Max's questions

Estou usando um servidor web Nginx em um servidor Ubuntu 18.04 com Gunicorn e Django. Meu servidor está inativo no momento porque o cabeçalho do host de entrada está sempre duplicado.

Quando faço uma solicitação ao servidor, recebo um erro do Django dizendo

Invalid HTTP_HOST header: 'dt-testing.com,dt-testing.com'. The domain name provided is not valid according to RFC 1034/1035.

Não consigo descobrir onde o cabeçalho de entrada está sendo duplicado. Eu vasculhei meus arquivos nginx.conf e sites disponíveis o melhor que pude e não consigo encontrar nada suspeito.

O arquivo de sites disponíveis:

#server { # redirection logic
#        listen 80; # port to listen on
#        #return 301 https://$host$request_uri*;
#        return 301 https://$host$request_uri; # could this be causing the doubling of the URL?
#}

server {
#    listen 443 ssl; # listen for HTTPS
    listen 80; # listen for HTTPS
    server_name dt-testing.com www.dt-testing.com; # server name to use

    location = /favicon.ico { access_log off; log_not_found off; } # site icon to use
    location /static/ { # location of static files
        root /websites/DT/DiamondTutoring/;
    }

    location / { # error is here?
        proxy_pass http://unix:/websites/DT/run/gunicorn.sock; # connector to gunicorn
        proxy_set_header Host $host;
        include proxy_params;
        #error_page 405 =200 $uri;
    }

#    ssl_certificate /etc/letsencrypt/live/dt-testing.com/fullchain.pem; # managed by Certbot
#    ssl_certificate_key /etc/letsencrypt/live/dt-testing.com/privkey.pem; # managed by Certbot


    rewrite_log on;
    error_log /var/log/nginx/error_log;

}

O arquivo nginx.conf

user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;

events {
    worker_connections 768;
    # multi_accept on;
}



http {

    ##
    # Basic Settings
    ##
    sendfile on;
    tcp_nopush on;
    tcp_nodelay on;
    keepalive_timeout 65;
    types_hash_max_size 2048;
    # server_tokens off;

    # server_names_hash_bucket_size 64;
    # server_name_in_redirect off;

    include /etc/nginx/mime.types;
    default_type application/octet-stream;

    ##
    # SSL Settings
    ##

    ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE
    ssl_prefer_server_ciphers on;

    ##
    # Logging Settings
    ##

    access_log /var/log/nginx/access.log;
    error_log /var/log/nginx/error.log;

    ##
    # Gzip Settings
    ##

    gzip on;

    # gzip_vary on;
    # gzip_proxied any;
    # gzip_comp_level 6;
    # gzip_buffers 16 8k;
    # gzip_http_version 1.1;
    # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;

    ##
    # Virtual Host Configs
    ##

    #include /etc/nginx/conf.d/*.conf;
    include /etc/nginx/sites-enabled/*;
}


#mail {
#   # See sample authentication script at:
#   # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
# 
#   # auth_http localhost/auth.php;
#   # pop3_capabilities "TOP" "USER";
#   # imap_capabilities "IMAP4rev1" "UIDPLUS";
# 
#   server {
#       listen     localhost:110;
#       protocol   pop3;
#       proxy      on;
#   }
# 
#   server {
#       listen     localhost:143;
#       protocol   imap;
#       proxy      on;
#   }
#}

Existe alguma coisa que eu estou perdendo? Não consigo descobrir onde o cabeçalho seria duplicado e concatenado.

Recentemente, tentei renovar meu certificado letsencrypt ssl, mas depois que fiz isso, recebi 400 respostas do servidor sempre que tento me conectar ao meu site. Eu tentei absolutamente tudo que eu posso pensar. Anexei uma cópia do meu arquivo de log de erros do Nginx com o nível definido para depurar e meu arquivo de configuração do servidor. Qualquer ajuda é super apreciada.

Estou usando Django, Nginx e Gunicorn no meu servidor.

Executei o comando certbot renewpara renovar o certificado.

Feito isso, não obtive nada além de 400 respostas.

Além disso, quando tento me conectar ao site, recebo uma saída de erro do Django:

Invalid HTTP_HOST header: 'testing.com,testing.com'. The domain name provided is not valid according to RFC 1034/1035.

Report at /
Invalid HTTP_HOST header: 'testing.com,testing.com'. The domain name provided is not valid according to RFC 1034/1035.

Pode ter algo a ver com o URL repetido, mas também não tenho certeza se é isso.

Abaixo está meu arquivo de configuração do nginx em sites disponíveis.

server { # redirection logic
        listen 80; # port to listen on
        return 301 https://$host$request_uri*;
}

server {
    listen 443 ssl; # listen for HTTPS
    server_name testing.com www.testing.com; # server name to use
    ssl_certificate /etc/letsencrypt/live/testing.com/fullchain.pem; # ssl certs
    ssl_certificate_key /etc/letsencrypt/live/dt-testing.com/privkey.pem;   
    location = /favicon.ico { access_log off; log_not_found off; } # site icon to use
    location /static/ { # location of static files
        root /websites/DT/path/;
    }

    location / {
        proxy_set_header Host $host;
        include proxy_params;
        proxy_pass http://unix:/websites/DT/run/gunicorn.sock; # connector to gunicorn
    #error_page 405 =200 $uri;
    }

    rewrite_log on;
    error_log /var/log/nginx/error_log debug;
}

Aqui está minha saída do log de depuração do nginx.

