Deploy with Nginx and HTTPS

It took me a couple days to figure out how to get Streamlit running on my Ubuntu server behind an Nginx reverse proxy with HTTPS, so I wanted to share how I did it and maybe I can save someone else some headache.

This is what my Nginx configuration file looks like. It’s located at /etc/nginx/sites-available/mydomain.com and linked from /etc/nginx/sites-enabled/mydomain.com.

server {
        server_name mydomain.com;
        root /var/www/mydomain.com/html;

        location / {
                proxy_pass http://127.0.0.1:8501;
                proxy_set_header Host $http_host;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header X-Forwarded-Proto $scheme;
                proxy_redirect off;
                proxy_http_version 1.1;

                proxy_set_header Upgrade $http_upgrade;
                proxy_set_header Connection "upgrade";
                proxy_read_timeout 86400;
        }

    listen [::]:443 ssl; # managed by Certbot
    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/calle.xwx.mx/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/calle.xwx.mx/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}
server { # managed by Certbot
    if ($host = mydomain.com) { # managed by Certbot
        return 301 https://$host$request_uri; # managed by Certbot
    } # managed by Certbot

        listen 80; # managed by Certbot
        listen [::]:80; # managed by Certbot

        server_name calle.xwx.mx; # managed by Certbot
    return 404; # managed by Certbot
} # managed by Certbot

Note that the lines with the “Certbot” comments were generated for me by Certbot. Here’s a great Digital Ocean guide on that.

Then, I created the following file at ~/.streamlit/config.toml:

[browser]
serverPort = 443
serverAddress = "mydomain.com"
gatherUsageStats = false

And does your streamlit server boot on systems boot? or you have to manually start it with something like “streamlit run your_app.py”??