AWS Elastic Beanstalk: Connection Refused
I have deployed my django app to AWS Elastic Beanstalk, using the Docker platform. I have created a postgresql database with RDS, issued an EC2 connection from this database to the EC2 instance my Elastic Beanstalk is running on (ensuring it is part of the same VPC and subnets).
The root volume for my Elastic Beanstalk container is gp3 with IMDSv1 disabled.
I have assigned two security groups, one of them contains the following settings to allow for connections through NGINX and to my database:
The other is the default security group.
All environment variables are configured, including those required for access to my RDS Database, and AWS Access Keys for S3 buckets.
However, when I go to the Elastic Beanstalk provided domain, I am shown a page saying "This site can't be reached. Connection refused".
I am unsure if this may be related to my docker-compose file (something to do with networking or ports perhaps) which looks as follows:
version: '3.8'
services:
web:
build:
context: .
dockerfile: Dockerfile
restart: always
volumes:
- media-data:/usr/src/media
- static-volume:/usr/src/staticfiles
command: gunicorn APPNAME.wsgi:application --bind 0.0.0.0:8000 -w 3 --timeout 120
ports:
- "8000:8000"
environment:
DJANGO_SETTINGS_MODULE: "APPNAME.settings"
AWS_REGION: ${AWS_REGION}
env_file: .env
nginx:
build: ./nginx
volumes:
- static-volume:/usr/src/staticfiles
- media-data:/usr/src/media
ports:
- "8080:80"
depends_on:
- web
volumes:
media-data:
static-volume:
My nginx.conf is:
# Upstream configuration for the Gunicorn server
upstream APPNAME {
server web:80; # Points to the web service running Gunicorn
}
server {
listen 80;
server_name localhost;
# Serve static files
location /static/ {
alias /usr/src/staticfiles/; # Static files volume
access_log /var/log/nginx/static_access.log;
error_log /var/log/nginx/static_error.log;
expires max;
add_header Cache-Control "public";
}
# Serve media files
location /media/ {
alias /usr/src/media/; # Media files volume
access_log /var/log/nginx/media_access.log;
error_log /var/log/nginx/media_error.log;
autoindex on;
}
# Proxy all other requests to the Django application
location / {
proxy_pass http://APPNAME;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# Increase timeouts for long-running requests
proxy_read_timeout 300;
proxy_connect_timeout 300;
proxy_send_timeout 300;
# Prevent buffering for real-time responses
proxy_buffering off;
}
# Log file configuration
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
# Set client max body size for file uploads
client_max_body_size 100M;
# Add security headers
add_header X-Content-Type-Options nosniff;
add_header X-Frame-Options SAMEORIGIN;
add_header X-XSS-Protection "1; mode=block";
}
It is also worth noting that I have added the Elastic Beanstalk domain to ALLOWED_HOSTS
& CSRF_TRUSTED_ORIGINS
in my settings.py
By examining the logs, I can see my docker container is running, migrations and staticfiles have been applied, and it is listening on http://0.0.0.0:8000
.
How can I make the site accessible / what configurations need changing or adding to do so?