16👍
✅
server {
listen 80;
server_name example.com;
rewrite ^/(.*) https://example.com/$1 permanent;
}
server {
listen 443 ssl;
server_name example.com;
access_log /var/log/nginx/example.com_access.log combined;
error_log /var/log/nginx/example.com_error.log error;
ssl_certificate /etc/nginx/ssl/example-unified.crt;
ssl_certificate_key /etc/nginx/ssl/example.key;
location /static/ {
alias /webapps/example/static/;
}
location /media/ {
alias /webapps/example/media/;
}
location / {
proxy_pass http://localhost:8000/;
proxy_redirect off;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
This is basic nginx configuration that will work with SSL and will forward requests to uwsgi running on port 8000 (you can change this to socket if you want).
For advanced SSL settings check THIS.
2👍
I am new to nginx,uwsgi and ssl. Here shares my testing nginx and uwsgi config.
Basically, there are four steps to deploy Django only support SSL/HTTPS.
- Setup a SSL Certificate
- use openssl to generate server.crt and server.key
openssl req -new -x509 -nodes -out server.crt -keyout server.key
- use openssl to generate server.crt and server.key
- Config nginx.conf and uwsgi.ini under Django project
- Set nginx.conf (sorry,the layout is weird in text block, so I insert a picture here.)
- symlink to this file from /etc/nginx/sites-enabled so nginx can see it
sudo ln -s /path/to/django/example_nginx.conf /etc/nginx/sites-enabled/
- config uwsgi.ini under django project
- Set nginx.conf (sorry,the layout is weird in text block, so I insert a picture here.)
-
Config settings.py
SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https') SESSION_COOKIE_SECURE = True CSRF_COOKIE_SECURE = True SECURE_SSL_REDIRECT = True -
Restart nginx and uwsgi
- restart nginx
sudo /etc/init.d/nginx restart
- run uwsgi
uwsgi –ini /path/to/django/example_uwsgi.ini
- restart nginx
Source:stackexchange.com