shapehostCherryPy on Ubuntu 24.04 (Python + WSGI + Nginx + SSL)
CherryPy is a minimal yet powerful Python web framework that allows developers to build scalable web applications with a clean, object-oriented style. Unlike heavy frameworks such as Django or Flask, CherryPy focuses on being a lightweight HTTP server and web framework that lets you structure applications however you want, without forcing patterns or dependencies. Its simplicity, performance, and production-readiness make it a popular choice for small services, APIs, and embedded applications.
Running CherryPy on Ubuntu 24.04 LTS (Noble Numbat) ensures long-term stability, security, and modern system packages. With systemd 255, OpenSSL 3, and up-to-date Python 3.12, Ubuntu 24.04 is an ideal foundation for deploying production-grade CherryPy applications behind Nginx with SSL termination.
Architecture Overview
| Layer | Component | Role |
|---|---|---|
| OS | Ubuntu 24.04 LTS | Stable, secure Linux base with long-term support |
| Runtime | Python 3.12 + venv | Runs the CherryPy application in an isolated environment |
| Framework | CherryPy (WSGI server) | Lightweight Python framework and HTTP server |
| Process Manager | systemd / PM2 (alt) | Keeps CherryPy running, manages restarts and uptime |
| Reverse Proxy | Nginx | TLS termination, compression, caching, request routing |
| TLS | Let’s Encrypt / PKI | Provides HTTPS security for the web application |
Why Use CherryPy?
- Minimal & fast – lightweight design with a built-in production-ready HTTP server.
- Flexible – no enforced ORM or templating; integrate with any Python library.
- Object-oriented – applications are structured as classes and methods.
- Production-ready – stable since 2002, with built-in features like sessions, caching, and static file serving.
- Embeddable – can run as part of larger Python projects or services.
CherryPy vs Other Python Frameworks
| Feature/Capability | CherryPy | Flask | Django | FastAPI |
|---|---|---|---|---|
| Philosophy | Minimal, server + framework | Minimal, microframework | Full-stack (batteries included) | High-performance async APIs |
| HTTP server | Built-in WSGI | Requires WSGI server | Requires WSGI server | ASGI (uvicorn/gunicorn) |
| Learning curve | Easy | Easy | Steeper | Medium |
| Best use case | Small apps, APIs | APIs, prototypes | Large web apps | Async APIs, microservices |
CherryPy excels when you want a simple, no-nonsense Python framework that runs fast without extra complexity.
Security & Best Practices
- Always deploy CherryPy behind Nginx with HTTPS.
- Run the app under a dedicated system user, not root.
- Use virtual environments to isolate dependencies.
- Enable systemd service management for uptime and auto-restarts.
- Keep Python, CherryPy, and libraries updated with security patches.
- Harden Nginx with security headers (HSTS, CSP, X-Frame-Options, etc.).
Typical Use Cases
- Lightweight REST APIs for microservices.
- Internal tools and dashboards where speed matters.
- Embedded applications inside larger Python projects.
- Prototyping small web apps before scaling to larger frameworks.
- Secure services behind Nginx with SSL for production workloads.
Deploying CherryPy on Ubuntu 24.04 with Python, Nginx, and SSL gives you a fast, minimal, and secure Python web stack — ideal for developers who want flexibility and performance without the overhead of heavy frameworks.
Step 1: Create a Server Instance on Shape.Host
To get started, you need a clean Ubuntu 24.04 server. Here’s how to provision one on Shape.Host:
Log into your Shape.Host dashboard.
Click Create → Instance.
Choose a data center location close to your users.
Select a VPS plan with at least 2 CPUs, 2 GB RAM, and 20 GB SSD.
Under operating systems, choose Ubuntu 24.04 (64-bit).
Click Create Instance.
Copy your server’s public IP address from the Resources section.
Step 2: Connect to Your Server
- Linux/macOS:
ssh root@your_server_ip - Windows:
Use PuTTY, enter your server IP, choose SSH, and log in with the root credentials provided by Shape.Host.
Step 3: Install Dependencies
Update packages and install Python, virtualenv, pip, and Nginx:
apt update
apt upgrade
apt install python3 python3-venv python3-pip nginx
Step 4: Create CherryPy User and Application Directory
adduser --system --group --no-create-home cherrypy
mkdir -p /opt/myapp
Creates a system user cherrypy (without a home directory) and a folder for the app.
Step 5: Set Up a Python Virtual Environment
python3 -m venv /opt/myapp/venv
/opt/myapp/venv/bin/pip install --upgrade pip
/opt/myapp/venv/bin/pip install cherrypy
Creates an isolated Python environment for CherryPy and installs the framework.
Step 6: Create a Sample CherryPy App
cat >/opt/myapp/app.py <<'PY'
import cherrypy
class App:
@cherrypy.expose
def index(self):
return "Hello from CherryPy behind Nginx!"
def main():
cherrypy.config.update({
"server.socket_host": "127.0.0.1",
"server.socket_port": 8000,
"engine.autoreload.on": False
})
cherrypy.quickstart(App(), "/")
if __name__ == "__main__":
main()
PY
This app responds with a simple “Hello from CherryPy behind Nginx!” when accessed.
Step 7: Set Permissions
chown -R cherrypy:cherrypy /opt/myapp
Ensures the cherrypy user owns the app directory.
Step 8: Create a Systemd Service
cat >/etc/systemd/system/cherrypy.service <<'UNIT'
[Unit]
Description=CherryPy WSGI App
After=network.target
[Service]
Type=simple
User=cherrypy
Group=cherrypy
WorkingDirectory=/opt/myapp
Environment=PATH=/opt/myapp/venv/bin
ExecStart=/opt/myapp/venv/bin/python /opt/myapp/app.py
Restart=on-failure
[Install]
WantedBy=multi-user.target
UNIT
Reload systemd and enable the service:
systemctl daemon-reload
systemctl enable cherrypy
systemctl start cherrypy
CherryPy now runs in the background as a managed service.
Step 9: Configure Nginx as Reverse Proxy
cat >/etc/nginx/sites-available/myapp <<'NGINX'
server {
listen 80;
server_name example.com;
client_max_body_size 20M;
location / {
proxy_pass http://127.0.0.1:8000;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Connection "";
proxy_read_timeout 300;
}
access_log /var/log/nginx/myapp_access.log;
error_log /var/log/nginx/myapp_error.log;
}
NGINX
Enable the site and reload Nginx:
ln -sf /etc/nginx/sites-available/myapp /etc/nginx/sites-enabled/myapp
rm -f /etc/nginx/sites-enabled/default
nginx -t
systemctl reload nginx
Now requests to http://example.com will be proxied to CherryPy running on port 8000.
Step 10: Secure with SSL (Let’s Encrypt)
apt install certbot python3-certbot-nginx
certbot --nginx -d example.com
This automatically fetches and installs a free SSL certificate.
Now visit:
https://example.com/
You should see:
Hello from CherryPy behind Nginx!
You’ve successfully deployed CherryPy on Ubuntu 24.04 using systemd and Nginx as a reverse proxy, with SSL enabled via Let’s Encrypt. This setup is lightweight, production-ready, and easy to extend for larger projects.
For scalability and performance, run your CherryPy applications on Shape.Host Cloud VPS — offering high-speed infrastructure tailored for developers.