Python for the .NET developer Transcripts
Chapter: Deploying Python web apps
Lecture: Concept: nginx
0:00 Once we had uWSGI working
0:01 we wanted to serve that traffic to the broader internet.
0:05 And to do that, we brought in Nginx
0:07 and Nginx has config files that looks like this.
0:10 We set up a server.
0:11 We say the server's going to listen on Port 80
0:14 and it's going to listen
0:15 in this case, we're saying guitary.com.
0:18 I didn't want to go and buy a separate domain
0:20 so I said guitary.talkpython.com because that's easy to amend
0:24 just an existing domain DNS record
0:26 and get things to work.
0:27 And you put your domain name here
0:28 and you have many.
0:29 You could have like www.guitary.com and guitary.com.
0:34 You could set up a separate little server block
0:37 for www and redirect over to the bare one or vice-versa.
0:40 There's a lot of flexibility we're not going into here
0:42 but Nginx is really awesome
0:44 and it's easy, easy to do.
0:46 Put a few other factors in here.
0:47 Server Tokens Off means don't tell
0:49 everyone who wants to know all the details
0:51 about the version of your server and stuff.
0:54 I wish you could turn it off or make it lie
0:56 say some other random server
0:57 but I haven't figured out
0:58 how to do that yet, haven't really tried
1:00 but I don't see an obvious way to do it.
1:02 Anyway, this turns off some of the versioning info
1:04 in the response of every request
1:06 which is probably a good idea.
1:07 Then we're going to set up a couple of other blocks for URL.
1:11 So if you go to anything slash static slash whatever
1:15 we're going to just have Nginx
1:17 directly serve files out of the static folder
1:20 which is /apps/app_repo/apps/py/ch07_web
1:25 I think that should be a seven, not a Y
1:26 so ch7_web, guitary/static.
1:30 And we're going to say this stuff
1:32 is cached for 365 days or for a year.
1:37 So this is the first part.
1:38 You see there's a little ...
1:39 We'll get to that in a second
1:40 but when we get this file ready
1:42 to make it active so Nginx will work with it
1:44 we have to copy it to /etc/Nginx/sites-enabled
1:47 and then just its name: guitary.nginx.
1:50 Proceeding on with the dot, dot, dot
1:52 once we get through the static stuff
1:53 we say, Hey, if it's not /static
1:56 just do a request against our application here,
2:00 which is going to say proxy pass
2:02 over to local host Port 5000.
2:05 This is, Look, if it's not static
2:07 pass the request over to uWSGI and let it handle it.
2:12 You can see that we can set some other headers.
2:13 We can set Gzip which is a really nice thing for performance.
2:17 We're also setting uWSGI buffers
2:19 and uWSGI params, things like that.
2:22 So this is it. We basically configure Nginx to talk on Port 80
2:26 handle all the files but delegate the data driven requests
2:29 over to our application, like this.
2:32 Finally, we wanted to add
2:34 not just Port 80 but Port 443 with SSL.
2:37 You could completely do that here
2:40 indirectly in your Nginx file.
2:42 If you go and get an SSL certificate
2:45 you put it on your machine
2:46 you can put the right entry in here to set up SSL.
2:49 But we saw that it's much easier
2:50 to just install certbot from Lets Encrypt
2:54 and then run the right command
2:56 to have it reconfigure this existing domain
2:59 and it'll do all of the rewrites
3:01 of this file that you need over
3:03 not the original, probably, that you copied from
3:05 but etc/Nginx/sites-enabled/guitary.nginx
3:08 will be rewritten with all the stuff
3:11 that it needs to do basically SSL traffic over
3:14 that lets-encrypt certificate that gets auto-installed.
3:18 And that's it. We have our website all set up and running.
3:21 It's our own Linux machine.
3:22 We can do whatever we want with it at this point.