...
| Code Block |
|---|
sudo mkdir -p /tmp/django_cache sudo chown -R ni:www-data /tmp/django_cache sudo chmod -R g+w /tmp/django_cache sudo chown -R ni:www-data /var/opt/norduni/norduni/src/niweb/logs/ sudo chmod -R g+w /var/opt/norduni/norduni/src/niweb/logs/ |
Finally restart uwsgi
| Code Block |
|---|
$ sudo service uwsgi restart |
NGINX
Setup new dhparam file 2048 should suffice, but if you like you can go with 4096 instead:
...
| Code Block |
|---|
$ sudo vi /etc/nginx/sites-available/default # The following configuration should be a good start. # Remember certificates upstream django { server 127.0.0.1:8001; # for a web port socket } server { listen 80; listen [::]:80; server_name ni.nordu.net; return 301 https://$server_name$request_uri; } server { listen 443; listen [::]:443 default ipv6only=on; ## listen for ipv6 ssl on; ssl_certificate /etc/ssl/ni_nordu_net.crt; ssl_certificate_key /etc/ssl/ni_nordu_net.key; # https://cipherli.st ssl_prefer_server_ciphers on; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH"; ssl_session_cache shared:SSL:10m; ssl_ecdh_curve secp384r1; ssl_dhparam /etc/ssl/dhparams.pem; server_name ni.nordu.net; location /static/ { alias /var/opt/norduni/norduni/src/niweb/niweb/static/; autoindex on; access_log off; expires 30d; } location / { include /etc/nginx/uwsgi_params; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_redirect off; uwsgi_pass django; } } |
Then restart nginx (still remember to setup ssl certificates)
| Code Block |
|---|
$ sudo service nginx restart |
SAML SP
If you want to set up NOCLook as a SAML SP you need to install the following packages and Python modules.
...