Python for the .NET Developer Transcripts
Chapter: Deploying Python web apps
Lecture: Concept: nginx

Login or purchase this course to watch this video and the rest of the course contents.
0:00 Once we had uWSGI working we wanted to serve that traffic to the broader internet. And to do that, we brought in Nginx
0:08 and Nginx has config files that looks like this. We set up a server. We say the server's going to listen on Port 80 and it's going to listen
0:16 in this case, we're saying guitary.com. I didn't want to go and buy a separate domain so I said guitary.talkPython.com because that's easy to amend
0:25 just an existing domain DNS record and get things to work. And you put your domain name here and you have many.
0:30 You could have like www.guitary.com and guitary.com. You could set up a separate little server block
0:38 for www and redirect over to the bare one or vice-versa. There's a lot of flexibility we're not going into here but Nginx is really awesome
0:45 and it's easy, easy to do. Put a few other factors in here. Server Tokens Off means don't tell everyone who wants to know all the details
0:52 about the version of your server and stuff. I wish you could turn it off or make it lie say some other random server but I haven't figured out
0:59 how to do that yet, haven't really tried but I don't see an obvious way to do it. Anyway, this turns off some of the versioning info
1:05 in the response of every request which is probably a good idea. Then we're going to set up a couple of other blocks for URL.
1:12 So if you go to anything slash static slash whatever we're going to just have Nginx directly serve files out of the static folder
1:21 which is /apps/app_repo/apps/py/ch07_web I think that should be a seven, not a Y so ch7_web, guitary/static. And we're going to say this stuff
1:33 is cached for 365 days or for a year. So this is the first part. You see there's a little ... We'll get to that in a second
1:41 but when we get this file ready to make it active so Nginx will work with it we have to copy it to /etc/Nginx/sites-enabled
1:48 and then just its name: guitary.nginx. Proceeding on with the dot, dot, dot once we get through the static stuff we say, Hey, if it's not /static
1:57 just do a request against our application here, which is going to say proxy pass over to local host Port 5000. This is, Look, if it's not static
2:08 pass the request over to uWSGI and let it handle it. You can see that we can set some other headers.
2:14 We can set Gzip which is a really nice thing for performance. We're also setting uWSGI buffers and uWSGI params, things like that.
2:23 So this is it. We basically configure Nginx to talk on Port 80 handle all the files but delegate the data driven requests
2:30 over to our application, like this. Finally, we wanted to add not just Port 80 but Port 443 with SSL. You could completely do that here
2:41 indirectly in your Nginx file. If you go and get an SSL certificate you put it on your machine you can put the right entry in here to set up SSL.
2:50 But we saw that it's much easier to just install certbot from Lets Encrypt and then run the right command to have it reconfigure this existing domain
3:00 and it'll do all of the rewrites of this file that you need over not the original, probably, that you copied from
3:06 but etc/Nginx/sites-enabled/guitary.nginx will be rewritten with all the stuff that it needs to do basically SSL traffic over
3:15 that lets-encrypt certificate that gets auto-installed. And that's it. We have our website all set up and running. It's our own Linux machine.
3:23 We can do whatever we want with it at this point.


Talk Python's Mastodon Michael Kennedy's Mastodon