3. Posting code snippets properly on Reddit

Posting code snippets properly on Reddit

Hello everyone, I am trying to deploy a website onto a VPS for the first time. It is build with Django on the backend, React on the frontend and is containerised with Docker. I have managed to make it run before thanks to Gunicorn and Nginx for the first time, but with no secure connection. However, I am also trying to set up a SSL certificate for the domain with Letsencrypt and Certbot. My problem is that I am able to have a secure connection for port 80 (where frontend resides) but not for port 8000 (where the backend is... I can call for API requests and access Django admin, but only http). Therefore, whenever I make my website goes live, I get a mixed content error "insecure XMLHttpRequest endpoint" (API request from https to http) since my only my frontend is secured.

I have been battling with this for good two weeks... if anyone knows where I screwed up in my files it would help me immensely!

Base URL in React const baseURL = "http://my-domain.com:8000/api/";

Docker-compose version: "3"

services:
  backend:
    build:
      context: ./backend
    command: gunicorn core.wsgi --bind 0.0.0.0:8000 --workers 4 --threads 4
    ports:
      - "8000:8000"
    volumes:
      - static_volume:/home/app/backend/staticfiles
    restart: unless-stopped
  frontend:
    build:
      context: ./frontend
    volumes:
      - react_build:/frontend/build
    restart: unless-stopped
  nginx:
    image: nginx:latest
    restart: unless-stopped
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - ./data/nginx/nginx-setup.conf:/etc/nginx/conf.d/default.conf:ro
      - react_build:/var/www/react
      - ./data/certbot/conf:/etc/letsencrypt
      - ./data/certbot/www:/var/www/certbot
    depends_on:
      - backend
      - frontend
    command: '/bin/sh -c ''while :; do sleep 6h & wait $${!}; nginx -s reload; done & nginx -g "daemon off;"'''
  certbot:
    image: certbot/certbot
    restart: unless-stopped
    volumes:
      - ./data/certbot/conf:/etc/letsencrypt
      - ./data/certbot/www:/var/www/certbot
    entrypoint: "/bin/sh -c 'trap exit TERM; while :; do certbot renew; sleep 12h & wait $${!}; done;'"
volumes:
  react_build:
  static_volume:``

nginx-setup.conf upstream api { server backend:8000; }

server {
    listen 80;
    server_name my-domain.com;
    server_tokens off;

    location /.well-known/acme-challenge/ {
        root /var/www/certbot;
    }

    location / {
        return 301 https://$host$request_uri;
    }
}

server {
    listen 443 ssl;
    server_name my-domain.com;
    server_tokens off;

    ssl_certificate /etc/letsencrypt/live/my-domain.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/my-domain.com/privkey.pem;
    include /etc/letsencrypt/options-ssl-nginx.conf;
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;

    location / {
      root /var/www/react;
      index index.html;
      try_files $uri $uri /index.html$is_args$args =404;
    }

    location /api {
        try_files $uri @proxy_api;
    }
    location /admin {
        try_files $uri @proxy_api;
    }

    location @proxy_api {
        proxy_set_header X-Forwarded-Proto https;
        proxy_set_header X-Url-Scheme $scheme;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header Host $http_host;
        proxy_redirect off;
        proxy_pass   https://backend:8000/;
    }

    location /staticfiles/ {
        autoindex on;
        alias /home/app/backend/staticfiles/;
    }
}

not sure if it is important, but for the SSL certifications I used a script as shown in this tutorial: https://pentacent.medium.com/nginx-and-lets-encrypt-with-docker-in-less-than-5-minutes-b4b8a60d3a71

/r/web_design Thread
Previous
Next

Recently removed from /r/web_design

Beginner Questions I'm working on a school project and this is the home page for my "product". I feel like it doesn't look quite right when it comes to how it's laid out. Does anyone have any tips to make it look better and maybe more dynamic? please don't mind that the page is in Norwegian. Feedback on interactive itinerary optimization app for european travel? Beginner Questions Is there a way to export out CSS from PSD? I know I can, in Photoshop, click and get the CSS for that particular piece but is there a way to just export out what's on the screen for banner ads. Need recommendations for web hosting for my class Reddit's disrespectful design Creating an alternate version of a site when viewed in Incognito mode? Feedback Friday - October 18, 2019 Beginner Questions - July 26, 2019 Law of completion - how do I make a horizontal scroller that uses this theory? Why do developers feel the need to reinvent and replace perfectly fine basic functionalities like scrolling/scrollbars? I'm not really sure if everyone here is familiar with crypto exchanges but the most popular exchange Binance (pictured top left) has a data clogged interface for professional traders. Bancor (pictured bottom left) has less buttons but performs the same actions. What's your opinion on the UI? Web designers of Reddit, how do you handle situations where your higher up tells you to implement a bad design? Or you implement a standard web design trick but the higher up thinks it's a design error and jokingly blames your lack of competence for it? Starting a web design business. Local or global?

More Random Comments

Warlock and Sorcerer vs Bard and Paladin Why didn’t The Watchers upgrade The Slayer? Why didn’t The Watcher’s council opt/make it a requirement for Slayers to learn magic? That would seriously help them in the fight against demons. Many demons and witches know magic and Slayers have no defense. Here is my final tier list. I changed some stuff around. This is final. Feel free to ask questions in the comments Cleaning a Diamond Ring with an Ultrasonic Bath national embarrassment FINAL POST I [24F] have extremely small boobs, how should i let guys that are interested in me know about this? Why do other people who are using the same weapons as me seemingly do more damage? (serious) question regarding adult diapers & the bar exam 46 days. 1,104 hours. 66,240 minutes. (Thoughts in comments) Bushfire scientists call for Australia to set up national fire monitoring agency covid themed voice lines anyone? Can we get some bagpipe appreciation, cause it's not easy man If I don't pray salah does this mean I'm not a Muslim and destined to hellfire? What do you say to someone who isn't against eating meat if the animal lives a genuinely happy life?