I want to test running a local flask server (on port 5000) - used for receiving webhooks.
So I added a new proxy template (e.g. /usr/local/hestia/data/templates/web/nginx/flask-port-5000.tpl) with the following content:
server {
listen %ip%:%proxy_port%;
server_name %domain_idn% %alias_idn%;
error_log /var/log/%web_system%/domains/%domain%.error.log error;
include %home%/%user%/conf/web/%domain%/nginx.forcessl.conf*;
location ~ /\.(?!well-known\/|file) {
deny all;
return 404;
}
location / {
proxy_pass http://%ip%:5000;
location /error/ {
alias %home%/%user%/web/%domain%/document_errors/;
}
include %home%/%user%/conf/web/%domain%/nginx.conf_*;
}
Edited the domain I want to use and set:
Web-Vorlage APACHE2 to default
Backend-Vorlage PHP-FPM to no-php
Proxy-Vorlage to flask-port-5000
The first tests looking good
So the next question would be how to use flask with the ssl support?
- Which content the file flask-port-5000.stpl need to have?
Is this ok?
server {
listen %ip%:%proxy_ssl_port% ssl;
server_name %domain_idn% %alias_idn%;
error_log /var/log/%web_system%/domains/%domain%.error.log error;
ssl_certificate %ssl_pem%;
ssl_certificate_key %ssl_key%;
ssl_stapling on;
ssl_stapling_verify on;
# TLS 1.3 0-RTT anti-replay
if ($anti_replay = 307) { return 307 https://$host$request_uri; }
if ($anti_replay = 425) { return 425; }
include %home%/%user%/conf/web/%domain%/nginx.hsts.conf*;
location ~ /\.(?!well-known\/|file) {
deny all;
return 404;
}
location / {
proxy_pass https://%ip%:5000;
location /error/ {
alias %home%/%user%/web/%domain%/document_errors/;
}
proxy_hide_header Upgrade;
include %home%/%user%/conf/web/%domain%/nginx.ssl.conf_*;
}
The last question would be flask specific - how I should change the flask app so flask uses the hestia ssl certificates? Is this possible?
Thanks