Documentation ⇦ Go Back
  1. Documentation
  2. /
  3. Modules
  4. /
  5. Server Configuration

Server Configuration

The following topics describe the server configuration following the work flow to do so:

  • The WebAppDev repository was cloned to the virtual machine

Gunicorn

  • A service of gunicorn was created to run the web application using gevent on the same address and port of socket instanced on the web application. The file is located in /etc/systemd/system/webapp.service
[Unit]
Description=Gunicorn instance to serve PEI2021_NAP project 
After=network.target

[Service]
User=root
Group=www-data
WorkingDirectory=/atcll-webapp-flask
Environment="PATH=/atcll-webapp-flask/venv/bin"
ExecStart=/atcll-webapp-flask/venv/bin/gunicorn '__init__:create_app()' -k gevent --worker-connections 1000 --bind 0.0.0.0:5000

[Install]
WantedBy=multi-user.target

It’s important to mention the gunicorn run atributes (gunicorn ‘init:create_app()’ -k gevent –worker-connections 1000 –bind 0.0.0.0:5000)

  • gevent –worker-connections 1000 These attributes allow for the server to handle multiple requests and use server sent envents
  • –bind=“0.0.0.0:5000” Indicates gunicorn the address and port the app and socket is running, NEEDS TO BE THE SAME AS THE ONE IN THE NGINX CONFIGURATION FILE
  • 'init:create_app()' Indicates gunicorn the name and attribute of the flask web application

We need to run the webapp service, so it will always be running using sudo systemctl start webapp

NGINX

We then need to configure the NGINX reverse proxy server, we need to link the local gunicorn and redirect it to the dev.aveiro-open-lab.pt.

  • The file is located in /etc/nginx/sites-available/webapp

We start the file by pointing the / in the server to the local web app (0:0:0:0:5000)

server{
	server_name dev.aveiro-open-lab.pt;

	location / {
            include proxy_params;
	    proxy_pass http://0.0.0.0:5000;
	    proxy_buffering off;
    	    proxy_cache off;
            proxy_set_header Host $host;
            proxy_set_header Connection '';
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	    proxy_http_version 1.1;
            chunked_transfer_encoding off;
        }

The rest of the file was generated by certbot so we can have the webapp running on https

    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/dev.aveiro-open-lab.pt/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/dev.aveiro-open-lab.pt/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}
server{
if ($host = dev.aveiro-open-lab.pt) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


        listen 80;
        server_name dev.aveiro-open-lab.pt;
    return 404; # managed by Certbot

}

We need to run the nginx service, so it will always be running using sudo systemctl start nginx