RESTful and HTTP APIs in Pyramid Transcripts
Chapter: Deploying your REST service to DigitalOcean on Ubuntu
Lecture: Configuring nginx

Login or purchase this course to watch this video and the rest of the course contents.
0:01 Okay now let's go ahead and do a little more set up with μwsgi,
0:05 I realized we forgot one thing, we'll come back to this
0:08 maybe at the end I guess, we need to set it up as a system service.
0:10 So, now what we're going to do is we're going to set up nginx,
0:13 we already have it installed on the server,
0:15 and you can double check by saying—
0:18 oh yeah, we're still running μwsgi here,
0:20 you can say nginx-v and it will show you the version, okay.
0:23 So it's there, but if we actually go to it, if we do something like http local host
0:29 it'll say something like yeey, welcome to nginx,
0:32 that is not what we want it to say,
0:35 we want it to say here's your api documentation
0:38 and welcome screen, and so on.
0:40 So in order to do that, what we need to do is
0:42 we want to take away the default website
0:45 so we're going to go over here and remove that
0:47 and then we want to copy this file that I'm going to show you in a second,
0:51 we want to copy it down to sites available,
0:54 so what is that, now over here we have sites available auto service nginx,
1:00 now, notice it's got a little green thing here a little icon for nginx,
1:03 that's because I accepted a plugin suggestion that PyCharm had saying
1:08 hey we could understand this for you and give you highlighted nginx files,
1:11 and I named it .nginx, so that kind of gave it a hint.
1:15 So what we're going to do is have it listen here
1:18 all right, going to listen on auto_service.talkpython.fm,
1:21 and I'd prefer that it doesn't give extra information about server, version,
1:26 stuff like that, right less information for hackers,
1:29 I'd prefer that it does a lot less still, but this is a little bit of an improvement
1:34 some random stuff, so we've got our server and we're listening on a port.
1:37 Okay, now it gets interesting, down here the static files
1:40 will no longer go through pyramid at all or μwsgi,
1:44 these will be served directly from μwsgi,
1:47 now this path is wrong, let's say cd static, ok that's the right one,
1:55 so let's take this huge long path and put that here
1:59 so we can alias/static in the web request to this long thing
2:04 and say we're going to cache that for a year right
2:06 so this is great because this means all the static requests
2:09 for like javascript, css and whatnot, never even touch our server, right.
2:13 Now, granted in an api this matters less, but still
2:16 we'll probably be serving up some form of html pages
2:20 and we want to set it up this way, okay.
2:22 And then we want to say local host, just when you listen like straight to /
2:26 we're going to go down to this area
2:28 that's basically going to delegate to μwsgi, ok,
2:31 how do I know— come down here to the final section
2:34 include μwsgi parameters,
2:36 sometimes extra information does not get passed along
2:39 like what is the real ip address, a lot of times it will look like 127.0.0.1
2:44 to μwsgi, because it's like coming from nginx on that machine,
2:48 so you can pass this extra info along
2:50 and then we'll just do proxy pass over to this
2:54 that should be very familiar from μwsgi, right,
2:57 so internally when I make a request here, we could also set up a socket
3:00 but it's easier just to do it this way, there's permissions
3:02 on socket files and things like that on sockets.
3:05 Okay, so this looks like it's ready to go,
3:08 I think I have to push those changes up to the server
3:13 so now we can do a git pull, make sure we got that copied over;
3:18 okay, so the last thing we need to do is actually put that in a place nginx can find,
3:22 so I'm going to copy like this, just copied to etc nginx, sites available,
3:27 okay great, now we want to make sure that both nginx and μwsgi
3:34 start on system boot, so we can do this here to say enable nginx,
3:39 or update the files and here we also want to enable μwsgi.
3:46 What did I call that, something different—
3:51 oh, I don't think, I don't know if I've copied this over,
3:55 let's try I think that's the deal,
3:58 where is the cp, there we go, so missed the step,
4:02 I forgot to copy the service definition for system d, for μwsgi,
4:07 so now that's over there, ok so it looks like we're in good shape
4:12 let's see if we can first start this, okay,
4:16 that didn't give us any errors, so that's pretty good
4:19 we can actually ask for the status
4:21 and see all the children processes running there
4:24 this is good right, it looks like it's working, you can see the output log
4:26 where it got everything going, starting, starting, good.
4:29 So it looks like nothing is broken there,
4:32 so we could also do one more test, do a request against 8999, also working
4:37 so very good chance that our automatic starting service for μwsgi is working.
