multiple py4web applications on the same server with nginx

[icodk]

I managed  to get the two applications responding to the respective URL

https://example1.com and https://example2.com by making two server blocks

and appendig the app name to the proxy_pass so it looks like:

 proxy_pass      http://127.0.0.1:8000/example1;

However, all internal links are gets the app name appended For example 

hovering on the login button shows:

https://example1.com/example1/auth/login

Clicking on this button I get a 404 error for example1example1  (not found) 

 if I explicitly enther: https://example1.com/auth/register, I also get 

404 example1auth not found

The full example1 block looks like (example2 block is only using example2 instead of example1): 

server {
        listen 443 default_server ssl;
       
server_name example1.com www.example1.com;
        #ssl_certificate         /etc/nginx/ssl/py4web.crt;
        #ssl_certificate_key     /etc/nginx/ssl/py4web.key;
    ssl_certificate /etc/letsencrypt/live/example1.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/example1.com/privkey.pem;
   

        ssl_prefer_server_ciphers on;
        ssl_session_cache shared:SSL:10m;
        ssl_session_timeout 10m;
       

ssl_ciphers ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
    keepalive_timeout    70;
        location / {


            proxy_set_header   X-Forwarded-Proto $scheme;
            proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header   Host $http_host;
            proxy_set_header   X-Real-IP $remote_addr;
            proxy_set_header   X-Forwarded-Host $http_host;
            proxy_redirect off;
            proxy_pass      http://127.0.0.1:8000/example1;
            client_max_body_size 100M;
            #limit_req zone=mylimit;
        }
        location ~* ^/(\w+)/static(?:/_[\d]+\.[\d]+\.[\d]+)?/(.*)$ {

            alias /home/www-data/py4web/apps/$1/static/$2;
            expires max;
           
        }


}

I also tried:

proxy_pass      http://127.0.0.1:8000/$1;

but this caused both URL to display example1 (_default) and none of the internal links worked. No errors but also no redirect: clicking on :

https://example1.com/auth/logout didn't logged me out

my _default application is pointing at example1

I use the same letsencrypt cert. for both sites with no error

Both domins pointing to the same IP

Any sugestions are very welcome

[icodk]

Have the pleasure to answer my own question (hope it will help others)

AI (chatGPT) helped me to find a solution for running different py4web applications on the same server and py4web instance and nginx
( maybe it should be added to the deployment documentation)

As far as I understand the problem comes from the fact that nginx routing is based on the path but py4web is based on the app name

Fortunately nginx can translat between the two ( i am definitely knows very litle about nginx and py4web but wished that it was explained better in the docs)

So here is an enginx server block  specific to a py4web application and specific url, in this case the url is example1.com and the app name is example1
( I also added the _dashboard app but any other app will not be available unless specific server block is added or a generic one like server_name     $hostname;)

A server block for the exampl1 application

server {
        listen 443 default_server ssl;

        #server_name     $hostname;

server_name example1.com www.example1.com;
        #ssl_certificate         /etc/nginx/ssl/py4web.crt;
        #ssl_certificate_key     /etc/nginx/ssl/py4web.key;

    ssl_certificate /etc/letsencrypt/live/example1.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/example1.com/privkey.pem; # managed by Certbot

    ssl_prefer_server_ciphers on;
    ssl_session_cache shared:SSL:10m;
    ssl_session_timeout 10m;
    ssl_ciphers ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
     keepalive_timeout    70;

     # Dashboard
location /_dashboard/ {
allow 127.0.0.1;
allow my.ip.addr.at_work;
deny all;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_pass http://127.0.0.1:8000/_dashboard/;
    }
location = / {
        return 302 /example1/;
    }
        location /example1/ {

            proxy_set_header   X-Forwarded-Proto $scheme;
            proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header   Host $http_host;
            proxy_set_header   X-Real-IP $remote_addr;
            proxy_set_header   X-Forwarded-Host $http_host;

    proxy_pass      http://127.0.0.1:8000/example1/;
    proxy_redirect off;
            client_max_body_size 100M;