Hello, I’ve been struggling with an error for several days when deploying django application with websockets.(using Django==4.2.5, channels == 3.0.5, daphne == 3.0.2)
Server os :Ubuntu 22.04.3 LTS (GNU/Linux 5.2.0 x86_64)
Server: nginx
Also configured on the server: Redis, Gunicorn, Daphne
All these services are working fine and starting successfully but I am getting an error while connecting to websocket
(index):346 WebSocket connection to ‘wss://happy-moment.live:8001/search_game/’ failed:
Here is my services status and journalctl
ngix
root@851fcb08b962:~# sudo systemctl status nginx
● nginx.service - A high performance web server and a reverse proxy server
Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: enabled)
Active: active (running) since Wed 2023-09-27 07:04:17 MSK; 48min ago
Docs: man:nginx(8)
Process: 76329 ExecStartPre=/usr/sbin/nginx -t -q -g daemon on; master_process on; (code=exited, status=0/SUCCESS)
Process: 76330 ExecStart=/usr/sbin/nginx -g daemon on; master_process on; (code=exited, status=0/SUCCESS)
Main PID: 76331 (nginx)
CGroup: /system.slice/nginx.service
├─76331 "nginx: master process /usr/sbin/nginx -g daemon on; master_process on;"
├─76332 "nginx: worker process" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" ""
└─76333 "nginx: worker process" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" ""
Sep 27 07:04:17 851fcb08b962.vps.myjino.ru systemd[1]: Starting A high performance web server and a reverse proxy server...
Sep 27 07:04:17 851fcb08b962.vps.myjino.ru systemd[1]: Started A high performance web server and a reverse proxy server.
redis.service
root@851fcb08b962:~# sudo systemctl status redis.service
● redis-server.service - Advanced key-value store
Loaded: loaded (/lib/systemd/system/redis-server.service; enabled; vendor preset: enabled)
Active: active (running) since Wed 2023-09-27 03:37:01 MSK; 4h 17min ago
Docs: http://redis.io/documentation,
man:redis-server(1)
Main PID: 233 (redis-server)
Status: "Ready to accept connections"
CGroup: /system.slice/redis-server.service
└─233 "/usr/bin/redis-server 127.0.0.1:6379" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" ""
"" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" ""
Sep 26 08:18:33 851fcb08b962.vps.myjino.ru systemd[1]: Stopping Advanced key-value store...
Sep 26 08:18:33 851fcb08b962.vps.myjino.ru systemd[1]: redis-server.service: Deactivated successfully.
Sep 26 08:18:33 851fcb08b962.vps.myjino.ru systemd[1]: Stopped Advanced key-value store.
Sep 27 03:36:55 851fcb08b962.vps.myjino.ru systemd[1]: Stopping Advanced key-value store...
Sep 27 03:36:55 851fcb08b962.vps.myjino.ru systemd[1]: redis-server.service: Deactivated successfully.
Sep 27 03:36:55 851fcb08b962.vps.myjino.ru systemd[1]: Stopped Advanced key-value store.
Sep 27 03:37:01 851fcb08b962.vps.myjino.ru systemd[1]: Starting Advanced key-value store...
Sep 27 03:37:01 851fcb08b962.vps.myjino.ru systemd[1]: Started Advanced key-value store.
Notice: journal has been rotated since unit was started, output may be incomplete.
daphne service
root@851fcb08b962:~# sudo systemctl status daphne.service
● daphne.service - WebSocket Daphne Service
Loaded: loaded (/etc/systemd/system/daphne.service; disabled; vendor preset: enabled)
Active: active (running) since Wed 2023-09-27 06:59:54 MSK; 55min ago
Main PID: 74669 (python)
CGroup: /system.slice/daphne.service
└─74669 /home/ftpuser/venv/bin/python /home/ftpuser/venv/bin/daphne -e ssl:8001:privateKey=/etc/ssl/private.key:certKey
=/etc/ssl/certificate.crt main.asgi:application
Sep 27 06:59:54 851fcb08b962.vps.myjino.ru systemd[1]: Started WebSocket Daphne Service.
