flask/docs/deploying/wsgi-standalone.rst

.. _deploying-wsgi-standalone:

Standalone WSGI Containers
==========================

There are popular servers written in Python that contain WSGI applications and
serve HTTP.  These servers stand alone when they run; you can proxy to them
from your web server.  Note the section on :ref:`deploying-proxy-setups` if you
run into issues.

Gunicorn
--------

`Gunicorn`_ 'Green Unicorn' is a WSGI HTTP Server for UNIX. It's a pre-fork
worker model ported from Ruby's Unicorn project. It supports both `eventlet`_
and `greenlet`_. Running a Flask application on this server is quite simple::

    gunicorn myproject:app

`Gunicorn`_ provides many command-line options -- see ``gunicorn -h``.
For example, to run a Flask application with 4 worker processes (``-w
4``) binding to localhost port 4000 (``-b 127.0.0.1:4000``)::

    gunicorn -w 4 -b 127.0.0.1:4000 myproject:app

.. _Gunicorn: http://gunicorn.org/
.. _eventlet: http://eventlet.net/
.. _greenlet: http://greenlet.readthedocs.org/en/latest/

Gevent
-------

`Gevent`_ is a coroutine-based Python networking library that uses
`greenlet`_ to provide a high-level synchronous API on top of `libev`_
event loop::

    from gevent.wsgi import WSGIServer
    from yourapplication import app

    http_server = WSGIServer(('', 5000), app)
    http_server.serve_forever()

.. _Gevent: http://www.gevent.org/
.. _greenlet: http://greenlet.readthedocs.org/en/latest/
.. _libev: http://software.schmorp.de/pkg/libev.html

Twisted Web
-----------

`Twisted Web`_ is the web server shipped with `Twisted`_, a mature,
non-blocking event-driven networking library. Twisted Web comes with a
standard WSGI container which can be controlled from the command line using
the ``twistd`` utility::

    twistd web --wsgi myproject.app

This example will run a Flask application called ``app`` from a module named
``myproject``.

Twisted Web supports many flags and options, and the ``twistd`` utility does
as well; see ``twistd -h`` and ``twistd web -h`` for more information. For
example, to run a Twisted Web server in the foreground, on port 8080, with an
application from ``myproject``::

    twistd -n web --port 8080 --wsgi myproject.app

.. _Twisted: https://twistedmatrix.com/
.. _Twisted Web: https://twistedmatrix.com/trac/wiki/TwistedWeb

.. _deploying-proxy-setups:

Proxy Setups
------------

If you deploy your application using one of these servers behind an HTTP proxy
you will need to rewrite a few headers in order for the application to work.
The two problematic values in the WSGI environment usually are ``REMOTE_ADDR``
and ``HTTP_HOST``.  You can configure your httpd to pass these headers, or you
can fix them in middleware.  Werkzeug ships a fixer that will solve some common
setups, but you might want to write your own WSGI middleware for specific
setups.

Here's a simple nginx configuration which proxies to an application served on
localhost at port 8000, setting appropriate headers:

.. sourcecode:: nginx

    server {
        listen 80;

        server_name _;

        access_log  /var/log/nginx/access.log;
        error_log  /var/log/nginx/error.log;

        location / {
            proxy_pass         http://127.0.0.1:8000/;
            proxy_redirect     off;

            proxy_set_header   Host                 $host;
            proxy_set_header   X-Real-IP            $remote_addr;
            proxy_set_header   X-Forwarded-For      $proxy_add_x_forwarded_for;
            proxy_set_header   X-Forwarded-Proto    $scheme;
        }
    }

If your httpd is not providing these headers, the most common setup invokes the
host being set from ``X-Forwarded-Host`` and the remote address from
``X-Forwarded-For``::

    from werkzeug.contrib.fixers import ProxyFix
    app.wsgi_app = ProxyFix(app.wsgi_app)

.. admonition:: Trusting Headers

   Please keep in mind that it is a security issue to use such a middleware in
   a non-proxy setup because it will blindly trust the incoming headers which
   might be forged by malicious clients.

