Deploy with Nginx and HTTPS

🚀 Deployment
,
1

It took me a couple days to figure out how to get Streamlit running on my Ubuntu server behind an Nginx reverse proxy with HTTPS, so I wanted to share how I did it and maybe I can save someone else some headache.

This is what my Nginx configuration file looks like. It’s located at /etc/nginx/sites-available/mydomain.com and linked from /etc/nginx/sites-enabled/mydomain.com.

server {
        server_name mydomain.com;
        root /var/www/mydomain.com/html;

        location / {
                proxy_pass http://127.0.0.1:8501;
                proxy_set_header Host $http_host;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header X-Forwarded-Proto $scheme;
                proxy_redirect off;
                proxy_http_version 1.1;

                proxy_set_header Upgrade $http_upgrade;
                proxy_set_header Connection "upgrade";
                proxy_read_timeout 86400;
        }

    listen [::]:443 ssl; # managed by Certbot
    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/calle.xwx.mx/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/calle.xwx.mx/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}
server { # managed by Certbot
    if ($host = mydomain.com) { # managed by Certbot
        return 301 https://$host$request_uri; # managed by Certbot
    } # managed by Certbot

        listen 80; # managed by Certbot
        listen [::]:80; # managed by Certbot

        server_name calle.xwx.mx; # managed by Certbot
    return 404; # managed by Certbot
} # managed by Certbot

Note that the lines with the “Certbot” comments were generated for me by Certbot. Here’s a great Digital Ocean guide on that.

Then, I created the following file at ~/.streamlit/config.toml:

[browser]
serverPort = 443
serverAddress = "mydomain.com"
gatherUsageStats = false
1 Like
2

And does your streamlit server boot on systems boot? or you have to manually start it with something like “streamlit run your_app.py”??

3

This seems close to what I need. Thanks for sharing. I am trying to http://localhost:8501 to httpS//localhost:8501. Could you help me, what do I need to change?

4

Hi, I’m working on a similar problem, I have two Docker containers, one which runs nginx and one running streamlit. I tried to do the reverse proxy approach I read here and there with no success. My app is indeed running but only on HTTP. Where should I put this configuration file you shared. And thanks for sharing btw!

5

This does not work i get an error saying

400 Bad Request

The plain HTTP request was sent to HTTPS port

nginx/1.18.0 (Ubuntu)

6

Hey Streamlit Community - I’ve followed along multiple examples but still haven’t been able to create the secure connection. Has anyone figured out a streamlined way to achieve this secure HTTPS connection yet? Has anyone tried 3rd party services like localtunnel, ngrok, etc…?

EC2 - Ubuntu - Nginx

8

This topic was automatically closed 365 days after the last reply. New replies are no longer allowed.