Welcome Guest. Please Login or Register  


You are here: Index > Webuzo > General Support > Topic : Nginx as reverse proxy for WSGI server



Threaded Mode | Print  

 Nginx as reverse proxy for WSGI server (5 Replies, Read 605 times)
erile
Group: Member
Post Group: Working Newbie
Posts: 51
Status:
Hello,

I'm failing to install a Python test app in a subdomain, the Webuzo way.

The WSGI server (Gunicorn) listens on 0.0.0.0:8000 (later on Unix socket, but like this for the moment) as service. This test below well returns the Python computed page.
Code
curl localhost:8000

Then, I add this conf file in Webuzo > Extra Configuration, selecting the right subdomain (matching the right server block):
Code
# pass requests to wsgi server
location / {
    proxy_pass http://localhost:8000;
    proxy_set_header Host $http_host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;
}

I restarted the nginx service, in case. I also placed a dummy static index.html in public root of the concerned subdomain to see what is reached.

But visiting the URL, I still reach the static index from Nginx. Doing the same from the inside using curl gives the same result...

So, Is it the right way to add this location block in Webuzo?
Let me know.
TIA

Context: OpenVZ VPS, CentOS 7, Webuzo Premium

-----------------------
OpenVZ VPS, CentOS 7, Webuzo Premium / Desktop and full-stack dev w/ C, C++, Python, Perl, javascript...
IP: --   

Nginx as reverse proxy for WSGI server
erile
Group: Member
Post Group: Working Newbie
Posts: 51
Status:
Hmm, I suspect that my location block is simply ignored. I replaced it by this below and I still can reach the static index.html page at public root of the domain (say http://test.mydomain.com).

Code
# Just to see if the location block considered or ignored
location / {
  deny all;
}

And I bypassed my local browser cache of course...

Then, I tried to add this same extra conf file for testing to my primary domain (say mydomain.com) and I can see that the page is well displayed but not the images that are declared in <img> tag with a src attributes as relative path... So, rather than ignored, it sounds like this location block as an effect but not the expected one (it should deny all and it just breaks relative paths).

I couldn't see this behavior with the subdomain since the index.html on subdomain doesn't contain any image.

What do you think? What could raise this behavior?

I successfully applied an extra conf for another domain (about webmail), but this time it seems to be weird ^^


-----------------------
OpenVZ VPS, CentOS 7, Webuzo Premium / Desktop and full-stack dev w/ C, C++, Python, Perl, javascript...
IP: --   

Nginx as reverse proxy for WSGI server
erile
Group: Member
Post Group: Working Newbie
Posts: 51
Status:
This weird effect doesn't appear with a path other than root. Say I have an image in http://mydomain.com/pic/bob.jpg, if I had this location block from Webuzo > Extra Conf, it well works : Error 403 - Forbidden.

Code
# Just to see if location block considered or ignored
location /pic {
  deny all;
}


So, maybe it's just all about any "location / {...}" block?

-----------------------
OpenVZ VPS, CentOS 7, Webuzo Premium / Desktop and full-stack dev w/ C, C++, Python, Perl, javascript...
IP: --   

Nginx as reverse proxy for WSGI server
erile
Group: Member
Post Group: Working Newbie
Posts: 51
Status:
Some news:

I limited the concerned location to public root exclusively, adding an equal sign before "/". And it raised an error on "nginx -t" validation: it entered in conflict with a location block about PHP globally declared in /usr/local/apps/nginx/etc/conf.d/common:

Code
# Pass the INDEX.PHP script to FastCGI server listening on 127.0.0.1:9178
location = / {
    fastcgi_read_timeout 3600;
    try_files $uri /index.php /index.html @maintenance;
    fastcgi_pass    unix:/usr/local/apps/php73/var/php73_9001.sock;
    fastcgi_param  SCRIPT_FILENAME $document_root$fastcgi_script_name;
    fastcgi_param  SCRIPT_NAME    $fastcgi_script_name;
    include        fastcgi_params;
}

Commenting this block above, my own below added for the subdomain as Extra Config, passed:
Code
# pass requests to wsgi server
location = / {
    proxy_set_header Host $http_host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_pass http://localhost:8000;
}

With this new location block, it works: when I navigate to http://test.mydomain.com, it well pass the request to the back-end WSGI server (Gunicorn) and the page computed by Python is well returned! So, good news, since the overall process works :)

But, but, I don't want to restrict the forwarding from Nginx to Gunicorn for the public root only. I would like to submit all requests to the underlying Gunicorn server as it should be to serve a WSGI-based app.

Why it doesn't work without the "=", despite the fact the "location / {}" block I showed in first pass is the one advised everywhere talking about Nginx as reverse proxy for a WSGI server serving a Python Flask app?

Also, should I uninstall PHP to prevent conflict, knowing I don't need PHP unless for phpMyAdmin and if Webuzo needs it?

So, what from this point?
How to redirect all requests to Gunicorn?

What do you think?

Good night (2:10 AM here)  :neu:

-----------------------
OpenVZ VPS, CentOS 7, Webuzo Premium / Desktop and full-stack dev w/ C, C++, Python, Perl, javascript...
IP: --   

Nginx as reverse proxy for WSGI server
erile
Group: Member
Post Group: Working Newbie
Posts: 51
Status:
UPDATE: I have to keep PHP, I'm using Rainloop as webmail client.

-----------------------
OpenVZ VPS, CentOS 7, Webuzo Premium / Desktop and full-stack dev w/ C, C++, Python, Perl, javascript...
IP: --   

Nginx as reverse proxy for WSGI server
erile
Group: Member
Post Group: Working Newbie
Posts: 51
Status:
OK, Solved with this extra conf for the subdomain:

Code
# pass all requests to website root to wsgi erver
location = / {
    proxy_set_header Host $http_host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;
    #proxy_pass http://unix:/home/admin/test/wsgi_test.sock;
    proxy_pass http://127.0.0.1:8000;
}

# pass all requests to any path to wsgi erver
location / {
    proxy_set_header Host $http_host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;
    #proxy_pass http://unix:/home/admin/test/wsgi_test.sock;
    proxy_pass http://127.0.0.1:8000;
}

Some explanations; may help someone a day...

The first location block is just about "/", strictly, and I disabled the PHP location which was in conflict (see my previous post above).

The second location block is above any request whatever the path (it's the reason why it worked for the images inside page, but not the html page at root itself). If there's a matching route served by the backend server, it will serve it through the underlying Python code. If there's no matching route, we get the behavior provided by our app or the Gunicorn 404 if nothing provided.

Later, I'll add a location block to serve static files, but the heart of the issue is solved: website root was ignored (don't know why) and in conflict with a PHP's location block (declared by Webuzo in common file) when not.

-----------------------
OpenVZ VPS, CentOS 7, Webuzo Premium / Desktop and full-stack dev w/ C, C++, Python, Perl, javascript...
IP: --   

« Previous    Next »

Threaded Mode | Print  



Jump To :


Users viewing this topic
1 guests, 0 users.


All times are GMT. The time now is September 17, 2019, 5:01 am.

  Powered By AEF 1.0.8 © 2007-2008 Electron Inc.Queries: 11  |  Page Created In:0.273