If you want to rewrite the headers from another header, you might want to
use a fixer like this::

    class CustomProxyFix(object):

        def __init__(self, app):
            self.app = app

        def __call__(self, environ, start_response):
            host = environ.get('HTTP_X_FHOST', '')
            if host:
                environ['HTTP_HOST'] = host
            return self.app(environ, start_response)

    app.wsgi_app = CustomProxyFix(app.wsgi_app)
Reorder deployment options. 2012-04-01 22:54:27 +08:00			`.. _deploying-wsgi-standalone:`
Touch up and integrate docs on deploying Flask. 2011-06-11 00:15:50 +08:00
Reorder deployment options. 2012-04-01 22:54:27 +08:00			`Standalone WSGI Containers`
			`==========================`
Break up deployment docs into separate documents. 2010-04-19 17:23:44 +08:00
Reorder deployment options. 2012-04-01 22:54:27 +08:00			`There are popular servers written in Python that contain WSGI applications and`
			`serve HTTP. These servers stand alone when they run; you can proxy to them`
			from your web server. Note the section on :ref:`deploying-proxy-setups` if you
			`run into issues.`

			`Gunicorn`
			`--------`

			`Gunicorn`_ 'Green Unicorn' is a WSGI HTTP Server for UNIX. It's a pre-fork
			worker model ported from Ruby's Unicorn project. It supports both `eventlet`_
			and `greenlet`_. Running a Flask application on this server is quite simple::

			`gunicorn myproject:app`

			`Gunicorn`_ provides many command-line options -- see ``gunicorn -h``.
			For example, to run a Flask application with 4 worker processes (``-w
			4``) binding to localhost port 4000 (``-b 127.0.0.1:4000``)::

			`gunicorn -w 4 -b 127.0.0.1:4000 myproject:app`

			`.. _Gunicorn: http://gunicorn.org/`
			`.. _eventlet: http://eventlet.net/`
Updated greenlet links, which were dead. 2014-01-04 19:51:18 +08:00			`.. _greenlet: http://greenlet.readthedocs.org/en/latest/`
Break up deployment docs into separate documents. 2010-04-19 17:23:44 +08:00
			`Gevent`
			`-------`

			`Gevent`_ is a coroutine-based Python networking library that uses
Fixed gevent introduction to use libev instead of libevent 2015-07-15 03:36:01 +08:00			`greenlet`_ to provide a high-level synchronous API on top of `libev`_
Break up deployment docs into separate documents. 2010-04-19 17:23:44 +08:00			`event loop::`

			`from gevent.wsgi import WSGIServer`
			`from yourapplication import app`

			`http_server = WSGIServer(('', 5000), app)`
			`http_server.serve_forever()`

			`.. _Gevent: http://www.gevent.org/`
Updated greenlet links, which were dead. 2014-01-04 19:51:18 +08:00			`.. _greenlet: http://greenlet.readthedocs.org/en/latest/`
Fixed gevent introduction to use libev instead of libevent 2015-07-15 03:36:01 +08:00			`.. _libev: http://software.schmorp.de/pkg/libev.html`
Added documentation for Gunicorn 2010-05-19 10:13:31 +08:00
docs/deploying/wsgi-standalone: Add Twisted Web. I've been meaning to do this for quite some time, but I never got around to it. Hopefully this is neutral and useful enough to be included in the main docs. 2012-10-12 05:05:01 +08:00			`Twisted Web`
			`-----------`

			`Twisted Web`_ is the web server shipped with `Twisted`_, a mature,
			`non-blocking event-driven networking library. Twisted Web comes with a`
			`standard WSGI container which can be controlled from the command line using`
			the ``twistd`` utility::

			`twistd web --wsgi myproject.app`

			This example will run a Flask application called ``app`` from a module named
			``myproject``.

