我有一個應用服務器 ( APP ) 和一個 API 服務器 ( API )。對 /api 的請求通過 proxy_pass 發送到 API 服務器。我可以通過直接訪問 API 服務器或通過 APP 服務器的首選方式訪問 api 端點。一切都按預期作業。一旦我對我的 Django 應用程式進行身份驗證/登錄,問題就會出現。當我進行身份驗證并嘗試通過我的 APP 服務器到達 api 端點時,我得到一個504 Gateway Timeout。這與增加超時配置無關,因為我在未登錄時能夠訪問API服務器。
- Django 3.2.x
- 蟒蛇 3.9
- 獨角獸
- Nginx
- APP 和 API 服務器使用完全相同的代碼庫。
請參閱下面的 Nginx 配置:
應用服務器
server {
server_name cr-prod-app.example.com;
location ^~ /static {
alias /home/www/app/static_prod;
}
location / {
proxy_pass http://unix:/home/www/app/cr.sock;
}
location /api {
proxy_pass https://cr-prod-api.example.com/api;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_cache_bypass $http_upgrade;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/cr-prod-app.example.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/cr-prod-app.example.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
proxy_connect_timeout 1000s;
proxy_read_timeout 1000s;
}
server {
if ($host = cr-prod-app.example.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name cr-prod-app.example.com;
return 404; # managed by Certbot
}
API 服務器
upstream cr-prod-api {
server unix:/home/www/app/cr.sock;
}
server {
server_name cr-prod-api;
location /api {
proxy_pass http://cr-prod-api/api;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_cache_bypass $http_upgrade;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/cr-prod-api.example.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/cr-prod-api.example.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = cr-prod-api.example.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
server_name cr-prod-api.example.com;
listen 80;
return 404; # managed by Certbot
}
提前感謝您的幫助!
uj5u.com熱心網友回復:
原來答案很簡單,我忘了在資料庫防火墻配置中將 API 服務器 IP 地址列入白名單。
轉載請註明出處,本文鏈接:https://www.uj5u.com/qianduan/422870.html
標籤:
下一篇:OryHydra403帶反向代理