Я пытаюсь подключиться к платежному API, и я изолировал проблему с моей конфигурацией nginx, так как API отлично работает на localhost.API работает, когда success_redirect_url является http, но возвращает ошибку 502 с https.
Кто-нибудь знает, почему адрес https возвращается с ошибкой 502 nginx?
views.py:
client = gocardless_pro.Client(
# We recommend storing your access token in an
# environment variable for security
access_token=settings.ACCESS_TOKEN,
# Change this to 'live' when you are ready to go live.
environment='live'
)
redirect = client.redirect_flows.create(
params={
"description" : "Add your investment amount on the next page", # This will be shown on the payment pages
"session_token" : "t3s7", # Not the access token
"success_redirect_url" : "https://www.custodian.fund/subscription/index",
"prefilled_customer": {
"email": current_user.email
}
}
)
default.conf:
upstream custodian {
# The web application.
server custodian:8000;
}
# # # In case you want 'www' addresses to be automatically redirected without 'www'.
# # server {
# # listen 80;
# # listen 443;
# # server_name www.custodian.fund;
# # return 301 https://custodian.fund$request_uri;
# # }
server {
listen 80;
server_name custodian.fund www.custodian.fund;
# server_name custodian.fund www.custodian.fund;
root /var/www/letsencrypt;
location /.well-known/acme-challenge/ {
default_type "text/plain";
try_files $uri =404;
}
location / {
return 301 https://custodian.fund$request_uri;
}
}
# All http traffic will get redirected to SSL.
#return 307 https://$host$request_uri;
#}
# # server {
# # listen 80 default_deferred;
# # server_name custodian.fund;
# # # All http traffic will get redirected to SSL.
# # return 307 https://custodian.fund$request_uri;
# # }
# # server {
# # listen 443 ssl;
# # server_name www.custodian.fund;
# # return 301 https://custodian.fund$request_uri;
# # }
server {
# "deferred" reduces the number of formalities between the server and client.
listen 443 ssl;
server_name custodian.fund;
# Static asset path, which is read from the custodian container's VOLUME.
root /custodian/static;
# Ensure timeouts are equal across browsers and raise the max content-length size.
keepalive_timeout 60;
client_max_body_size 5m;
# SSL goodness.
ssl on;
ssl_certificate /etc/ssl/private/insecure.pem;
ssl_certificate_key /etc/ssl/insecure.key;
ssl_trusted_certificate /etc/ssl/private/insecure.pem;
# ssl_certificate /etc/ssl/private/custodian.fund.pem;
# ssl_certificate_key /etc/ssl/custodian.fund.key;
# ssl_trusted_certificate /etc/ssl/private/custodian.fund.pem;
ssl_certificate
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";
ssl_dhparam /etc/ssl/dhparam.pem;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:50m;
ssl_session_timeout 5m;
ssl_stapling on;
ssl_stapling_verify on;
resolver 8.8.8.8;
resolver_timeout 5s;
add_header Strict-Transport-Security "max-age=31536000; includeSubdomains;";
# ssl_certificate /etc/ssl/certs/productionexample.crt;
# ssl_certificate_key /etc/ssl/private/productionexample.key;
# Disallow access to hidden files and directories.
location ~ /\. {
return 404;
access_log off;
log_not_found off;
}
# Allow optionally writing an index.html file to take precedence over the upstream.
try_files $uri $uri/index.html $uri.html @custodian;
# Attempt to load the favicon or fall back to status code 204.
location = /favicon.ico {
try_files /favicon.ico = 204;
access_log off;
log_not_found off;
}
# Load the web app back end with proper headers.
location @custodian {
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_redirect off;
proxy_pass http://custodian;
}
}