Deploy with Nginx and HTTPS

It took me a couple days to figure out how to get Streamlit running on my Ubuntu server behind an Nginx reverse proxy with HTTPS, so I wanted to share how I did it and maybe I can save someone else some headache.

This is what my Nginx configuration file looks like. It’s located at /etc/nginx/sites-available/ and linked from /etc/nginx/sites-enabled/

server {
        root /var/www/;

        location / {
                proxy_set_header Host $http_host;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header X-Forwarded-Proto $scheme;
                proxy_redirect off;
                proxy_http_version 1.1;

                proxy_set_header Upgrade $http_upgrade;
                proxy_set_header Connection "upgrade";
                proxy_read_timeout 86400;

    listen [::]:443 ssl; # managed by Certbot
    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

server { # managed by Certbot
    if ($host = { # managed by Certbot
        return 301 https://$host$request_uri; # managed by Certbot
    } # managed by Certbot

        listen 80; # managed by Certbot
        listen [::]:80; # managed by Certbot

        server_name; # managed by Certbot
    return 404; # managed by Certbot
} # managed by Certbot

Note that the lines with the “Certbot” comments were generated for me by Certbot. Here’s a great Digital Ocean guide on that.

Then, I created the following file at ~/.streamlit/config.toml:

serverPort = 443
serverAddress = ""
gatherUsageStats = false
1 Like

And does your streamlit server boot on systems boot? or you have to manually start it with something like “streamlit run”??

This seems close to what I need. Thanks for sharing. I am trying to http://localhost:8501 to httpS//localhost:8501. Could you help me, what do I need to change?

Hi, I’m working on a similar problem, I have two Docker containers, one which runs nginx and one running streamlit. I tried to do the reverse proxy approach I read here and there with no success. My app is indeed running but only on HTTP. Where should I put this configuration file you shared. And thanks for sharing btw!

This does not work i get an error saying

400 Bad Request

The plain HTTP request was sent to HTTPS port

nginx/1.18.0 (Ubuntu)

Hey Streamlit Community - I’ve followed along multiple examples but still haven’t been able to create the secure connection. Has anyone figured out a streamlined way to achieve this secure HTTPS connection yet? Has anyone tried 3rd party services like localtunnel, ngrok, etc…?

EC2 - Ubuntu - Nginx