			Twisted Web supports many flags and options, and the ``twistd`` utility does
			as well; see ``twistd -h`` and ``twistd web -h`` for more information. For
			`example, to run a Twisted Web server in the foreground, on port 8080, with an`
			application from ``myproject``::

			`twistd -n web --port 8080 --wsgi myproject.app`

			`.. _Twisted: https://twistedmatrix.com/`
			`.. _Twisted Web: https://twistedmatrix.com/trac/wiki/TwistedWeb`

Reorder deployment options. 2012-04-01 22:54:27 +08:00			`.. _deploying-proxy-setups:`
Added documentation for Gunicorn 2010-05-19 10:13:31 +08:00
Documented proxy fix 2010-07-20 22:05:10 +08:00			`Proxy Setups`
			`------------`

Add simple proxying nginx config to docs. Origin: https://gist.github.com/2269917 2012-04-01 22:57:44 +08:00			`If you deploy your application using one of these servers behind an HTTP proxy`
			`you will need to rewrite a few headers in order for the application to work.`
docs: ``DEBUG``, ``SERVER_NAME``, ``PATH_INFO`` 2014-11-05 12:10:49 +08:00			The two problematic values in the WSGI environment usually are ``REMOTE_ADDR``
			and ``HTTP_HOST``. You can configure your httpd to pass these headers, or you
Add simple proxying nginx config to docs. Origin: https://gist.github.com/2269917 2012-04-01 22:57:44 +08:00			`can fix them in middleware. Werkzeug ships a fixer that will solve some common`
			`setups, but you might want to write your own WSGI middleware for specific`
			`setups.`

			`Here's a simple nginx configuration which proxies to an application served on`
Touch up proxying docs. 2012-04-01 23:19:51 +08:00			`localhost at port 8000, setting appropriate headers:`

			`.. sourcecode:: nginx`
Add simple proxying nginx config to docs. Origin: https://gist.github.com/2269917 2012-04-01 22:57:44 +08:00
			`server {`
			`listen 80;`

			`server_name _;`

			`access_log /var/log/nginx/access.log;`
			`error_log /var/log/nginx/error.log;`

			`location / {`
			`proxy_pass http://127.0.0.1:8000/;`
			`proxy_redirect off;`

Add X-Forwarded-Proto to proxy setup example The ProxyFix middleware provided by Werkzeug uses this header for returning accurate values from request.is_secure and request.scheme. Without adding this header, Flask won't properly detect when it is being served over HTTPS and will fail to generate proper external links and cause certain extensions (e.g. Flask-OAuthlib) to function improperly. Adding this header to the example setup should reduce issues encountered by developers when following this guide. 2015-05-10 00:29:53 +08:00			`proxy_set_header Host $host;`
			`proxy_set_header X-Real-IP $remote_addr;`
			`proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;`
			`proxy_set_header X-Forwarded-Proto $scheme;`
Add simple proxying nginx config to docs. Origin: https://gist.github.com/2269917 2012-04-01 22:57:44 +08:00			`}`
			`}`
Documented proxy fix 2010-07-20 22:05:10 +08:00
Touch up proxying docs. 2012-04-01 23:19:51 +08:00			`If your httpd is not providing these headers, the most common setup invokes the`
docs: ``Flask-Uploads``, ``X-Forwarded-Host`` 2014-11-05 12:23:47 +08:00			host being set from ``X-Forwarded-Host`` and the remote address from
			``X-Forwarded-For``::
Documented proxy fix 2010-07-20 22:05:10 +08:00
			`from werkzeug.contrib.fixers import ProxyFix`
			`app.wsgi_app = ProxyFix(app.wsgi_app)`

Touch up proxying docs. 2012-04-01 23:19:51 +08:00			`.. admonition:: Trusting Headers`

			`Please keep in mind that it is a security issue to use such a middleware in`
			`a non-proxy setup because it will blindly trust the incoming headers which`
			`might be forged by malicious clients.`
Documented proxy fix 2010-07-20 22:05:10 +08:00
			`If you want to rewrite the headers from another header, you might want to`
			`use a fixer like this::`

			`class CustomProxyFix(object):`

			`def __init__(self, app):`
			`self.app = app`

			`def __call__(self, environ, start_response):`
			`host = environ.get('HTTP_X_FHOST', '')`
			`if host:`
			`environ['HTTP_HOST'] = host`
			`return self.app(environ, start_response)`

			`app.wsgi_app = CustomProxyFix(app.wsgi_app)`