Nginx and Keter set up

[Christian Laustsen]

Hi,

After a lot of messing around (and getting it to work once, but then somehow messing it up) I'm inclined to admit defeat.

The thing I'm trying to do is to setup keter and nginx to work together. I got it working once, then suddenly it didn't work, and I have no idea what I changed in the meantime to cause this. More than likely, this is a problem with my configuration, so if you'd take a look at them, I would very much appreciate it. Also, I'd like general tips on using keter and nginx, if anyone has any :3 ...

My domain is codetalk.io, (the current status of the config can be seen at http://codetalk.io)

    # /etc/nginx/sites-enabled/keter

    server {

        listen 80;

        server_name codetalk.io;

        location / {

           # keter will use a dynamic port in the 4000s, if you let your 

           # current setup use something outside that range you can leave 

           # your current app running when you start keter for the first 

           # time. that way, if it doesn't work, you're no worse off than 

           # you were before.

           proxy_pass http://127.0.0.1:3000;

        }

    }

    # keter.yaml

    exec: ../dist/build/HsCMS/HsCMS

    args:

        - production

    host: codetalk.io

    ssl: false

    # /opt/keter/etc/keter-config.yaml

    root: /opt/keter

    port: 3000

Keter is running normally and I can see my yesod app being started. Nginx also functions fine.

Any help would be much appreciated

[Patrick Brisbin]

Hi Christian,

On 01/22/13 at 09:21am, Christian Laustsen wrote:
> After a lot of messing around (and getting it to work once, but then
> somehow messing it up) I'm inclined to admit defeat.

I just did the same!

Can you elaborate a bit? The blog post I wrote (which I recognize in
your snippets) was written against keter 0.1 where it had nginx support,
recent versions of keter replaced that with its own proxy and there're
no plans to go back.

Depending on what you're doing (and why you want nginx running too), I
might be able to offer a solution as I just worked around the dropping
of nginx support myself.

Thanks,
Pat

--
patrick brisbin

[Christian Laustsen]

Hah! What a coincidence, your blog is actually the one I tried to follow the first time around :D (I like your articles very much).. Later on, I found out that they had they didn't need nginx anymore, but I couldn't really figure out how the setup was supposed to be after that :/ Anyways,

I have other applications running on my server, which I use nginx's reverse proxy for, so I would rather not remove that completely.

If you could share how you did your setup, that would be amazingly helpful :) (also, I'd like to know how the intended setup was supposed to be).

It would be nice if there was some more thorough documentation (or perhaps I've been looking the wrong places).

Thanks in advance!

Chrsitian

[Patrick Brisbin]

On 01/22/13 at 11:12am, Christian Laustsen wrote:
> Hah! What a coincidence, your blog is actually the one I tried to follow
> the first time around :D (I like your articles very much).. Later on, I
> found out that they had they didn't need nginx anymore, but I couldn't
> really figure out how the setup was supposed to be after that :/ Anyways,
>
> I have other applications running on my server, which I use nginx's reverse
> proxy for, so I would rather not remove that completely.
>
> If you could share how you did your setup, that would be amazingly helpful
> :) (also, I'd like to know how the intended setup was supposed to be).

Well, the "new way" is to not use nginx at all. If you were to stop
nginx and remove the "port: 3000" from your keter config, you might find
everything Just Works.

However, that's because keter will bind to port 80, listen for requests
to your domain and forward them to the keterized app. That poses a
problem if you also want nginx running to serve other apps, since it too
will want to bind to port 80.

## Double-Proxy

If you really need nginx to run on the system, you've got to give him
port 80. This means that keter has to listen on another port. You can
then tell nginx to forward requests to it.

*/etc/keter.yaml*

# tell keter to listen locally on an unused port. I use 8000 b/c 3000
# is conventionally used for developing.
root: ...
host: 127.0.0.1
port: 8000

*/etc/nginx.conf*

http {
# your other nginx-proxied app should have their own server blocks
# either here or in sites-enabled.
server {
listen 80;
server_name x.example.com;
# ...
}

server {
listen 80;
server_name y.example.com;
# ...
}

# this one will look familiar. it's the same kind of server block
# keter would write to forward requests to your yesod app. in this
# case, we're telling nginx to forward requests to keter. keter's
# own proxy will handle getting them to the yesod app -- a double
# proxy.
server {
listen 80;
server_name example.com;
location / {
# forward to keter
proxy_pass: http://127.0.0.1:8000;

# some useful settings
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
}

*config/keter.yaml*

exec: ../dist/build/app/app
args:
- production

# this will be used as APPROOT so if you've got absolute URLs you
# should be careful to set it correctly
host: example.com

# the requests coming in from nginx be to that though, they'll be to
# this:
extra-hosts:
- "127.0.0.1:8000"

I make no claims that this setup is smart, performant, or good in *any
way* it's just one option I was playing with.

The next method is better, I think, but it might not be possible in your
situation...

## Multi-App

If it's feasible to take those other sites that nginx is currently
serving and set them up as a keter bundle, you can give port 80 to keter
and deploy All The Things by dropping keter bundles into incoming. Then
you can stop using nginx entirely.

In order for an app to be usable by keter it just needs an executable
that respects the PORT environment variable.

In my case, the other sites were simple static file browsers, so I just
wrote a small python executable which uses PORT and
SimpleHTTPRequestHandler to serve a static site of some directory. It's
not as pretty as nginx's was, but it works the same.

With that setup, I could just follow the normal instructions for
keter+yesod to get my yesod app deployed too.

Phew, long email! Hope it helps,
Pat

--
patrick brisbin

[Christian Laustsen]

I went with the Double-Proxy solution, and it's working like a charm. I simply can't thank you enough!

Thanks a million times :)

Sincerely

Christian

[Michael Snoyman]

Patrick, this a great response. Would you be willing to add this to the Yesod wiki in the deployment section?

[Patrick Brisbin]

On 01/23/13 at 06:10am, Michael Snoyman wrote:
> Patrick, this a great response. Would you be willing to add this to the
> Yesod wiki in the deployment section?

Sure, no problem. I probably should've thought of that myself...

--
patrick brisbin

[Patrick Brisbin]

Michael,

https://github.com/yesodweb/yesod/wiki/Deploying-via-Keter-alongside-Nginx

Feel free to edit, move, rename, etc.

[Michael Snoyman]

Looks great, thanks!