"GET / HTTP/1.0
Host: testing.com
Host: testing.com
X-Real-IP: 185.252.151.5
X-Forwarded-For: 185.252.151.5
X-Forwarded-Proto: https
Connection: close
User-Agent: Mozilla/5.0 (Linux; Android 7.1.1; Nexus 6P Build/NOF27C) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.81 Mobile Safari/537.36
Accept-Language: en-us,en-gb,en;q=0.7,*;q=0.3
Accept-Charset: utf-8,ISO-8859-1;q=0.7,*;q=0.7
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: x-gzip, gzip, deflate

"
2019/04/06 00:02:56 [debug] 11579#11579: *12 http cleanup add: 000055DF21463240
2019/04/06 00:02:56 [debug] 11579#11579: *12 get rr peer, try: 1
2019/04/06 00:02:56 [debug] 11579#11579: *12 stream socket 15
2019/04/06 00:02:56 [debug] 11579#11579: *12 epoll add connection: fd:15 ev:80002005
2019/04/06 00:02:56 [debug] 11579#11579: *12 connect to unix:/websites/DT/run/gunicorn.sock, fd:15 #13
2019/04/06 00:02:56 [debug] 11579#11579: *12 connected
2019/04/06 00:02:56 [debug] 11579#11579: *12 http upstream connect: 0
2019/04/06 00:02:56 [debug] 11579#11579: *12 posix_memalign: 000055DF2142F410:128 @16
2019/04/06 00:02:56 [debug] 11579#11579: *12 http upstream send request
2019/04/06 00:02:56 [debug] 11579#11579: *12 http upstream send request body
2019/04/06 00:02:56 [debug] 11579#11579: *12 chain writer buf fl:1 s:524
2019/04/06 00:02:56 [debug] 11579#11579: *12 chain writer in: 000055DF214F97D0
2019/04/06 00:02:56 [debug] 11579#11579: *12 writev: 524 of 524
2019/04/06 00:02:56 [debug] 11579#11579: *12 chain writer out: 0000000000000000
2019/04/06 00:02:56 [debug] 11579#11579: *12 event timer add: 15: 60000:4664042409
2019/04/06 00:02:56 [debug] 11579#11579: *12 http finalize request: -4, "/?" a:1, c:2
2019/04/06 00:02:56 [debug] 11579#11579: *12 http request count:2 blk:0
2019/04/06 00:02:56 [debug] 11579#11579: *12 http run request: "/?"
2019/04/06 00:02:56 [debug] 11579#11579: *12 http upstream check client, write event:1, "/"
2019/04/06 00:02:56 [debug] 11579#11579: *12 http upstream request: "/?"
2019/04/06 00:02:56 [debug] 11579#11579: *12 http upstream dummy handler
2019/04/06 00:02:57 [debug] 11579#11579: *12 http upstream request: "/?"
2019/04/06 00:02:57 [debug] 11579#11579: *12 http upstream process header
2019/04/06 00:02:57 [debug] 11579#11579: *12 malloc: 000055DF21502980:4096
2019/04/06 00:02:57 [debug] 11579#11579: *12 recv: eof:1, avail:1
2019/04/06 00:02:57 [debug] 11579#11579: *12 recv: fd:15 160 of 4096
2019/04/06 00:02:57 [debug] 11579#11579: *12 http proxy status 400 "400 Bad Request"
2019/04/06 00:02:57 [debug] 11579#11579: *12 http proxy header: "Server: gunicorn/19.9.0"
2019/04/06 00:02:57 [debug] 11579#11579: *12 http proxy header: "Date: Sat, 06 Apr 2019 00:02:57 GMT"
2019/04/06 00:02:57 [debug] 11579#11579: *12 http proxy header: "Connection: close"
2019/04/06 00:02:57 [debug] 11579#11579: *12 http proxy header: "Content-Type: text/html"
2019/04/06 00:02:57 [debug] 11579#11579: *12 http proxy header done
2019/04/06 00:02:57 [debug] 11579#11579: *12 xslt filter header
2019/04/06 00:02:57 [debug] 11579#11579: *12 HTTP/1.1 400 Bad Request
Server: nginx/1.15.5 (Ubuntu)
Date: Sat, 06 Apr 2019 00:02:57 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive

EDIT: Neste ponto, acho que estou dobrando o URL em algum lugar. Também forneci meu arquivo nginx.conf na esperança de estar dobrando algo lá.

user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;

events {
    worker_connections 768;
    # multi_accept on;
}



http {

    ##
    # Basic Settings
    ##
    sendfile on;
    tcp_nopush on;
    tcp_nodelay on;
    keepalive_timeout 65;
    types_hash_max_size 2048;
    # server_tokens off;

    # server_names_hash_bucket_size 64;
    # server_name_in_redirect off;

    include /etc/nginx/mime.types;
    default_type application/octet-stream;

    ##
    # SSL Settings
    ##

    ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE
    ssl_prefer_server_ciphers on;

    ##
    # Logging Settings
    ##

    access_log /var/log/nginx/access.log;
    error_log /var/log/nginx/error.log;

    ##
    # Gzip Settings
    ##

    gzip on;

    # gzip_vary on;
    # gzip_proxied any;
    # gzip_comp_level 6;
    # gzip_buffers 16 8k;
    # gzip_http_version 1.1;
    # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;

    ##
    # Virtual Host Configs
    ##

    #include /etc/nginx/conf.d/*.conf;
    include /etc/nginx/sites-enabled/*;
}


#mail {
#   # See sample authentication script at:
#   # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
# 
#   # auth_http localhost/auth.php;
#   # pop3_capabilities "TOP" "USER";
#   # imap_capabilities "IMAP4rev1" "UIDPLUS";
# 
#   server {
#       listen     localhost:110;
#       protocol   pop3;
#       proxy      on;
#   }
# 
#   server {
#       listen     localhost:143;
#       protocol   imap;
#       proxy      on;
#   }
#}