Re: [pylons-discuss] Best practices for running Pyramid (docker) and nginx (host) deployment

2021-12-19 Thread Gerhard Schmidt 

Hi Jens,

you must edit setting at two places

in the nginx server definition you must add

proxy_set_headerHost $host;
proxy_set_headerX-Real-IP $remote_addr;
proxy_set_headerX-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_headerX-Forwarded-Proto $scheme;
proxy_set_headerX-Forwarded-Host $host:$server_port;
proxy_set_headerX-Forwarded-Port $server_port;

and in die pyramid ini file you must add to the server:main section

trusted_proxy = *
trusted_proxy_headers = x-forwarded-for x-forwarded-host 
x-forwarded-proto x-forwarded-port


trusted_proxy = * should only be used in a container setting, as it 
accepts these header from all host.


With these settings waitress knows everything about the original 
connection and fills the values in the request object to fit the 
original connection


Regards
   Estartu

Am 14.12.21 um 01:21 schrieb Jens Troeger:

Hello,

I’ve seen some conversation here about running a Pyramid app server 
inside a Docker container, but none has really answered my questions.


My setup is that nginx runs on the host and currently uses /proxy_pass/ 
 
to forward requests to the container’s external port, so that the 
requests are then processed and responded to by the Pyramid application 
running inside the container.


*Question*: Inside the container I’m running the Pyramid application 
using pserve 
 
which listens on the container’s mapped internal port. Should I switch 
to gunicorn  instead? Does it 
matter in such a setup?


The /proxy_pass/ URL is http://127.0.0.1:6543 which means that the 
external https gets lost. That, in turn, means that within the Pyramid 
app (inside of the container) calls to e.g. static_url() 
 
return a http route instead of the necessary & expected https.


*Question*: I currently use prefix WSGI middleware to rewrite responses 
(discussion 
) 
but that feels hacky. Unfortunately, I wasn’t able to make 
X-Forward-Proto 
 HTTP 
header work quite yet so what’s the current recommendation here? Is the 
Using Behind a Reverse Proxy 
 
page current and working?


*Question*: Are there any benefits to using a UNIX socket for 
/proxy_pass/, instead of HTTP?


Much thanks in advance!
Jens

--
You received this message because you are subscribed to the Google 
Groups "pylons-discuss" group.
To unsubscribe from this group and stop receiving emails from it, send 
an email to pylons-discuss+unsubscr...@googlegroups.com 
.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/pylons-discuss/508f077e-ff7e-47c4-9e8f-ee5f018e9a7en%40googlegroups.com 
.


--
You received this message because you are subscribed to the Google Groups 
"pylons-discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to pylons-discuss+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/pylons-discuss/4f32ea6b-0248-0d50-efb8-c3d435103634%40augusta.de.


OpenPGP_0x3EE6A5DC78826E6B.asc
Description: OpenPGP public key


OpenPGP_signature
Description: OpenPGP digital signature

Re: [pylons-discuss] Best practices for running Pyramid (docker) and nginx (host) deployment

2021-12-19 Thread Steve Piercy 

Does Sentry monitor what you want?

https://docs.sentry.io/platforms/python/guides/pyramid/

--steve


On 12/19/21 4:22 PM, Jens Troeger wrote:

Oh, and more question… Monitoring.

For example, to monitor Dramatiq ’s asynchronous workers it provides a middleware 
 for Prometheus 
 to gather metrics. What’s does the community recommend for Pyramid to monitor 
its metrics? Didn’t see anything on Projects  page or the 
Awesome Pyramid  page.

Or is it better to hook up Prometheus to the nginx reverse proxy (link 
),
 which, however, in my case runs outside of the app container on the host 樂

Much thanks,
Jens

--
You received this message because you are subscribed to the Google Groups 
"pylons-discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email to 
pylons-discuss+unsubscr...@googlegroups.com 
.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/pylons-discuss/a3a27a0e-703f-4384-aec7-a89fc95137a1n%40googlegroups.com
 
.


--
You received this message because you are subscribed to the Google Groups 
"pylons-discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to pylons-discuss+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/pylons-discuss/261df554-4851-d33c-18ef-61dae0481246%40gmail.com.

Re: [pylons-discuss] Best practices for running Pyramid (docker) and nginx (host) deployment

2021-12-19 Thread Jens Troeger 
Oh, and more question… Monitoring.

For example, to monitor Dramatiq ’s asynchronous 
workers it provides a middleware 
 for 
Prometheus  to gather metrics. What’s does the 
community recommend for Pyramid to monitor its metrics? Didn’t see anything 
on Projects  page or the Awesome 
Pyramid  page.

Or is it better to hook up Prometheus to the nginx reverse proxy (link 
),
 
which, however, in my case runs outside of the app container on the host 樂

Much thanks,
Jens

-- 
You received this message because you are subscribed to the Google Groups 
"pylons-discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to pylons-discuss+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/pylons-discuss/a3a27a0e-703f-4384-aec7-a89fc95137a1n%40googlegroups.com.