Permalink
Browse files

Updated Nginx and Apache confs.

Thanks to Graham Dumpleton on the Apache/HTTPS configuration
  • Loading branch information...
1 parent 98010d2 commit 2d16bc2d01b50bc9d53278f5b367bc16134aa65f @ipmb ipmb committed Oct 5, 2010
Showing with 27 additions and 18 deletions.
  1. +1 −3 deployment/servers.txt
  2. +4 −2 examples/apache.conf
  3. +1 −1 examples/django.wsgi
  4. +11 −6 examples/nginx.conf
  5. +10 −6 examples/nginx_ssl.conf
View
@@ -19,7 +19,7 @@ Nginx
.. rubric:: What Does it Do?
-The first block tells Nginx where to find the server hosting our Django site. The second block redirects any request coming in on ``www.domain.com`` to ``domain.com`` so each resource has only one URL that will access it. The final block is the one that does all the work. It tells Nginx to check if a file matching the request exists in ``/var/www/domain.com``. If it does, it serves that file, if it doesn't, it proxies the request to the Django site.
+The first block tells Nginx where to find the server hosting our Django site. The second block redirects any request coming in on ``www.domain.com`` to ``domain.com`` so each resource has only one canonical URL. The final section is the one that does all the work. It tells Nginx to check if a file matching the request exists in ``/var/www/domain.com``. If it does, it serves that file, if it doesn't, it proxies the request to the Django site.
.. index::
pair: Nginx; SSL
@@ -34,8 +34,6 @@ Another benefit to running a frontend server is lightweight SSL proxying. Rather
You can include this code at the bottom of your non-SSL configuration file.
-.. tip:: For SSL-aware Django sites like `Satchmo <http://www.satchmoproject.com>`_, you'll need to "trick" the site into thinking incoming requests are coming in via SSL, but this is simple enough to do with `a small addition to the WSGI script <http://gist.github.com/78416>`_ we discuss below.
-
.. index:: Apache
pair: Apache; mod_wsgi
pair: Apache; Worker MPM
View
@@ -2,10 +2,12 @@
ServerName domain.com
ServerAdmin webmaster@domain.com
ErrorLog /var/log/apache2/domain.com.log
-
+
+ # Tell Apache this is a HTTPS request without actually using HTTPS on the localhost
+ SetEnvIf X-Forwarded-Protocol "^https$" HTTPS=on
+
WSGIDaemonProcess domain display-name=%{GROUP} maximum-requests=10000
WSGIProcessGroup domain
-
WSGIScriptAlias / /opt/webapps/domain.com/apache/django.wsgi
<Directory /opt/webapps/domain.com/apache>
View
@@ -2,7 +2,7 @@ import os, sys
import site
# put virtualenv on pythonpath
-site.addsitedir('/opt/webapps/domain.com/lib/python2.5/site-packages')
+site.addsitedir('/opt/webapps/domain.com/lib/python2.6/site-packages')
# redirect print statements to apache log
sys.stdout = sys.stderr
View
@@ -16,13 +16,18 @@ server {
server_name domain.com;
root /var/www/domain.com/;
access_log /var/log/nginx/domain.com.access.log;
+ error_log /var/log/nginx/domain.com.error.log;
- proxy_redirect off;
- proxy_set_header Host $host;
- proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-
- if (!-f $request_filename) {
+ # Check if a file exists at /var/www/domain/ for the incoming request.
+ # If it doesn't proxy to Apache/Django.
+ try_files $uri @django;
+
+ # Setup named location for Django requests and handle proxy details
+ location @django {
proxy_pass http://django;
+ proxy_redirect off;
+ proxy_set_header Host $host;
+ proxy_set_header X-Real-IP $remote_addr;
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
View
@@ -9,14 +9,18 @@ server {
ssl_certificate_key /etc/nginx/ssl/private/domain.com.key;
ssl_prefer_server_ciphers on;
- proxy_redirect off;
- proxy_set_header Host $host;
- proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- proxy_set_header X-Forwarded-Protocol https;
+ # Check if a file exists at /var/www/domain/ for the incoming request.
+ # If it doesn't proxy to Apache/Django.
+ try_files $uri @django;
- if (!-f $request_filename) {
+ # Setup named location for Django requests and handle proxy details
+ location @django {
proxy_pass http://django;
+ proxy_redirect off;
+ proxy_set_header Host $host;
+ proxy_set_header X-Real-IP $remote_addr;
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ proxy_set_header X-Forwarded-Protocol https;
}
}

0 comments on commit 2d16bc2

Please sign in to comment.