Deploy django with nginx, gunicorn and SSL Certificate

Published in

django

3 min readFeb 3, 2024

I’ll guide you through deploying a Django application with Nginx and Gunicorn, and then installing SSL using Certbot. Please note that the specific commands and paths might vary depending on your server and environment. This guide assumes you are using a Linux-based server.

Install necessary packages:

# Update package list
sudo apt update

# Install Python and pip
sudo apt install python3 python3-pip

# Install virtualenv (optional but recommended)
sudo apt install python3-venv

# Install Nginx and Gunicorn
sudo apt install nginx
pip3 install gunicorn

Set up and deploy Django project:

# Clone your Django project from your version control system (e.g., Git)
git clone your_django_project_url
cd your_django_project_directory

# Create and activate virtual environment
python3 -m venv venv
source venv/bin/activate

# Install project dependencies
pip install -r requirements.txt

# Run Django migrations and collect static files
python manage.py migrate
python manage.py collectstatic

Configure Gunicorn:

Create a Gunicorn service file:

sudo nano /etc/systemd/system/gunicorn.service

Add the following content to the file:

[Unit]
Description=gunicorn daemon for your_project
After=network.target

User=your_user
Group=your_group
WorkingDirectory=/path/to/your_django_project_directory
ExecStart=/path/to/venv/bin/gunicorn \
          --workers=3 \
          --bind unix:/path/to/your_django_project_directory/your_project.sock \
          --log-level=error \
          --access-logfile=/path/to/your_django_project_directory/gunicorn_access.log \
          --error-logfile=/path/to/your_django_project_directory/gunicorn_error.log \
          your_project.wsgi:application

[Install]
WantedBy=multi-user.target

Replace your_user, your_group, /path/to/your_django_project_directory, and your_project with your actual user, group, project directory, and project name.

Start and enable the Gunicorn service:

sudo systemctl start gunicorn
sudo systemctl enable gunicorn

Check Gunicorn Status

sudo systemctl status gunicorn

Implement Supervisor for Gunicorn

Supervisor helps manage and monitor Gunicorn. Install Supervisor:

sudo apt install supervisor

Create a Supervisor configuration file:

sudo nano /etc/supervisor/conf.d/your_project.conf

Add the following content:

[program:your_project]
command=/path/to/venv/bin/gunicorn \
        --workers=3 \
        --bind unix:/path/to/your_django_project_directory/your_project.sock \
        --log-level=error \
        your_project.wsgi:application
directory=/path/to/your_django_project_directory
user=your_user
autostart=true
autorestart=true
stderr_logfile=/path/to/your_django_project_directory/supervisor_stderr.log
stdout_logfile=/path/to/your_django_project_directory/supervisor_stdout.log

Configure Nginx:

Create a new Nginx server block configuration:

sudo nano /etc/nginx/sites-available/your_project

Add the following content:

server {
    listen 80;
    server_name your_domain_or_server_ip;

    location = /favicon.ico { access_log off; log_not_found off; }

    location /static/ {
        root /path/to/your_django_project_directory;
    }

    location /media/ {
        root /path/to/your_django_project_directory;
    }

    location / {
        include proxy_params;
        proxy_pass http://unix:/path/to/your_django_project_directory/your_project.sock;
    }
}

Link the configuration file to sites-enabled:

sudo ln -s /etc/nginx/sites-available/your_project /etc/nginx/sites-enabled

Test Nginx configuration and restart Nginx:

sudo nginx -t
sudo systemctl restart nginx

Install SSL using Certbot:

sudo apt install certbot python3-certbot-nginx

Obtain and install SSL certificate:

sudo certbot --nginx -d your_domain_or_server_ip

Test and restart Nginx:

sudo nginx -t
sudo systemctl restart nginx

Now, your Django application should be deployed with Nginx, Gunicorn, and SSL configured using Certbot. Make sure to replace placeholder values with your actual information.

Optional

Enable Gzip Compression in Nginx:

Edit the Nginx configuration file:

sudo nano /etc/nginx/sites-available/your_project

Update the server block:

server {
    listen 80;
    server_name your_domain_or_server_ip;
    return 301 https://$host$request_uri;
}

server {
    listen 443 ssl;
    server_name your_domain_or_server_ip;

    # ... SSL configuration

    gzip on;
    gzip_comp_level 4;
    gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;

    # ... rest of the configuration
}

Implement HSTS

Enhance security with HTTP Strict Transport Security (HSTS):

server {
    listen 443 ssl http2;
    server_name your_domain_or_server_ip;

    # ... SSL configuration

    add_header Strict-Transport-Security "max-age=31536000" always;

    # ... rest of the configuration
}

Configure Firewall

Some usefull connection which You may want to allow

sudo ufw allow 80
sudo ufw allow 443
ufw allow www
sudo ufw reload
ufw allow http
ufw allow https

Regular Backups:

Implement regular backups of your Django project and database.

Monitoring and Logging:

Configure monitoring tools like New Relic or Sentry for performance monitoring and error tracking.

Custom Domain Configuration:

If using a custom domain, configure DNS settings accordingly.

Remember to adapt these configurations to your specific project and server setup. Always test your changes in a safe environment before applying them to a production server.

Free Source Code.

Quiz Management System using Django | Python | Free Source Code

Django Quiz is an engaging quiz application crafted with Django and Python. Dive into a world of knowledge with a wide…

codzap.medium.com

More View

Python Django Free Source Code | codzap.com

Unlock the full potential of your web applications with our expert web development services using Python, Django, PHP…

syscrews.medium.com