Introduction – Using
twistd to Start Your Application¶
twistd (pronounced “twist-dee”) is an application runner for Twisted applications.
It takes care of starting your app, setting up loggers, daemonising, and providing a nice interface to start it.
twistd web Plugin¶
Exposing a valid IResource will allow your application to use the pre-existing
twistd web plugin.
To enable this functionality, just expose the
resource object of your Klein router:
from klein import Klein app = Klein() @app.route("/") def hello(request): return "Hello, world!" resource = app.resource
Then run it (in this example, the file above is saved as
$ twistd -n web --class=twistdPlugin.resource
The full selection of options you can give to
twistd web can be found in its help page.
Here are some relevant entries in it:
-n, --notracebacks Do not display tracebacks in broken web pages. Displaying tracebacks to users may be security risk! -p, --port= strports description of the port to start the server on. -l, --logfile= Path to web CLF (Combined Log Format) log file. --https= Port to listen on for Secure HTTP. -c, --certificate= SSL certificate to use for HTTPS. [default: server.pem] -k, --privkey= SSL certificate to use for HTTPS. [default: server.pem] --class= Create a Resource subclass with a zero-argument constructor.
Using HTTPS via the
twistd web Plugin¶
twistd web plugin has inbuilt support for HTTPS, assuming you have TLS support for Twisted.
As an example, we will create some self-signed certs – for the second command, the answers don’t really matter, as this is only a demo:
$ openssl genrsa > privkey.pem $ openssl req -new -x509 -key privkey.pem -out cert.pem -days 365
We will then run our plugin, specifying a HTTPS port and the relevant certificates:
$ twistd -n web --class=twistdPlugin.resource -c cert.pem -k privkey.pem --https=4433
This will then start a HTTPS server on port 4433.
https://localhost:4433 will give you a certificate error – if you add a temporary exception, you will then be given the “Hello, world!” page.
Inspecting your browser’s URL bar should reveal a little lock – meaning that the connection is encrypted!
Of course, in production, you’d be using a cert signed by a certificate authority – but self-signed certs have their uses.