How to deploy streamlit in Ubuntu server with https (ssl) without using any tool like docker, nginx, etc?
I am new to this and not able to figure how to get the ssl done for the streamlit app as its shows not secure on the address bar. So is there any way to put the ssl cert, ssl key (cert.pem file) with the streamlit app script so that the ssl is achieved?
Hi @Zohaib, welcome to the Streamlit community!
What’s your use case for wanting to avoid using Apache/nginx or other tools? From a basic separation-of-concerns perspective, it doesn’t make a lot of sense for Streamlit to roll our own functionality like this since industry-standard webserver solutions already exist.
Best,
Randy
Hi,
Yes, agree on the available options but is there still a way to incorporate ssl into streamlit as those tools are restricted for usage?.
And even when the app is run with nohup the process gets automatically killed not sure why. Is there any better way to serve the app on production?
Thanks
There isn’t as far as I know.
If your app is crashing, then the first thing to do is figure out why. Have you checked your logs to see if they are reporting anything?
How to configure ssl for the streamlit app through nginx?
Is there any sample nginx configuration file I can consume???..
Thanks
Some users have been having success with the values in this thread:
As I am new to nginx I am not sure how to use it so it would be helpful if you could provide me a consumable ngix config file.
Thanks
I mean to say a proper listed steps to be followed in order to achieve it.
I have used the following configuration to set it up on my Orgs internal network with Azure ad authentication. People can access it by logging in to https://myipaddress
#user nobody;
worker_processes 1;
error_log logs/error.log;
error_log logs/error.log notice;
error_log logs/error.log info;
pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
server {
listen 1776 ssl;
listen 443 ssl;
server_name myipaddress;
ssl_certificate /etc/localhost.crt;
ssl_certificate_key /etc/localhost.key;
ssl_ciphers HIGH:!aNULL:!MD5;
error_page 497 400 301 =307 https://myipaddress:1776$request_uri;
location /oauth2{
proxy_pass http://localhost:4180;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Scheme $scheme;
proxy_set_header X-Auth-Request-Redirect $request_uri;
proxy_connect_timeout 1;
proxy_send_timeout 30;
proxy_read_timeout 30;
}
location = /favicon.ico {
return 204;
access_log off;
log_not_found off;
}
location = /favicon.png {
return 204;
access_log off;
log_not_found off;
}
location / {
auth_request /oauth2/auth;
error_page 401 = /oauth2/sign_in;
auth_request_set $token $upstream_http_x_auth_request_access_token;
proxy_set_header X-Access-Token $token;
proxy_pass_header Server;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_set_header X-Scheme $scheme;
# proxy_set_header Host $host;
# proxy_redirect http://localhost:1776/oauth2/ http://myipaddress:1776/oauth2/;
location /healthz {
proxy_set_header Host $http_host;
proxy_pass http://localhost:8502/healthz;
}
location /stream {
proxy_pass http://localhost:8502/stream;
proxy_http_version 1.1;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header Connection "Upgrade";
proxy_set_header Upgrade $http_upgrade;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_read_timeout 86400;
}
proxy_pass http://localhost:8502/;
}
location ^~ /static {
proxy_pass http://localhost:8502/static/;
}
location ^~ /html {
proxy_pass http://localhost:8502/html/;
}
location ^~ /vendor {
proxy_pass http://localhost:8502/vendor;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
}These cookies are necessary for the website to function and cannot be switched off. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms.
These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us understand how visitors move around the site and which pages are most frequently visited.
These cookies are used to record your choices and settings, maintain your preferences over time and recognize you when you return to our website. These cookies help us to personalize our content for you and remember your preferences.
These cookies may be deployed to our site by our advertising partners to build a profile of your interest and provide you with content that is relevant to you, including showing you relevant ads on other websites.