...
Code Block |
---|
sudo ln -s /etc/uwsgi/apps-available/noclook.ini /etc/uwsgi/apps-enabled/noclook.ini |
Make temp dir and log dir writable by the uwsgi user (www-data on ubuntu)
Code Block |
---|
sudo chown -R ni:www-data /tmp/django_cache
sudo chmod -R g+w /tmp/django_cache
sudo chown -R ni:www-data /var/opt/norduni/norduni/src/niweb/logs/
sudo chmod -R g+w /var/opt/norduni/norduni/src/niweb/logs/ |
nginx
Configure nginx.
Code Block | ||
---|---|---|
| ||
$ sudo vi /etc/nginx/sites-available/default The following configuration should be a good start. upstream django { server 127.0.0.1:8001; # for a web port socket } server { listen 80; listen [::]:80; server_name ni.nordu.net; rewrite ^ https://$server_name$request_uri? permanent; } server { listen 443; listen [::]:443 default ipv6only=on; ## listen for ipv6 ssl on; ssl_certificate /etc/ssl/ni_nordu_net.crt; ssl_certificate_key /etc/ssl/ni_nordu_net.key; # PFS settings from http://people.adams.edu/~cdmiller/posts/NSA_SSL_settings_for_nginx_and_apache/ # NOTE: these settings exclude Win XP with IE 6 # ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; ssl_ciphers DHE-RSA-CAMELLIA256-SHA:DHE-RSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:DES-CBC3-SHA:!ADH:!aNULL; server_name ni.nordu.net; location /static/ { alias /var/opt/norduni/norduni/src/niweb/niweb/static/; autoindex on; access_log off; expires 30d; } location / { include /etc/nginx/uwsgi_params; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_redirect off; uwsgi_pass django; } } |
...