RESTful and HTTP APIs in Pyramid Transcripts
Chapter: Deploying your REST service to DigitalOcean on Ubuntu
Lecture: Configuring nginx

Login or purchase this course to watch this video and the rest of the course contents.
0:01 Okay now let's go ahead and do a little more set up with μwsgi, I realized we forgot one thing, we'll come back to this
0:09 maybe at the end I guess, we need to set it up as a system service. So, now what we're going to do is we're going to set up nginx,
0:14 we already have it installed on the server, and you can double check by saying— oh yeah, we're still running μwsgi here,
0:21 you can say nginx-v and it will show you the version, okay. So it's there, but if we actually go to it, if we do something like http local host
0:30 it'll say something like yeey, welcome to nginx, that is not what we want it to say, we want it to say here's your api documentation
0:39 and welcome screen, and so on. So in order to do that, what we need to do is we want to take away the default website
0:46 so we're going to go over here and remove that and then we want to copy this file that I'm going to show you in a second,
0:52 we want to copy it down to sites available, so what is that, now over here we have sites available auto service nginx,
1:01 now, notice it's got a little green thing here a little icon for nginx, that's because I accepted a plugin suggestion that PyCharm had saying
1:09 hey we could understand this for you and give you highlighted nginx files, and I named it .nginx, so that kind of gave it a hint.
1:16 So what we're going to do is have it listen here all right, going to listen on auto_service.talkpython.fm,
1:22 and I'd prefer that it doesn't give extra information about server, version, stuff like that, right less information for hackers,
1:30 I'd prefer that it does a lot less still, but this is a little bit of an improvement
1:35 some random stuff, so we've got our server and we're listening on a port. Okay, now it gets interesting, down here the static files
1:41 will no longer go through pyramid at all or μwsgi, these will be served directly from μwsgi,
1:48 now this path is wrong, let's say cd static, ok that's the right one, so let's take this huge long path and put that here
2:00 so we can alias/static in the web request to this long thing and say we're going to cache that for a year right
2:07 so this is great because this means all the static requests for like javascript, css and whatnot, never even touch our server, right.
2:14 Now, granted in an api this matters less, but still we'll probably be serving up some form of HTML pages and we want to set it up this way, okay.
2:23 And then we want to say local host, just when you listen like straight to / we're going to go down to this area
2:29 that's basically going to delegate to μwsgi, ok, how do I know— come down here to the final section include μwsgi parameters,
2:37 sometimes extra information does not get passed along like what is the real ip address, a lot of times it will look like 127.0.0.1
2:45 to μwsgi, because it's like coming from nginx on that machine, so you can pass this extra info along and then we'll just do proxy pass over to this
2:55 that should be very familiar from μwsgi, right, so internally when I make a request here, we could also set up a socket
3:01 but it's easier just to do it this way, there's permissions on socket files and things like that on sockets. Okay, so this looks like it's ready to go,
3:09 I think I have to push those changes up to the server so now we can do a git pull, make sure we got that copied over;
3:19 okay, so the last thing we need to do is actually put that in a place nginx can find,
3:23 so I'm going to copy like this, just copied to etc nginx, sites available, okay great, now we want to make sure that both nginx and μwsgi
3:35 start on system boot, so we can do this here to say enable nginx, or update the files and here we also want to enable μwsgi.
3:47 What did I call that, something different— oh, I don't think, I don't know if I've copied this over, let's try I think that's the deal,
3:59 where is the cp, there we go, so missed the step, I forgot to copy the service definition for system d, for μwsgi,
4:08 so now that's over there, ok so it looks like we're in good shape let's see if we can first start this, okay,
4:17 that didn't give us any errors, so that's pretty good we can actually ask for the status and see all the children processes running there
4:25 this is good right, it looks like it's working, you can see the output log where it got everything going, starting, starting, good.