4:42 We need the same thing for nginx, so now we're going to come over here
4:45 and say service start, for nginx, okay it may have already been running
4:51 so let me restart it, in fact it was out already running,
4:54 so now here's the big test, local host,
4:57 if that comes up with errors, we still have work to do
5:01 if that comes up with welcome to nginx, we still have work to do;
5:04 if on the other hand it gives us our welcome page,
5:07 from our site we're in business.
5:09 It looks like we might have some work to do,
5:12 what do you think— okay, I realize
5:14 there's one little mistake I also needed to add here
5:17 and I needed to copy this configuration over to sites enabled, as well,
5:24 or instead actually I'm not sure anymore because it's in both,
5:27 but copy this in addition to sites available to sites enabled, restarted nginx
5:32 and now if we do http local host ta-da, things are working beautifully, okay,
5:37 so here is the final, final step, what do we tell nginx,
5:43 that it's supposed to listen to, let me pull this up really quick,
5:46 so we told it it's supposed to listen to auto_service.talkpython.fm
5:52 well you want to try that and see what we get— no way is that working, why?
5:59 Because we haven't set that up in dns,
6:02 now normally, you would go set this up in your dns settings or whatever,
6:05 but instead what I'm going to do is while we're still in like test mode,
6:09 I'm going to just jam it down here and actually you can see already did this,
6:13 I just gave it the wrong ip the address,
6:16 so let's go over here, now we could go and take this ip address right there and use it—
6:21 don't do that, go set up a floating ip address,
6:24 so we'll come over here and we'll say I'd like to create a floating ip,
6:27 I'd like to take this one, and I'd like to assign a floating ip address,
6:31 now I'm not really going to do this, because then I'll have to go
6:34 and clean it up afterwards, but you click this button
6:37 it gives you an ip address just like this right here,
6:39 and you just copy it, but because I don't really want to mess up my system
6:42 I'm just going to go back here and use the real ip address right,
6:45 but, you understand this is not how you normally do it.
6:48 Okay, so now we don't need this, okay,
6:52 so we should be able to actually leave our server, close this off
6:56 and now let's try one more time, where do we want to go to auto test
7:01 let's try it over here, ok so try again, ta-da, look at that
7:06 so here on my mac I'm talking to you my server I just set up,
7:10 running nginx, talking to μwsgi, and it's master mode
7:13 all the way down in San Francisco. Perfect.
7:15 So let's go over here and do a get, I must specify an authorization header
7:19 well let's go back to postmen and talk to it.
7:22 When we have that running, let's go ssh back,
7:25 now I could use the full name auto_service.talkpython.fm
7:31 now we're logged in, so let's go over here
7:35 and we can actually look at the log file, okay,
7:40 so here it is, I'll clean it up, now when we do these requests
7:44 we should see those start coming in,
7:47 so where do we want to go, let me copy the url,
7:49 and now we're going to go do a post to create a car
7:52 this is going to be Opel for real, so we should create this one,
7:58 do ascend, there you go, boom we did a post to the server
8:02 and we in 57 milliseconds generated the response after inserting into the database,
8:07 let's go over here and change the url again,
8:10 actually I'll just create a new one, make a request,
8:13 and what have we returned, 403 forbidden, right
8:16 must specify an authorization header, I dropped that
8:19 let's go get our little auth header here,
8:22 we should be able to do a get,
8:26 maybe if I can spell right, authorization, there we go,
8:31 now we got our response back, do one more time,
8:34 so check this out, 403, 403, now we generated somewhere a 200,
8:38 here, it's wrapping, 200 over here, very quickly
8:42 very nice response time, again let me click this a bunch of times,
8:46 I told you about the different servers not necessarily being warmed up for this,
8:50 now 10 milliseconds, 9 milliseconds, that is a very solid response time,
8:54 we have about 40 thousand cars in there,
8:57 and so this is going through and finding a certain number of them,
9:01 it's taking the I think 10 cars or 25 cars whatever it is
9:05 and doing formatter on it to turn it into json
9:08 and shipping it across the wire, and there it is, all right.
9:12 So hopefully, that seems pretty easy for you to set up the servers here, right,
9:15 now if you have to come up with all of this on your own,
9:18 not so easy, if you have the script right, run through this script,
9:23 copy these two files, fill in the missing pieces, the path and stuff,
9:26 I can tell you it's pretty easy, I've set up quite a number of servers
9:29 sort of following along the script and it's worked out really well,
9:32 this more or less is how I have my main websites that I use
9:36 all set up on Digital Ocean as well.