After a bit of a struggle to set up AWS Route53 IPv6 and my DSN (Ionos) I've managed to set up SSL in my Django blog app running with Gunicorn and nginx. I've used this tutorial
Unfortunately, first it ran into the redirect loop error that I managed to fix but now it's 502 Bad Gateway and when I check the logs it looks like Gunicorn workers are alway timing out. I tried setting the timeout to 300s for both nginx and Gunicorn but it just means a longer wait for 502 error, nothing else changes.
Here's the log:
Mar 21 23:13:46 ip-172-31-35-104 systemd[1]: Started A high performance web server and a reverse proxy server.
-- Subject: Unit nginx.service has finished start-up
-- Defined-By: systemd
-- Support:
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit nginx.service has finished starting up.
--
-- The start-up result is done.
Mar 21 23:13:46 ip-172-31-35-104 sudo[2107]: pam_unix(sudo:session): session closed for user root
Mar 21 23:14:19 ip-172-31-35-104 gunicorn[2055]: [2019-03-21 23:14:19 +0000] [2055] [CRITICAL] WORKER TIMEOUT (pid:2061)
Mar 21 23:14:19 ip-172-31-35-104 gunicorn[2055]: [2019-03-21 23:14:19 +0000] [2061] [INFO] Worker exiting (pid: 2061)
Mar 21 23:14:19 ip-172-31-35-104 gunicorn[2055]: base dir path /home/ubuntu/puchalatravel/puchalatravel
Mar 21 23:14:19 ip-172-31-35-104 gunicorn[2055]: [2019-03-21 23:14:19 +0000] [2125] [INFO] Booting worker with pid: 2125
nginx setup:
server {
listen 80;
listen [::]:80;
server_name puchalatravel.com www.puchalatravel.com;
return 404; # managed by Certbot
return 301
https://puchalatravel.com$request_uri;
}
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name puchalatravel.com;
ssl on;
ssl_certificate /etc/letsencrypt/live/puchalatravel.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/puchalatravel.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; #managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; #managed by Certbot
location /static {
root /home/ubuntu/puchalatravel/;
}
location /media {
root /home/ubuntu/puchalatravel/;
}
location /.well-known {
root /var/www/common/letsencrypt/;
}
location / {
# include proxy_params;
proxy_redirect off;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass https://unix:/home/ubuntu/puchalatravel/puchalatravel.sock;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_connect_timeout 60s;
proxy_read_timeout 120s;
}
}
gunicorn setup:
[Unit]
Description=gunicorn daemon
After=network.target
[Service]
User=ubuntu
Group=www-data
WorkingDirectory=/home/ubuntu/puchalatravel
ExecStart=/home/ubuntu/puchalatravel/puchalatravelenv/bin/gunicorn --access-logfile - --timeout 30 --workers 3 --bind unix:/home/ubuntu/puchalatravel/puchalatravel.sock puchalatravel.wsgi:application
[Install]
WantedBy=multi-user.target
No changes at all were made in Django code except for adding the following lines in settings.py:
SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')
SECURE_SSL_REDIRECT = True
SESSION_COOKIE_SECURE = True
CSRF_COOKIE_SECURE = True
All the code can be found here: GitHub repo Website address: puchalatravel.com
Any ideas what could be the source of the issue?
EDIT. Looks like an issue with SSL, nginx error log:
2019/03/22 07:15:24 [error] 2123#2123: *83 peer closed connection in SSL handshake while SSL handshaking to upstream, client: 83.6.170.100, server: puchalatravel.com, request: "GET / HTTP/1.1", upstream: "https://unix:/home/ubuntu/puchalatravel/puchalatravel.sock:/", host: "puchal$2019/03/22 07:15:56 [error] 2123#2123: *85 peer closed connection in SSL handshake while SSL handshaking to upstream, client: 83.6.170.100, server: puchalatravel.com, request: "GET /favicon.ico HTTP/1.1", upstream: "https://unix:/home/ubuntu/puchalatravel/puchalatravel.sock:/favic$2019/03/22 07:36:35 [error] 2123#2123: *94 peer closed connection in SSL handshake while SSL handshaking to upstream, client: 213.229.174.164, server: puchalatravel.com, request: "GET / HTTP/1.1", upstream: "https://unix:/home/ubuntu/puchalatravel/puchalatravel.sock:/", host: "puc$2019/03/22 07:37:06 [error] 2123#2123: *94 peer closed connection in SSL handshake while SSL handshaking to upstream, client: 213.229.174.164, server: puchalatravel.com, request: "GET /favicon.ico HTTP/1.1", upstream: "https://unix:/home/ubuntu/puchalatravel/puchalatravel.sock:/fa$2019/03/22 07:40:58 [error] 2123#2123: *100 peer closed connection in SSL