Ben*_*Max 5 django nginx node.js gunicorn
我的机器本地有一个网络项目。我在前端使用 js 框架,在后端使用 django,它提供了一个 API 来与前端应用程序进行通信。Node 应用程序在端口 3000 上运行,django 在端口 8000 上运行。两者在我的本地计算机上运行良好。现在我想将其部署到生产环境,并希望为反向代理设置 Nginx。过去我只将 nginx 设置为 django 网站的反向代理,如下所示:
server {
server_name someproject.com www.someproject.com;
location = /favicon.ico { access_log off; log_not_found off; }
location /static/ {
alias /home/someproject/static_cdn/;
}
location / {
include proxy_params;
proxy_pass http://unix:/home/someproject/someproject.sock;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/someproject.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/someproject.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = www.someproject.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = someproject.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name someproject.com www.someproject.com;
return 404; # managed by Certbot
}
但是,我如何使用 ssl 作为反向代理来配置和保护 Nginx,节点服务器作为在端口 3000 上运行的前端,而 Django 作为在端口 8000 上运行的后端。我希望我已经清楚了,如果不是请问。谢谢。
有很多方法可以构建它,具体取决于您期望 Node 应用程序与 django 应用程序通信的方式。最简单的方法是将 nginx 配置划分为两个单独的 server_name 配置。例如,对于 django,www.someproject.com => node 和 api.someproject.com:
server {
server_name www.someproject.com;
location = /favicon.ico { access_log off; log_not_found off; }
location /static/ {
alias /home/someproject/static_cdn/;
}
location / {
include proxy_params;
proxy_pass http://unix:/home/someproject.node/someproject.sock;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/www.someproject.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/www.someproject.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
server_name api.someproject.com;
location = /favicon.ico { access_log off; log_not_found off; }
location / {
include proxy_params;
proxy_pass http://unix:/home/someproject.django/someproject.sock;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/api.someproject.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/api.someproject.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
# redirect someproject.com => www.someproject.com
listen 80;
listen 443 ssl;
server_name someproject.com;
location / {
return 301 https://www.someproject.com$request_uri;
}
}
server {
listen 80;
server_name www.someproject.com api.someproject.com;
# redirect http => https
location / {
return 301 https://$host$request_uri;
}
}
| 归档时间: |
|
| 查看次数: |
2111 次 |
| 最近记录: |