Getting Django working with https using nginx gunicorn and unix sockets

Question

I've been trying to get my Django site setup with https using Let's Encrypt. I've been running this site without https for a little while so I know the basic configuration works without https but after setting up the https stuff I get a "Not Found The requested URL / was not found on this server" error. Here is my nginx configuration file:

server {
#listen 80;
listen 443 ssl;
server_name servernameredacted.com;

ssl_certificate /etc/letsencrypt/live/servernameredacted.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/servernameredacted.com/privkey.pem;

ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_dhparam /etc/ssl/certs/dhparam.pem;
   ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA';
ssl_session_timeout 1d;
ssl_session_cache shared:SSL:50m;
ssl_stapling on;
ssl_stapling_verify on;
add_header Strict-Transport-Security max-age=15768000;

location ~ /.well-known {
    allow all;
}

location /static {
    alias /home/ubuntu/sites/servernameredacted.com/static;
}

location / {
    proxy_set_header Host $http_host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_pass http://unix:/tmp/servernameredacted.com.socket;
}
}

server {
   listen 80;
   server_name servernameredacted.com;
   return 301 https://$host$request_uri;
}

and here is my gunicorn upstart file:

description "Gunicorn server for servernameredacted.com"

start on net-device-up
stop on shutdown

respawn

setuid ubuntu
chdir /home/ubuntu/sites/servernameredacted.com/source/servernameredacted

exec ../../virtualenv/bin/gunicorn \
        --bind unix:/tmp/servernameredacted.com.socket \
        servernameredacted.wsgi:application

If you can help me out I will write out the process for this in a tutorial for the rest of the web.

Please post your nginx and gunicorn error logs. – YPCrumble May 10 '16 at 22:15 — YPCrumble, May 10 '16 at 22:15
There is a missing ' in the ssl_ciphers line – e4c5 May 10 '16 at 22:36 — e4c5, May 10 '16 at 22:36

Anthony Ainsworth · Answer 1 · 2016-05-10T23:57:13.427

Well it turns out that I wasn't paying attention to the sites purpose and I was trying to access the root of the domain rather than the /admin area. This site had no root web pages, just an admin area so when I tried the admin area the whole thing just worked, as it should.

I used these web pages to figure this out:

Digital Ocean on Nginx and Let's Encrypt

Youtube video on: SSL for HTTPS with nginx

Other useful references:

Readthedocs for Gunicorn

Readthedocs for Letsencrypt

I'll leave this here to help others in the future...