I’m hoping the group might be able to help me understand the bokeh serve abc.py --allow-websocket-origin command a bit better. Right now I have an application that works, but only because I’m exposing port 5006 to the world. I don’t want to do that.
This is running on an AWS EC2, and I want to make it “production-worthy”. I’m running the Django and Bokeh server on the same machine.
I’m launching the following via supervisor so that it’s auto-launched at boot-up:
> bokeh serve bokeh_server_viz1 bokeh_server_viz2.py --allow-websocket-origin=“*”
I use gunicorn/wsgi/nginx to launch my Django Application (for purposes of this question, could be a flask app)
Inside my view it looks like this:
def dynamic(request):
bokeh_server_url = “http://34.214.131.126:5006”
app1_path = “/bokeh_server_viz1”
app2_path = “/bokeh_server_viz2”
session_server1 = pull_session(url=bokeh_server_url, app_path=app1_path)
server1_script = autoload_server(None, app_path=app1_path, session_id=session_server1.id, url=bokeh_server_url)
session_server2 = pull_session(url=bokeh_server_url, app_path=app2_path)
server2_script = autoload_server(None, app_path=app2_path, session_id=session_server2.id, url=bokeh_server_url)
context = {“server1_script”: server1_script,
“server2_script”: server2_script,
}
return render(request, ‘dashboard/dynamicviz.html’, context)
And all of these links work:
http://34.214.131.126/dynamicviz/
http://34.214.131.126:5006/bokeh_server_viz1
But my intent is for ONLY the Django server to see port 5006, but the firewall to block access to 5006 outside of the virtual machine.
FYI – feel free to navigate to the links above, but I’m changing them constantly.
So, my question – what combination of bokeh serve syntax and possibly nginx config do I need to block 5006 to the outside world, but allow the Django server to see the bokeh server running on the same machine? Is it even possible, or do I need to reconsider my approach?
Things I’ve tried that don’t work:
views.py (2.04 KB)
gunicorn.service (350 Bytes)
mysite (332 Bytes)
bokeh_serve.conf (267 Bytes)
···
bokeh serve abc.py --allow-websocket-origin=localhost:5006
bokeh serve abc.py --allow-websocket-origin=127.0.0.1:5006
bokeh serve abc.py --allow-websocket-origin=34.214.131.126
Attached files:
bokeh_serve.conf – runs at bootup via supervisor
gunicorn.service – runs at startup via systemctl
mysite – nginx configuration file located at /etc/nginx/sites-available
For what it’s worth, once I get this running I’m going to clean it up and post it to a public repository allow with directions as an example of of a Django application hosting static and dynamic Bokeh visualizations.