域证书CERTBOT问题或Nginx和Gunicorn3不处理请求

发布于 2025-02-08 14:54:18 字数 2491 浏览 4 评论 0原文

我想在Ubuntu上发布一个测试瓶SSL Server。这是我的领域： viberchatbot.ga www.viberchatbot.ga

'''记录传播都是绿色的绿色和www.domain。

我设法用“ sudo certbot -nginx”设置了SSL，

这是我的听众：

这是cat/etc/nginx/stites-enabled/flask_app：

server {
        server_name viberchatbot.ga www.viberchatbot.ga;

        location / {
                proxy_pass http://127.0.0.1:8000;
                proxy_set_header Host $host;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        }

    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/viberchatbot.ga/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/viberchatbot.ga/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot 

}
server {
    if ($host = www.viberchatbot.ga) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    if ($host = viberchatbot.ga) {
        return 301 https://$host$request_uri;
    } # managed by Certbot

        server_name viberchatbot.ga www.viberchatbot.ga;
    listen 80;
    return 404; # managed by Certbot
}

我正在尝试访问一个简单的测试

from flask import Flask
app = Flask(__name__)

@app.route('/')
def hello_world():
    return 'Hello, World!'

if __name__ == "__main__":
    app.run(host="0.0.0.0",  debug=True)

。 “ 0.0.0.0”，端口= 5000，debug = true）我可以看到Hello World！在My＆lt; external_ip＆gt;：5000

似乎我无法让Nginx和Gunicorn进行交流，否则我对域名有问题。

我只在viberchatbot.ga和 wwwww.viberchatbot.ga 中，我只在viberchatbot.ga和

edit 只是为了补充，我确实遵循以下操作： httpps://letsdebug.net/wwwwwww.vww.vww.vww.v.v.v.v.v.v.v.v.v.v.v.v.v.v.v.v.v.v.v.v.v.v.ga/1081371

＆got an下列的：

也许我有一些证书问题？

编辑：我忘了提到我从启用nginx/sites启用 default 我没有修改网站可用

原文

I want to post a test Flask SSL server on UBUNTU.
Here is my domain:
viberchatbot.ga
www.viberchatbot.ga

'A' record propagation is all green for domain and www.domain.

I managed to setup SSL with 'sudo certbot --nginx'

Here are my listeners:

here is the cat /etc/nginx/sites-enabled/flask_app:

server {
        server_name viberchatbot.ga www.viberchatbot.ga;

        location / {
                proxy_pass http://127.0.0.1:8000;
                proxy_set_header Host $host;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        }

    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/viberchatbot.ga/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/viberchatbot.ga/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot 

}
server {
    if ($host = www.viberchatbot.ga) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    if ($host = viberchatbot.ga) {
        return 301 https://$host$request_uri;
    } # managed by Certbot

        server_name viberchatbot.ga www.viberchatbot.ga;
    listen 80;
    return 404; # managed by Certbot
}

and I am trying to access a simple test.py:

from flask import Flask
app = Flask(__name__)

@app.route('/')
def hello_world():
    return 'Hello, World!'

if __name__ == "__main__":
    app.run(host="0.0.0.0",  debug=True)

If I use python3 test.py and inside I have app.run(host="0.0.0.0", port=5000, debug=True)
I can see the Hello World! at my <external_ip>:5000

It seems I cannot get nginx and gunicorn to communicate or I have an issue with my domain.

I only get ERR_CONNECTION_TIMED_OUT in the browser on both viberchatbot.ga and www.viberchatbot.ga.

EDIT Just to add I did follow this:
https://letsdebug.net/www.viberchatbot.ga/1081371

and got the following:

Maybe I am having some certificate problems?

Edit:
I forgot to mentioned that I unlinked the default from nginx/sites-enabled
I have not modified sites-available

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

做个ˇ局外人 2025-02-15 14:54:18

枪支和NGINX之间的通信或域的证书或记录没有错。

NGINX也正确地路由到443。

我在UFW中有以下开放：

ubuntu@vbot-instance:/etc/nginx/sites-available$ sudo ufw status
Status: active

To                         Action      From
--                         ------      ----
80/tcp                     ALLOW       Anywhere
443/tcp                    ALLOW       Anywhere
8000/tcp                   ALLOW       Anywhere
5000/tcp                   ALLOW       Anywhere
Nginx Full                 ALLOW       Anywhere
80/tcp (v6)                ALLOW       Anywhere (v6)
443/tcp (v6)               ALLOW       Anywhere (v6)
8000/tcp (v6)              ALLOW       Anywhere (v6)
5000/tcp (v6)              ALLOW       Anywhere (v6)
Nginx Full (v6)            ALLOW       Anywhere (v6)

但是我的443个请求仍被防火墙封锁。
我多次禁用/启用UFW，但没有更改。

修复了它是从托管的Oracle云中简单重新启动Ubuntu实例的简单重新启动。
重新启动后，我重新启动了所有服务和“ Hello World！”出现。

There was nothing wrong with the communication between gunicorn and nginx or with the domain's certificate or records.

Also NGINX was routing to 443 properly.

I had the following open in UFW:

ubuntu@vbot-instance:/etc/nginx/sites-available$ sudo ufw status
Status: active

To                         Action      From
--                         ------      ----
80/tcp                     ALLOW       Anywhere
443/tcp                    ALLOW       Anywhere
8000/tcp                   ALLOW       Anywhere
5000/tcp                   ALLOW       Anywhere
Nginx Full                 ALLOW       Anywhere
80/tcp (v6)                ALLOW       Anywhere (v6)
443/tcp (v6)               ALLOW       Anywhere (v6)
8000/tcp (v6)              ALLOW       Anywhere (v6)
5000/tcp (v6)              ALLOW       Anywhere (v6)
Nginx Full (v6)            ALLOW       Anywhere (v6)

However my 443 requests were still being blocked by the firewall.
I disabled/enabled UFW multiple times but no change.

What fixed it was a simple restart of the Ubuntu instance from the Oracle cloud where it was hosted.
I re-launched all the services after the restart and the 'Hello World!' appeared.

回复收藏 0 原文

~没有更多了~