Sep 27 06:59:54 851fcb08b962.vps.myjino.ru python[74669]: 2023-09-27 03:59:54,710 INFO Starting server at ssl:8001:privateKey=
/etc/ssl/private.key:certKey=/etc/ssl/certificate.crt
Sep 27 06:59:54 851fcb08b962.vps.myjino.ru python[74669]: 2023-09-27 03:59:54,710 INFO HTTP/2 support enabled
Sep 27 06:59:54 851fcb08b962.vps.myjino.ru python[74669]: 2023-09-27 03:59:54,710 INFO Configuring endpoint ssl:8001:privateKe
y=/etc/ssl/private.key:certKey=/etc/ssl/certificate.crt
Sep 27 06:59:54 851fcb08b962.vps.myjino.ru python[74669]: 2023-09-27 03:59:54,715 INFO Listening on TCP address 0.0.0.0:8001
gunicorn
root@851fcb08b962:~# sudo systemctl status gunicorn.service
● gunicorn.service - gunicorn daemon
Loaded: loaded (/etc/systemd/system/gunicorn.service; enabled; vendor preset: enabled)
Active: active (running) since Wed 2023-09-27 04:41:05 MSK; 3h 14min ago
TriggeredBy: ● gunicorn.socket
Main PID: 23606 (gunicorn)
CGroup: /system.slice/gunicorn.service
├─23606 /home/ftpuser/venv/bin/python3 /home/ftpuser/venv/bin/gunicorn --access-logfile - --workers 3 --bind unix:/run/
gunicorn.sock main.wsgi:application
├─23607 /home/ftpuser/venv/bin/python3 /home/ftpuser/venv/bin/gunicorn --access-logfile - --workers 3 --bind unix:/run/
gunicorn.sock main.wsgi:application
├─23608 /home/ftpuser/venv/bin/python3 /home/ftpuser/venv/bin/gunicorn --access-logfile - --workers 3 --bind unix:/run/
gunicorn.sock main.wsgi:application
└─23609 /home/ftpuser/venv/bin/python3 /home/ftpuser/venv/bin/gunicorn --access-logfile - --workers 3 --bind unix:/run/
gunicorn.sock main.wsgi:application
Here is my services config files
gunicorn.socket
[Unit]
Description=gunicorn socket
[Socket]
ListenStream=/run/gunicorn.sock
[Install]
WantedBy=sockets.target
gunicorn.service
[Unit]
Description=gunicorn daemon
Requires=gunicorn.socket
After=network.target
[Service]
User=ftpuser
Group=www-data
WorkingDirectory=/home/ftpuser/main
ExecStart=/home/ftpuser/venv/bin/gunicorn \
--access-logfile - \
--workers 3 \
--bind unix:/run/gunicorn.sock \
main.wsgi:application
[Install]
WantedBy=multi-user.target
Daphne service
[Unit]
Description=WebSocket Daphne Service
After=network.target
[Service]
Type=simple
User=root
WorkingDirectory=/home/ftpuser/main
ExecStart=/home/ftpuser/venv/bin/python /home/ftpuser/venv/bin/daphne -e ssl:8001:privateKey=/etc/ssl/private.key:certKey=/etc/ssl/certificate.crt main.asgi:application
Restart=on-failure
[Install]
WantedBy=multi-user.target
Note:Also i tried without specifying privateKey and certKey
Nginx conf
events {
worker_connections 768;
# multi_accept on;
}
http {
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
types_hash_max_size 2048;
# server_tokens off;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# SSL Settings
##
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
##
# Logging Settings
##
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
##
# Gzip Settings
##
gzip on;
# gzip_vary on;
# gzip_proxied any;
# gzip_comp_level 6;
# gzip_buffers 16 8k;
# gzip_http_version 1.1;
# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
##
# Virtual Host Configs
##
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
client_max_body_size 10M;
}
My website conf file
server {
server_name happy-moment.live;
location = /favicon.ico { access_log off; log_not_found off; }
location /static/ {
root /home/ftpuser/main;
}
location / {
include proxy_params;
proxy_pass http://unix:/run/gunicorn.sock;
}
location /ws/ {
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_redirect off;
proxy_pass http://127.0.0.1:8001;
}
}
Note:Also tried redirect all http request to the port 443 using this lines of code:
server {
if ($host = happy-moment.live) {
return 301 https://$host$request_uri;
}
server_name happy-moment.live;
listen 80;
return 404;
}
But in this case i get ERR_TOO_MANY_REDIRECTS
that’s why i duplicated the code in my conf file for each request(for 80 and 443)
Here is my settings.py
ALLOWED_HOSTS = ['*']
# CORS_ALLOWED_ORIGINS = ['*']
CSRF_TRUSTED_ORIGINS =[
'https://happy-moment.live',
]
ASGI_APPLICATION = 'chat.routing.application'
WSGI_APPLICATION = 'main.wsgi.application'
SECURE_CROSS_ORIGIN_OPENER_POLICY='same-origin-allow-popups'
CHANNEL_LAYERS = {
# 'default': {
# 'BACKEND': 'channels.layers.InMemoryChannelLayer',
# },
"default": {
"BACKEND": "channels_redis.core.RedisChannelLayer",
"CONFIG": {
"hosts": [("127.0.0.1", 6379)],
},
},
}
main/asgi.py
import os
import django
from channels.routing import get_default_application
os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'main.settings')
django.setup()
application = get_default_application()
chat/routing.py
from channels.auth import AuthMiddlewareStack
from django.core.asgi import get_asgi_application
from channels.routing import ProtocolTypeRouter, URLRouter
from django.urls import path
from channels.security.websocket import AllowedHostsOriginValidator
from django.urls import re_path
from . import consumers
application = ProtocolTypeRouter({
'http': get_asgi_application(),
'websocket':AllowedHostsOriginValidator(
AuthMiddlewareStack(
URLRouter([
re_path(r'/chat/(?P<pk>\d+)/$', consumers.GameConsumer.as_asgi()),
path('search_game/', consumers.SearchGameConsumer.as_asgi()),
])
)
)
})
I tried a lot of things to solve this problem, I also installed soft tshark to analyze traffic and saw that even on the server I was not receiving a request for port 8001
I think main problem with ssl sertificate but I no longer understand how to determine this and how to fix it because the site works correctly with both https and http
Did anyone have this problem
Can anyone help please?