Hello,
I don't know about waitress.
I personnaly use gunicorn, gunicorn doesn't trust headers transmitted by
a remote reverse proxy unless you tell him to through the
*--forwarded-allow-ips* setting.
Maybe waitress has a similar setting ?
Le 14/12/2021 à 01:21, Jens Troeger a écrit :
Hello,
I’ve seen some conversation here about running a Pyramid app server
inside a Docker container, but none has really answered my questions.
My setup is that nginx runs on the host and currently uses
/proxy_pass/
<https://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_pass>
to forward requests to the container’s external port, so that the
requests are then processed and responded to by the Pyramid
application running inside the container.
*Question*: Inside the container I’m running the Pyramid application
using pserve
<https://docs.pylonsproject.org/projects/pyramid/en/latest/pscripts/pserve.html>
which listens on the container’s mapped internal port. Should I switch
to gunicorn <https://docs.gunicorn.org/en/stable/> instead? Does it
matter in such a setup?
The /proxy_pass/ URL is http://127.0.0.1:6543 which means that the
external https gets lost. That, in turn, means that within the Pyramid
app (inside of the container) calls to e.g. static_url()
<https://docs.pylonsproject.org/projects/pyramid/en/latest/api/request.html#pyramid.request.Request.static_url>
return a http route instead of the necessary & expected https.
*Question*: I currently use prefix WSGI middleware to rewrite
responses (discussion
<https://github.com/Pylons/pyramid/issues/1435#issuecomment-61654089>)
but that feels hacky. Unfortunately, I wasn’t able to make
X-Forward-Proto
<https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Forwarded-Proto> HTTP
header work quite yet so what’s the current recommendation here? Is
the Using Behind a Reverse Proxy
<https://docs.pylonsproject.org/projects/waitress/en/latest/reverse-proxy.html>
page current and working?
*Question*: Are there any benefits to using a UNIX socket for
/proxy_pass/, instead of HTTP?
Much thanks in advance!
Jens
--
You received this message because you are subscribed to the Google
Groups "pylons-discuss" group.
To unsubscribe from this group and stop receiving emails from it, send
an email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/pylons-discuss/508f077e-ff7e-47c4-9e8f-ee5f018e9a7en%40googlegroups.com
<https://groups.google.com/d/msgid/pylons-discuss/508f077e-ff7e-47c4-9e8f-ee5f018e9a7en%40googlegroups.com?utm_medium=email&utm_source=footer>.
--
You received this message because you are subscribed to the Google Groups
"pylons-discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/pylons-discuss/d4663292-93e7-92cf-d268-5420b41e83c2%40gmail.com.
