGI instance to serve TAOWeb
After=network.target
[Service]
User=tao
Group=nginx
WorkingDirectory=/home/tao/TAOWeb
Environment="PATH=/home/tao/TAOWeb/env/bin"
ExecStart=/home/tao/TAOWeb/env/bin/uwsgi --ini TAOWeb.ini
[Install]
WantedBy=multi-user.target
Last but not least the nginx Config:
# For more information on configuration, see:
# * Official English Documentation: http://nginx.org/en/docs/
# * Official Russian Documentation: http://nginx.org/ru/docs/
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
# Load dynamic modules. See /usr/share/nginx/README.dynamic.
include /usr/share/nginx/modules/*.conf;
events {
worker_connections 1024;
}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
# Load modular configuration files from the /etc/nginx/conf.d directory.
# See http://nginx.org/en/docs/ngx_core_module.html#include
# for more information.
include /etc/nginx/conf.d/*.conf;
server {
listen 80;
server_name 185.164.5.211;
location / {
include uwsgi_params;
uwsgi_pass unix:/home/tao/TAOWeb/TAOWeb.sock;
}
}
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name _;
root /usr/share/nginx/html;
# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;
location / {
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
# Settings for a TLS enabled server.
#
# server {
# listen 443 ssl http2 default_server;
# listen [::]:443 ssl http2 default_server;
# server_name _;
# root /usr/share/nginx/html;
#
# ssl_certificate "/etc/pki/nginx/server.crt";
# ssl_certificate_key "/etc/pki/nginx/private/server.key";
# ssl_session_cache shared:SSL:1m;
# ssl_session_timeout 10m;
# ssl_ciphers HIGH:!aNULL:!MD5;
# ssl_prefer_server_ciphers on;
#
# # Load configuration files for the default server block.
# include /etc/nginx/default.d/*.conf;
#
# location / {
# }
#
# error_page 404 /404.html;
# location = /40x.html {
# }
#
# error_page 500 502 503 504 /50x.html;
# location = /50x.html {
# }
# }
}
It is the standard config with only included the 1st Server part.
Does this help?
Best
Stefan
If you are sure your code is right and are using Google chrome try clearing your cache
I had the same problem, try to use a new browser and it will make the trick for you.
Me - I had problem it Chrome, it worked after clear the cache, but the same doesn't happen with FireFox, over FireFox works like a charm.
You can try others browsers as well just in case.
I am trying to redirect all get requests to abc.example.com and send them to example.com. The following works on local:
#app.route('/', methods=['GET'])
def message_get():
return redirect('https://example.com')
But on production server, it fails. Instead of getting redirected, the url looks like this:
abc.example.comget%20/%20HTTP/1.1)uri
I observed that if I put in the whole url like this
https://abc.example.com
it redirects properly. but abc.example.com or http://abc.example.com fails.
I have a flask app with gunicorn app server. Nginx is used as reverse proxy. Unable to determine which of them is causing the problem. Guessing something to do with my nginx configuration. But any pointers will help. thanks.
Nginx configuration:
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name abc.example.com;
return 301 https://$server_name$request)uri; }
server{
# SSL configuration
server_name abc.example.com;
listen 443 ssl http2 default_server;
listen [::]:443 ssl http2 default_server;
include snippets/ssl-abc.example.com.conf;
include snippets/ssl-params.conf;
location / {
include proxy_params;
proxy_pass http://unix:/home/user1/apps/myapp/myapp.sock;
}
location ~ /.well-known {
allow all;
}
}
You have a typo in your first server section; it should be:
return 301 https://$server_name$request_uri;
When I'm trying to restart nginx, I'm getting the following error
nginx: [warn] conflicting server name "example.io" on 0.0.0.0:80, ignored
I used my deploy scripts, to do deploying for 2 domains. For first it works fine, but for second, it gives error.
Here is my nginx.conf file
#
worker_processes 2;
#
user nginx nginx;
#
pid /opt/nginx/pids/nginx.pid;
error_log /opt/nginx/logs/error.log;
#
events {
worker_connections 4096;
}
#
http {
#
log_format full_log '$remote_addr - $remote_user $request_time $upstream_response_time '
'[$time_local] "$request" $status $body_bytes_sent $request_body "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
#
access_log /opt/nginx/logs/access.log;
ssl on;
ssl_certificate /opt/nginx/cert/example.crt;
ssl_certificate_key /opt/nginx/cert/example.key;
#
include /opt/nginx/conf/vhosts/*.conf;
# Deny access to any other host
server {
server_name example.io; #default
return 444;
}
}
Not sure,but try changing server name in
/etc/nginx/sites-enabled/default
it should help
I had got the same problem. To resolve this, I looked for conflict domain "example.io" in conf files.
In the following file, there was a snippet added for "example.io" at the bottom. "default_server" server section was as it is but section was added at the end of the file.
/etc/nginx/sites-available/default
server {
listen 80;
listen [::]:80;
server_name example.io;
root /var/www/html;
index index.html;
location / {
try_files $uri $uri/ =404;
}
}
So I think you need to search server_name in all files which reside inside "/etc/nginx/sites-available" folder.
Any how your domain name is added in
/etc/nginx/sites-enabled/default
To confirm search using
grep -r mydomain.com /etc/nginx/sites-enabled/*
and remove the domain name.
Then restart Nginx using
sudo systemctl restart nginx
Juste change listen 80 to another number like 8000 or 5000, whatever but not 80.
For good job, don't edit nginx.conf itself, create your own file.conf and link it. following this link. to see clearly what i means.
I'm trying to follow the tutorial at http://uwsgi-docs.readthedocs.org/en/latest/tutorials/Django_and_nginx.html. I've gotten down to http://uwsgi-docs.readthedocs.org/en/latest/tutorials/Django_and_nginx.html#basic-nginx-test. Following the directions I have:
(env1)ubuntu#ip-172-31-28-196:~$ sudo /etc/init.d/nginx start
(env1)ubuntu#ip-172-31-28-196:~$ ls
host_type.py requirements.txt test.py tproxy
However when I go to my ubuntu ec2 instance at:
http://52.10.**.***:8000/media/media.jpg
The request times out. What am I doing wrong?
EDIT: - the config file
# mysite_nginx.conf
# the upstream component nginx needs to connect to
upstream django {
# server unix:///path/to/your/mysite/mysite.sock; # for a file socket
server 127.0.0.1:8001; # for a web port socket (we'll use this first)
}
# configuration of the server
server {
# the port your site will be served on
listen 8000;
# the domain name it will serve for
server_name 52.**.***.**; # substitute your machine's IP address or FQDN
charset utf-8;
# max upload size
client_max_body_size 75M; # adjust to taste
# Django media
location /media {
alias ./media; # your Django project's media files - amend as required
}
location /static {
alias ./static; # your Django project's static files - amend as required
}
# Finally, send all non-media requests to the Django server.
location / {
uwsgi_pass django;
include ./uwsgi_params; # the uwsgi_params file you installed
}
}
nginx error log:
2015/03/03 18:06:06 [emerg] 1989#0: bind() to 0.0.0.0:80 failed (98: Address already in use)
2015/03/03 18:06:06 [emerg] 1989#0: bind() to [::]:80 failed (98: Address already in use)
2015/03/03 18:06:06 [emerg] 1989#0: still could not bind()