4:30 So it looks like nothing is broken there, so we could also do one more test, do a request against 8999, also working
4:38 so very good chance that our automatic starting service for μwsgi is working. We need the same thing for nginx, so now we're going to come over here
4:46 and say service start, for nginx, okay it may have already been running so let me restart it, in fact it was out already running,
4:55 so now here's the big test, local host, if that comes up with errors, we still have work to do
5:02 if that comes up with welcome to nginx, we still have work to do; if on the other hand it gives us our welcome page, from our site we're in business.
5:10 It looks like we might have some work to do, what do you think— okay, I realize there's one little mistake I also needed to add here
5:18 and I needed to copy this configuration over to sites enabled, as well, or instead actually I'm not sure anymore because it's in both,
5:28 but copy this in addition to sites available to sites enabled, restarted nginx
5:33 and now if we do http local host ta-da, things are working beautifully, okay, so here is the final, final step, what do we tell nginx,
5:44 that it's supposed to listen to, let me pull this up really quick, so we told it it's supposed to listen to auto_service.talkpython.fm
5:53 well you want to try that and see what we get— no way is that working, why? Because we haven't set that up in dns,
6:03 now normally, you would go set this up in your dns settings or whatever, but instead what I'm going to do is while we're still in like test mode,
6:10 I'm going to just jam it down here and actually you can see already did this, I just gave it the wrong ip the address,
6:17 so let's go over here, now we could go and take this ip address right there and use it— don't do that, go set up a floating ip address,
6:25 so we'll come over here and we'll say I'd like to create a floating ip, I'd like to take this one, and I'd like to assign a floating ip address,
6:32 now I'm not really going to do this, because then I'll have to go and clean it up afterwards, but you click this button
6:38 it gives you an ip address just like this right here, and you just copy it, but because I don't really want to mess up my system
6:43 I'm just going to go back here and use the real ip address right, but, you understand this is not how you normally do it.
6:49 Okay, so now we don't need this, okay, so we should be able to actually leave our server, close this off
6:57 and now let's try one more time, where do we want to go to auto test let's try it over here, ok so try again, ta-da, look at that
7:07 so here on my mac I'm talking to you my server I just set up, running nginx, talking to μwsgi, and it's master mode
7:14 all the way down in San Francisco. Perfect. So let's go over here and do a get, I must specify an authorization header
7:20 well let's go back to postmen and talk to it. When we have that running, let's go ssh back, now I could use the full name auto_service.talkpython.fm
7:32 now we're logged in, so let's go over here and we can actually look at the log file, okay,
7:41 so here it is, I'll clean it up, now when we do these requests we should see those start coming in, so where do we want to go, let me copy the url,
7:50 and now we're going to go do a post to create a car this is going to be Opel for real, so we should create this one,
7:59 do ascend, there you go, boom we did a post to the server and we in 57 milliseconds generated the response after inserting into the database,
8:08 let's go over here and change the url again, actually I'll just create a new one, make a request, and what have we returned, 403 forbidden, right
8:17 must specify an authorization header, I dropped that let's go get our little auth header here, we should be able to do a get,
8:27 maybe if I can spell right, authorization, there we go, now we got our response back, do one more time,
8:35 so check this out, 403, 403, now we generated somewhere a 200, here, it's wrapping, 200 over here, very quickly
8:43 very nice response time, again let me click this a bunch of times, I told you about the different servers not necessarily being warmed up for this,
8:51 now 10 milliseconds, 9 milliseconds, that is a very solid response time, we have about 40 thousand cars in there,
8:58 and so this is going through and finding a certain number of them, it's taking the I think 10 cars or 25 cars whatever it is
9:06 and doing formatter on it to turn it into json and shipping it across the wire, and there it is, all right.
9:13 So hopefully, that seems pretty easy for you to set up the servers here, right, now if you have to come up with all of this on your own,
9:19 not so easy, if you have the script right, run through this script, copy these two files, fill in the missing pieces, the path and stuff,
9:27 I can tell you it's pretty easy, I've set up quite a number of servers sort of following along the script and it's worked out really well,
9:33 this more or less is how I have my main websites that I use all set up on Digital Ocean as well.


Talk Python's Mastodon Michael Kennedy's Mastodon