Simplest way to setup remote admin access to a web2py process

Terrence Brannon picture Terrence Brannon · Oct 11, 2012 · Viewed 7.7k times · Source

Ok my question here should've been more to the point. The bottom line is: I have a remote linux box and I started up web2py on it just fine - it's prompting me to visit port 8000 on the localhost.

However, when I try to visit that port remotely, I am unable to establish a connection via http or https.

So the question becomes, what is the fastest simplest way to provide remote admin access to web2py? I dont feel like setting up Apache and mod_proxy (although I did manage to get it setup) and I dont feel like configuring Apache to use this wsgi wrapper. If those are my only 2 options, then so be it, I will try to get that done.

But I'd rather just start up web2py with some sort of option that allows secure remote access and be done with it.

Answer

Akshet picture Akshet · Oct 12, 2012

Due to security reasons, web2py disables remote access to the admin app unless you are using a secured channel, ie. HTTPS. You all you need to do is set that up.

The shortest way to do what you want is,

  1. Start by generating your certificate files, if you don't have them already

    openssl genrsa -out server.key 2048

    openssl req -new -key server.key -out server.csr

    openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt

  2. Copy the server.key and server.crt files to your web2py root folder.

  3. Then start the web2py application using the certificate files

    python web2py.py -a 'AdminPwd' -c server.crt -k server.key -i 0.0.0.0 -p 8000

  4. Then go to the browser and open, please note that the https is important

    https://IpAddr:8000/admin/default/site

This should open the admin application on the remote machine.

The best way to do what you want is,

Use this nice script (setup-web2py-nginx-uwsgi-ubuntu.sh) to setup nginx with web2py using uWSGI on ubuntu. The script will setup the required https and http channels for you.

The methods described above are meant to be used in a development environment and not a production environment