前提・実現したいこと
nginx・uWSGI・line-bot-sdkなどを用いて自宅サーバーからbotを公開したい
※以降ドメイン名mydomain.jpを使用しているものとします
発生している問題・エラーメッセージ
・自分のドメインを打ち込んでアクセスすると
400 Bad Request The plain HTTP request was sent to HTTPS port
と表示される
・systemctlによるとnginx/uwsgiともにactive(running)となるがnginxは以下の警告が出る
Sep 29 00:16:11 ubuntu nginx[4383]: nginx: [warn] the "ssl" directive is deprecated, use the "listen ... ssl" directive instead in /etc/nginx/conf.d/linebot.conf:5 Sep 29 00:16:11 ubuntu nginx[4383]: nginx: [warn] conflicting server name "mydomain.jp" on 0.0.0.0:443, ignored Sep 29 00:16:11 ubuntu nginx[4384]: nginx: [warn] the "ssl" directive is deprecated, use the "listen ... ssl" directive instead in /etc/nginx/conf.d/linebot.conf:5 Sep 29 00:16:11 ubuntu nginx[4384]: nginx: [warn] conflicting server name "mydomain.jp" on 0.0.0.0:443, ignored
・また、当然line bot は既読無視してきます
・なお、Heroku ngrok等環境では動作したのでmain.pyはあっている可能性が高いです
###データ構造
uwsgi
1├── apps-available 2│ ├── README 3│ └── vhosts.ini 4├── apps-enabled 5│ ├── mydomain.jp.ini -> /etc/uwsgi/apps-available/vhosts.ini 6│ └── README 7└── emperor.ini
nginx
1├── conf.d 2│ └── linebot.conf 3├── sites-available 4│ └── mydomain.jp.conf 5├── sites-enabled 6│ └── mydomain.jp.conf -> /etc/nginx/sites-available/mydomain.jp.conf 7. 8. 9.
/etc/systemd/system/uwsgi.service
該当のソースコード
python
1# main.py 2import os 3import re 4import pytz 5import datetime 6from random import randint 7 8 9from flask import Flask, request, abort 10from linebot import ( 11 LineBotApi, WebhookHandler 12) 13 14from linebot.exceptions import ( 15 InvalidSignatureError 16) 17from linebot.models import ( 18 MessageEvent, TextMessage, TextSendMessage 19) 20 21app = Flask(__name__) 22LINE_CHANNEL_ACCESS_TOKEN = os.environ["LINE_CHANNEL_ACCESS_TOKEN"] 23LINE_CHANNEL_SECRET = os.environ["LINE_CHANNEL_SECRET"] 24line_bot_api = LineBotApi(LINE_CHANNEL_ACCESS_TOKEN) 25handler = WebhookHandler(LINE_CHANNEL_SECRET) 26 27@app.route("/callback", methods=['POST']) 28def callback(): 29 signature = request.headers['X-Line-Signature'] 30 body = request.get_data(as_text=True) 31 app.logger.info("Request body: " + body) 32 try: 33 handler.handle(body, signature) 34 except InvalidSignatureError: 35 abort(400) 36 return 'OK' 37 38@handler.add(MessageEvent, message=TextMessage) 39''' 40省略 41''' 42 43if __name__ == "__main__": 44 port = int(os.getenv("PORT", 443)) 45 app.run(host="0.0.0.0", port=port)
nginx
1//linebot.conf 2server{ 3 listen 443; 4 server_name mydomain.jp; 5 6 ssl on; 7 ssl_protocols TLSv1.2 TLSv1.1 TLSv1; 8 ssl_ciphers ALL:!aNULL:!SSLv2:!EXP:!MD5:!RC4:!LOW:+HIGH:+MEDIUM; 9 ssl_certificate /etc/letsencrypt/live/mydomain.jp/fullchain.pem; 10 ssl_certificate_key /etc/letsencrypt/live/mydomain.jp/privkey.pem; 11 ssl_session_timeout 10m; 12 13 location / { 14 include uwsgi_params; 15 uwsgi_pass unix:///tmp/uwsgi.sock; 16 proxy_pass http://127.0.0.1:443/; 17 } 18}
nginx
1//mydomain.jp.conf 2server { 3 root /home/username/mydomain.jp; 4 location / { 5 try_files /resource/$uri @uwsgi; 6 } 7 location @uwsgi{ 8 include uwsgi_params; 9 uwsgi_pass unix:///var/run/uwsgi/mydomain.jp.sock; 10 uwsgi_connect_timeout 600s; 11 uwsgi_read_timeout 600s; 12 } 13 14 listen [::]:443 ssl ipv6only=on; # managed by Certbot 15 listen 443 ssl; # managed by Certbot 16 server_name mydomain.jp; 17 ssl_certificate /etc/letsencrypt/live/mydomain.jp/fullchain.pem; # managed by Certbot 18 ssl_certificate_key /etc/letsencrypt/live/mydomain.jp/privkey.pem; # managed by Certbot 19 include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot 20 ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot 21 22} 23 24 25server { 26 if ($host = mydomain.jp) { 27 return 301 https://$host$request_uri; 28 } # managed by Certbot 29 return 404; # managed by Certbot 30 31}
uwsgi
1//emperor.ini 2[uwsgi] 3 4emperor = /etc/uwsgi/apps-enabled 5uid = www-data 6gid = www-data 7logto = /var/log/uwsgi/uwsgi.log 8touch-logreopen = /var/log/uwsgi/touch-logreopen 9master = true 10vacuum = true 11ignore-sigpipe = true 12ignore-write-errors = true 13disable-write-exception = true
uwsgi
1 2//vhosts.ini 3[uwsgi] 4 5wsgi-file=/home/username/line-bot/main.py 6http=0.0.0.0:443 7 8plugins = python3 9chdir = /home/username/%n/uwsgi 10module = wsgi:application 11socket = /var/run/uwsgi/%n.sock 12chmod-socket = 644 13reload-mercy = 1 14processes = %k 15die-on-term = true 16py-autoreload = 1 17enable-threads = true 18threads = 8
//uwsgi.service [Unit] Description = uWSGI Emperor After = syslog.target [Service] ExecStartPre = -/bin/mkdir -p /var/log/uwsgi ExecStartPre = -/bin/chown -R www-data:www-data /var/log/uwsgi ExecStartPre = -/bin/mkdir -p /var/run/uwsgi ExecStartPre = -/bin/chown -R www-data:www-data /var/run/uwsgi ExecStart = /usr/bin/uwsgi --ini /etc/uwsgi/emperor.ini RuntimeDirectory=uwsgi Restart=always KillSignal=SIGQUIT Type=notify StandardError=syslog NotifyAccess=all [Install] WantedBy=multi-user.target
補足情報
https://qiita.com/waffle/items/dfd40f69d75b5be7afe7
https://qiita.com/hiro0236/items/84581c5e4481185d4a5c
こちらを参考にしましたが余り意味はわかってないです
ポート転送の設定は完了済みで、Hello nginx!も問題なくhttpsプロトコルで見ることが出来ました。設定ファイルをいじるまでは...
lineではhttps://mydomain.jp:443/callbackをウェブフックとして使用
uwsgi
1//var/log/uwsgi内の直近一日 2*** has_emperor mode detected (fd: 10) *** 3[uWSGI] getting INI configuration from mydomain.jp.ini 4*** Starting uWSGI 2.0.18-debian (64bit) on [Tue Sep 29 00:49:50 2020] *** 5compiled with version: 10.0.1 20200405 (experimental) [master revision 0be9efad938:fcb98e4978a:705510a708d3642c9c962beb663c476167e4e8a4] on 11 April 2020 11:15:55 6os: Linux-5.4.0-1019-raspi #21-Ubuntu SMP PREEMPT Mon Sep 14 07:20:34 UTC 2020 7nodename: ubuntu 8machine: aarch64 9clock source: unix 10pcre jit disabled 11detected number of CPU cores: 4 12current working directory: /etc/uwsgi/apps-enabled 13detected binary path: /usr/bin/uwsgi-core 14chdir() to /home/username/mydomain.jp/uwsgi 15chdir(): No such file or directory [core/uwsgi.c line 2623] 16Tue Sep 29 00:49:50 2020 - [emperor] curse the uwsgi instance mydomain.ini (pid: 5365) 17Tue Sep 29 00:49:50 2020 - [emperor] removed uwsgi instance mydomain.jp.ini
あなたの回答
tips
プレビュー