Open Deepansharora27 opened 8 months ago
If you run your server locally it will use http and ws. If you deploy it (say on render, fly.io or gcp) it will automatically use https and wss.
@willydouhard What if i package my code into a Docker Container and deploy it on an EC2 Instance given the Fact that I can access the External IP Of the Instance over https and then access the Chainlit Server on Port 8000 ? Would the chainlit server still automatically use https and wss in case of a VM Instance ?
I'm trying a reverse proxy with nginx, that way nginx expose the service over https, and chainlit can still run in http and nginx do the magic sauce!
Why don´t you allow to configure the SSL context?
https://medium.com/@mariovanrooij/adding-https-to-fastapi-ad5e0f9e084e
https://stackoverflow.com/questions/69138537/uvicorn-fastapi-python-run-both-http-and-https
workarround using nginx:
nginx.conf:
events {
worker_connections 1024;
}
http {
server {
listen 443 ssl;
server_name localhost;
ssl_certificate /etc/nginx/cert/xxxxxxx.crt;
ssl_certificate_key /etc/nginx/cert/xxxxxxxx.pem;
ssl_trusted_certificate /etc/nginx/cert/xxxxxxx.ca-bundle;
location /ws {
proxy_pass http://dolf:8888;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
location / {
proxy_pass http://dolf:8888;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
}
dolf is the name of my container running chainlit on my docker network named dolf-network. the dockers:
the nginx run command
docker run --rm --name nginx-ssl-proxy --network dolf-network -p 443:443 \
-v $(pwd)/nginx.conf:/etc/nginx/nginx.conf:ro -v /home/server/cop_cert:/etc/nginx/cert/:ro -d nginx
the chainlit run command(this is a custom build container)
docker run --network dolf-network --name dolf -p 8888:8888 -d --rm dolf
Could be better with docker compose, but for now is sufficient for me.
ps: the location /ws is for secure the websockets connections for llm streaming generation
I have a Sample Chainlit Server App Running using
chainlit run
. I see that the Application is opened on the Browser using the HTTP Protocol. Is there a way where I could run the Application over the HTTPS Protocol and along with the Application, also is there a way where the WebSockets Connection could be streamed overwss
instead of unencryptedws
socket channel ?I see that in the
config.toml
there is abase_url
parameter that allows to set the Endpoint as well as the Protocol if the Application is served behind a Reverse Proxy but I do not want to run my Chainlit Behind any Reverse Proxy for now.