Problem reconfiguring Nginx for SSL with self-signed certificate

Navigation
0

I have a VPS on Digital Ocean with Ubuntu 18.04, Nginx, Gunicorn, Django, and a test web application, all configured (ufw) to work with http: 80. Everything works perfectly. Tutorial

Now I modify the file / sites-available / LibrosWeb to allow SSL traffic with a self-signed certificate, since I do not have a domain. Tutorial . Result "Error 502 Bad Gateway" .

This is the initial code that works well with http: 80: 

server{
    #Configuracion http

    listen 80;
    listen [::]:80;
    server_name 15.15.15.15;

    location = /favicon.ico { access_log off; log_not_found off; }
    location  /robots.txt {
        alias /var/www/LibrosWeb/robots.txt ;
    }        
    location /static/ {
        root /home/gela/LibrosWeb;
    }

    location / {
        include proxy_params;
        proxy_pass http://unix:/run/gunicorn.sock;
    }
}

And this is the code to allow SSL: 

server{
    #Configuracion SSL

    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    server_name 15.15.15.15;
    include snippets/self-signed.conf;
    include snippets/ssl-params.conf;

    location = /favicon.ico { access_log off; log_not_found off; }
    location  /robots.txt {
        alias /var/www/LibrosWeb/robots.txt ;
    }
    location /static/ {
        root /home/gela/LibrosWeb;
    }

    location / {
        include proxy_params;
        proxy_pass https://unix:/run/gunicorn.sock;
    }
}

server{
    #Configuracion http

    listen 80;
    listen [::]:80;
    server_name 15.15.15.15;
    return 302 https://15.15.15.15$request_uri;
}

UFW configured as: 

80,443/tcp (Nginx Full)    ALLOW IN    Anywhere
80,443/tcp (Nginx Full (v6)) ALLOW IN    Anywhere (v6)

The files /etc/nginx/snippets/self-signed.conf and /etc/nginx/snippets/ssl-params.conf are the same as those in the tutorial.

I've been testing configurations for two days and the most I could get is that I work halfway, that is, I can show the default page of django but not the one of my application, if I put the code like this: 

server{
    #Configuracion http

    listen 80;
    listen [::]:80;
    server_name 15.15.15.15;
    return 302 https://15.15.15.15$request_uri;

    location = /favicon.ico { access_log off; log_not_found off; }
    location  /robots.txt {
        alias /var/www/LibrosWeb/robots.txt ;
    }
    location /static/ {
        root /home/gela/LibrosWeb;
    }
}

server{
    #Configuracion SSL

    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    server_name 15.15.15.15;
    include snippets/self-signed.conf;
    include snippets/ssl-params.conf;

    location / {
       include proxy_params;
       proxy_pass https://unix:/run/gunicorn.sock;
    }
}

What is wrong, or what is missing?

    
asked by Frank Mascarell 03.09.2018 в 22:28
source

1 answer

0

I think my days of suffering are over. After reading hundreds of logs, I found the problem. An update of Whitenoise to 4.0 where you should change the configuration form, caused that with my old configuration the gunicorn service will throw errors. The rest is all right.

  

link

Thanks for the help. Good morning.

    
answered by 09.09.2018 в 05:38
Update data from a Spreadsheet - App Script In ConstraintLayout how to center the buttons?