2

How best do I host a Django web app on the same server but for two separate domains?

I have a Django web app, deployed with Apache+mod_wsgi, that I'd like to access through two separate domains (e.g. wwww.mydomain.com and www.otherdomain.com). Both domains share the same database and user accounts, but have domain-specific functionality (mostly aesthetic, showing a different template, graphics, some extra tools, etc).

Each domain also has its own SSL certificate. It's also possible for users to be bounced between domains (e.g. they start out on mydomain.com then they "enable" functionality that takes them to otherdomain.com).

At first I thought all I had to do was append the domains to the ServerAlias directive in my Apache conf file. e.g. ServerAlias *mydomain.com *otherdomain.com. However, I'm running into a few problems.

  1. If I'm reading this correctly, a single Apache section can only support a certificate for one domain (excluding wildcard certs for subdomains), so in order to support HTTPS on both domains I would need to duplicate my , swapping in the different cert info for the second domain.

  2. In order to properly track cookies, I need to set SESSION_COOKIE_DOMAIN and CSRF_COOKIE_DOMAIN to the domain being used. However, this can only be done once per settings.py, so outlined here, I need to create duplicate settings.py files (e.g. settings_mydomain.py and settings_otherdomain.py) as well as duplicate django.wsgi files, each using the appropriate settings module.

  3. With the default setup, if a user gets bounced from one domain to the other, they'll lose all their cookies, causing them to be logged out if they were logged in. I'm not sure how best to work around this. Since the user is being redirected by a Django view, at first I was thinking I could copy over the cookies, swapping out the old domain for the new one. Another thought is to copy the cookies to a database table, indexed with a one-use lookup hash (e.g. the same way Django does registration confirmations), and include this hash in the redirect, which the app would then use to lookup the cookies and set them in the client. Would either of these work?

Are there any better solutions to these 3 problems? Are there any other issues or problems I've overlooked?

Community
  • 1
  • 1
Cerin
  • 60,957
  • 96
  • 316
  • 522
  • are you using Django `sites`? – Yuval Adam Sep 20 '12 at 14:50
  • Good questions. With `sites` and separate settings files I think you're on the right track, and your last proposed solution for sessions sounds workable. I wouldn't suggest moving this post, but an analogous question on serverfault.com might pay off. – dokkaebi Sep 20 '12 at 16:46
  • @YuvalAdam, `django.contrib.sites`? Yes. – Cerin Sep 20 '12 at 17:13

1 Answers1

0

A quickfix would be to use multiple Apache Virtual Host blocks like

<VirtualHost ´your server IP here´:´server port´>
  ServerName mydomain.com
  WSGIDaemonProcess mydomain display-name=mydomain
  WSGIProcessGroup mydomain
  WSGIScriptAlias / /path/to/your/django/project/wsgi.py
  Alias /static /path/to/your/django/project/static/
</VirtualHost>

<VirtualHost ´your server IP here´:´server port´>
  ServerName otherdomain.com
  WSGIDaemonProcess otherdomain display-name=otherdomain
  WSGIProcessGroup otherdomain
  WSGIScriptAlias / /path/to/same/django/project/as/above/wsgi.py
  Alias /static /path/to/your/django/project/static/
</VirtualHost>

then use the value from HttpRequest.META SERVER_NAME as a folder separator in your template folder and when requesting a template, like

def my_server_sensitive_view(request):
  return render_to_response('%(SERVER_NAME)s/index.html' % request.META, 
    {"foo": "bar"})

If you need to separate content between the two sites but still need to possibility to cross publish between them, then using django.contrib.sites you will be able to set up multiple domains.

Tommy Strand
  • 1,384
  • 2
  • 14
  • 15