Skip to content

Instantly share code, notes, and snippets.

@deargle

deargle/_psiturk_ssl.conf.md

Forked from yosemitebandit/yupyupnope.conf
Last active August 27, 2017 02:19
Show Gist options
  • Save deargle/5d8c01660a77b8090a2cd24efcda2c59 to your computer and use it in GitHub Desktop.
Save deargle/5d8c01660a77b8090a2cd24efcda2c59 to your computer and use it in GitHub Desktop.
Download ZIP
psiturk example ssl config: nginx config file for flask app (behind gunicorn) with ssl. See https://github.com/NYUCCL/psiTurk/pull/226
Raw
_psiturk_ssl.conf.md

psiturk example ssl config: nginx config file for flask app (behind gunicorn) with ssl. See NYUCCL/psiTurk#226

Raw
config.txt
####################
### example of how to host your own ad instead of using the psiturk ad server to host your ad
####################
[HIT Configuration]
... the defaults ...
[Database Parameters]
... the defaults ...
[Server Parameters]
host = 0.0.0.0
port = 22362
... the defaults ...
[Task Parameters]
... the defaults ...
[Shell Parameters]
launch_in_sandbox_mode = true
use_psiturk_ad_server = false
ad_location = https://<my-server-name.com>:4433/ad
Raw
psiturk-host-own-ad.conf
# use this if you're hosting your own ad (i.e., you're not using the psiturk ad server). Requires that you have your own ssl cert.
server {
listen 80;
server_name <your-registered-server-name.com> <www.your-registered-server-name.com>;
rewrite ^/(.*) https://<your-registered-server-name.com>/$1 permanent;
}
server {
listen 443; # or any other port that you want to bind to. I bound to 4433 since I'm also running Apache.
# since I boud to 4433 here, my ad_location in my psiturk config.txt is:
# https://<my-server-name.com>:4433/ad
root /absolute/path/to/your/psiturk/project/folder;
ssl on;
ssl_certificate <full_path_to.crt>;
ssl_certificate_key <full_path_to.key>;
server_name <your-registered-server-name.com>;
access_log </path/to/access.log>;
error_log </path/to/error.log>;
location / {
# checks for static files; if not found, proxy to app
try_files $uri @proxy_to_app;
}
location @proxy_to_app {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
# if you're using the standard psiturk port, and if psiturk is running on the same
# server as is nginx, then you can do:
#
# proxy_pass http://localhost:22362;
#
# remember that if you've configured psiturk/gunicorn to run with ssl (i.e., if you've
# also specified your .crt and .key in config.txt [Server Parameters], then you need to
# specify https:// here, like so:
#
# proxy_pass https://localhost:22362
proxy_pass http://app_server;
}
}
Raw
psiturk-use-ad-server.conf
# use this one if you don't have an ssl server (e.g., if you're still using the psiTurk ad server but you want a
# reverse proxy in front of your psiturk gunicorn server)
server {
listen 80; # or any other port that you want to bind to.
root /absolute/path/to/your/psiturk/project/folder;
server_name <your-registered-server-name.com>;
access_log </path/to/access.log>;
error_log </path/to/error.log>;
location / {
# checks for static files; if not found, proxy to app
try_files $uri @proxy_to_app;
}
location @proxy_to_app {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
# if you're using the standard psiturk port, and if psiturk is running on the same
# server as is nginx, then you can do:
#
# proxy_pass http://localhost:22362;
#
# remember that if you've configured psiturk/gunicorn to run with ssl (i.e., if you've
# also specified your .crt and .key in config.txt [Server Parameters], then you need to
# specify https:// here, like so:
#
# proxy_pass https://localhost:22362
proxy_pass http://localhost:22362;
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment