我正在运行一个非常简单的 Flask 网络服务器:
from flask import Flask
app = Flask(__name__)
@app.route('/api/get_latest_api_version', methods=['GET'])
def get_latest_api_version():
return "3.0.0"
if __name__ == '__main__':
app.run(debug=True, host='0.0.0.0')
这是通过
python3 -m gunicorn -b 0.0.0.0:5000 app:app --log-level "debug"
(在 tmux 会话中)调用的。
我还使用以下相关配置将 nginx 作为 systemd 进程运行:
server {
listen 443 ssl;
server_name problemsite.ca;
ssl_certificate /etc/letsencrypt/live/problemsite.ca/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/problemsite.ca/privkey.pem;
location / {
proxy_pass http://127.0.0.1:5000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
问题
Nginx 在接收传入请求并返回错误的网关调用时与 Gunicorn 服务器存在某种无法解释的通信问题。错误消息示例:
<IP SOURCE> - - [04/May/2024:20:58:31 +0000] "GET /api/get_latest_api_version HTTP/1.1" 502 173 "-" "curl/7.68.0"
来自要求
curl -X 'GET' 'https://problemsite.ca/api/get_latest_api_version' -H 'accept: application/json'
其他信息
curl -X 'GET' 'http://127.0.0.1:5000/api/get_latest_api_version' -H 'accept: application/json'
返回响应pip3 install flask gunicorn
yum install -y nginx tmux
cd /tmp
wget https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
rpm -Uvh /tmp/epel-release-latest-8.noarch.rpm
dnf install -y snapd
systemctl enable --now snapd.socket
systemctl start snapd
ln -s /var/lib/snapd/snap /snap
snap install core
snap refresh core
snap install --classic certbot
ln -s /snap/bin/certbot /usr/bin/certbot
firewall-cmd --zone=public --permanent --add-port=80/tcp
firewall-cmd --zone=public --permanent --add-port=443/tcp
firewall-cmd --zone=public --permanent --add-port=5000/tcp
firewall-cmd --reload
certbot certonly --standalone -d "problemsite.ca" --non-interactive --agree-tos -m "[email protected]"
<copy SSL part to nginx config>
systemctl enable nginx
systemctl restart nginx
<create app.py file>
我还尝试过什么
proxy_pass http://127.0.0.1:5000/;
)当你让 Flask 在代理后面运行时,你需要确保告诉 Flask 它在代理后面,根据文档:
from werkzeug.middleware.proxy_fix import ProxyFix
app = Flask(__name__)
# x_for: X-Forwarded-For
# x_proto: X-Forwarded-Proto
# x_host: X-Forwarded-Host
# x_prefix: X-Forwarded-Prefix
app.wsgi_app = ProxyFix(app.wsgi_app, x_for=1, x_proto=1, x_host=1, x_prefix=1)
并将
proxy_set_header X-Forwarded-Prefix /;
添加到 nginx 配置中的 location /
。
location / {
proxy_pass http://127.0.0.1:5000/;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Prefix /;
}
确保重新启动或重新加载 nginx 配置和 Gunicorn。