Is there really a better way to study for an AWS cert then to set up some services on a locally owned vm service? I think not.

So, before I forget what I did I am going to document it. The good. The bad, the new commands, and the ugly.

The goal is to publish some flask apps over the web, using ssl, on Ubuntu.

I have been crashing and burning with Apache. I just really don’t want to figure out nginx today so cobbled together info I found around to get it up and running.


First up. The cert. I use clouldflare for DNS, so ran through the directions for setting up certbot with cloudflare. This ran rather smooth and let me know where my certs were.

*I also had to run certbot a second time, because there is a piece of the website that is serving static data from apache. I will use those certs to run the Flask apps as well.

For a few days I had been running my Flask apps inside of Docker, but with these certs I was really breaking security best practices trying to get this to work and decided to find a simpler way.

gunicorn will run with certs and after trying to get it to run inside docker I decided to go with the setting things up as a service. It’s needed if I ever want to get these running with apache or nginx, but for now I can run them stand alone.

I found a great guide to setting up startup scripts on the Ubuntu box. This and making some modifications to the gunicorn configs have left me with a pretty reproducible way to set up and tear down test apps pretty quick.

As long as I remember to renew my certs, I should now be able to spring up and pull down small test apps.

  1. Have certs. Good start.
  2. Make app
  3. copy config and set ports
  4. make service
  5. deal with all the security implications of how I did things

Want to play with the apps? Check ’em out at