handshake while SSL handshaking to upstream, client: 213.229.174.164, server: puchalatravel.com, request: "GET / HTTP/1.1", upstream: "https://unix:/home/ubuntu/puchalatravel/puchalatravel.sock:/", host: "pu$2019/03/22 07:41:29 [error] 2123#2123: *100 peer closed connection in SSL handshake while SSL handshaking to upstream, client: 213.229.174.164, server: puchalatravel.com, request: "GET /favicon.ico HTTP/1.1", upstream: "https://unix:/home/ubuntu/puchalatravel/puchalatravel.sock:/f$2019/03/22 07:44:22 [error] 12508#12508: *1 peer closed connection in SSL handshake while SSL handshaking to upstream, client: 213.229.174.164, server: puchalatravel.com, request: "GET / HTTP/1.1", upstream: "https://unix:/home/ubuntu/puchalatravel/puchalatravel.sock:/", host: "pu$2019/03/22 07:44:52 [error] 12508#12508: *1 peer closed connection in SSL handshake while SSL handshaking to upstream, client: 213.229.174.164, server: puchalatravel.com, request: "GET /favicon.ico HTTP/1.1", upstream: "https://unix:/home/ubuntu/puchalatravel/puchalatravel.sock:/f$2019/03/22 07:53:57 [error] 12508#12508: *4 peer closed connection in SSL handshake while SSL handshaking to upstream, client: 213.229.174.164, server: puchalatravel.com, request: "GET / HTTP/1.1", upstream: "https://unix:/home/ubuntu/puchalatravel/puchalatravel.sock:/", host: "pu$2019/03/22 07:54:10 [notice] 12698#12698: signal process started
2019/03/22 07:54:24 [notice] 12700#12700: signal process started
2019/03/22 07:54:27 [notice] 12703#12703: signal process started
2019/03/22 07:54:28 [error] 12508#12508: *4 peer closed connection in SSL handshake while SSL handshaking to upstream, client: 213.229.174.164, server: puchalatravel.com, request: "GET /favicon.ico HTTP/1.1", upstream: "https://unix:/home/ubuntu/puchalatravel/puchalatravel.sock:/f$2019/03/22 07:58:51 [error] 12704#12704: *27 peer closed connection in SSL handshake while SSL handshaking to upstream, client: 5.255.250.163, server: puchalatravel.com, request: "GET /robots.txt HTTP/1.1", upstream: "https://unix:/home/ubuntu/puchalatravel/puchalatravel.sock:/rob$2019/03/22 07:59:22 [error] 12704#12704: *30 peer closed connection in SSL handshake while SSL handshaking to upstream, client: 141.8.143.160, server: puchalatravel.com, request: "GET /robots.txt HTTP/1.1", upstream: "https://unix:/home/ubuntu/puchalatravel/puchalatravel.sock:/rob$2019/03/22 07:59:53 [error] 12704#12704: *32 peer closed connection in SSL handshake while SSL handshaking to upstream, client: 178.154.246.138, server: puchalatravel.com, request: "GET /posts/ HTTP/1.1", upstream: "https://unix:/home/ubuntu/puchalatravel/puchalatravel.sock:/posts$2019/03/22 08:03:10 [error] 12813#12813: *1 peer closed connection in SSL handshake while SSL handshaking to upstream, client: 213.229.174.164, server: puchalatravel.com, request: "GET / HTTP/1.1", upstream: "https://unix:/home/ubuntu/puchalatravel/puchalatravel.sock:/", host: "pu$2019/03/22 08:03:41 [error] 12813#12813: *1 peer closed connection in SSL handshake while SSL handshaking to upstream, client: 213.229.174.164, server: puchalatravel.com, request: "GET /favicon.ico HTTP/1.1", upstream: "https://unix:/home/ubuntu/puchalatravel/puchalatravel.sock:/f$2019/03/22 08:37:39 [error] 12813#12813: *18 peer closed connection in SSL handshake while SSL handshaking to upstream, client: 213.229.174.164, server: puchalatravel.com, request: "GET / HTTP/1.1", upstream: "https://unix:/home/ubuntu/puchalatravel/puchalatravel.sock:/", host: "p$2019/03/22 08:56:08 [error] 13024#13024: *1 peer closed connection in SSL handshake while SSL handshaking to upstream, client: 213.229.174.164, server: puchalatravel.com, request: "GET / HTTP/1.1", upstream: "https://unix:/home/ubuntu/puchalatravel/puchalatravel.sock:/", host: "pu$2019/03/22 08:56:39 [error] 13024#13024: *1 peer closed connection in SSL handshake while SSL handshaking to upstream, client: 213.229.174.164, server: puchalatravel.com, request: "GET /favicon.ico HTTP/1.1", upstream: "https://unix:/home/ubuntu/puchalatravel/puchalatravel.sock:/f$
JavaScript questions and answers, JavaScript questions pdf, JavaScript question bank, JavaScript questions and answers pdf, mcq on JavaScript pdf, JavaScript questions and solutions, JavaScript mcq Test , Interview JavaScript questions, JavaScript Questions for Interview, JavaScript MCQ (Multiple Choice Questions)
