hi @_jm, in my case nginx, flask and bokeh are all on the same server which has public ip. While the heroku cost is not a matter, bringing another provider is not an option. This VM setup is on aws and only accessible through our company vpn.
@Bryan, as i mentioned earlier i am able to have nginx + bokeh configured successfully for SSL and that is how my https://my.domain.net/env points to my bokeh app but we get in to all these https to http issues when flask app running on same vm at 5003 sends this url to browser (and we get CORS error mentioning that my.public.ip:5003 is not allowed to access bokeh resources at https://my.domain.net/env). I wanted to try direct ssl termination for bokeh as you suggested, but i only have .pem and .key files (from the certbot) created for mydomain.net and when i tried to use those certs it gave (probably rightfully) below error:
Cannot start Bokeh server [EACCES]: PermissionError(13, 'Permission denied')