WEBVTT 00:00.120 --> 00:03.750 OK, so now to reverse proxy Agraféna with engine. 00:04.290 --> 00:09.540 Now the reason why I want to add a reverse proxy in front of Crafar because the next step I will add 00:09.540 --> 00:15.330 an SSL certificate and open the SSL certificate to the next proxy rather than to the Griffon service 00:15.330 --> 00:15.780 itself. 00:15.840 --> 00:24.840 Also, using a proxy is a common approach to changing the port number of a service running on the internet 00:24.870 --> 00:29.800 in a more generic way, rather than modifying Griffon settings explicitly. 00:29.820 --> 00:33.930 It's a concept that you can use for many other services that you might be hosting on a service. 00:34.170 --> 00:39.720 So anyway, the purpose of this next section is to remove the need of typing in the code and 3000. 00:39.720 --> 00:46.410 So rather than typing that address, which works now that sitake or font become a dot net code 3000, 00:46.440 --> 00:48.510 I would just be able to type in that address. 00:48.520 --> 00:51.000 Hey, Shitbag follows the code on it without the column. 00:51.040 --> 00:53.730 OK, so and for that ability, I'll use engineers. 00:53.880 --> 00:56.190 OK, so switch onto your server. 00:56.310 --> 01:02.490 OK, so I log on to my cabana server that I got from Digital Ocean, and I can first test to see if 01:02.490 --> 01:03.530 Engine X is installed. 01:03.540 --> 01:07.320 It's very unlikely to be in Unix Hyphen V version. 01:07.470 --> 01:11.580 No, it's not there so we can install it so that I'll use that command name. 01:12.000 --> 01:14.370 Just a generic install command for engine. 01:15.390 --> 01:15.930 Yes. 01:17.120 --> 01:17.580 Very good. 01:17.600 --> 01:22.820 Now I can test the version again, if I just press on the up arrow on my keyboard, it shows me the 01:22.820 --> 01:24.300 last commands that I've just typed. 01:24.320 --> 01:26.900 So any next half of the version 1.1? 01:27.100 --> 01:27.470 Excellent. 01:27.560 --> 01:30.450 We can continue so we can check the status. 01:30.470 --> 01:34.820 It should already be running by sudo service engineer status. 01:35.000 --> 01:37.580 And next is actually running a patrol seat to get out of that. 01:37.650 --> 01:44.840 OK, now Engine X by default, is hosting a very simple website on Poor 80, not port three thousand 01:44.840 --> 01:45.900 like Agraféna service. 01:45.920 --> 01:53.170 So if I just type that IP address by itself into my browser and I don't have to put in column port I.D. 01:53.180 --> 01:55.320 like that, it's just default behind the scenes. 01:55.340 --> 01:56.540 Just put the IP address in. 01:56.540 --> 01:58.310 It will show me the default engine next. 01:58.310 --> 01:58.970 Welcome page. 01:59.060 --> 02:05.510 Now, if you're using us as your GCP or any other similar service, you might have to set up a firewall 02:05.510 --> 02:05.780 rule. 02:05.780 --> 02:07.280 So neither of us, I had to. 02:07.290 --> 02:09.320 I put 3000 in the security group. 02:09.320 --> 02:15.230 You have to open up a port in your security group in the equivalent user interface section of your cloud 02:15.230 --> 02:15.670 provider. 02:15.680 --> 02:20.480 But in digitalization and that's not poor, it is accessible by default as long as there's something 02:20.480 --> 02:23.840 on your server exposing Port I.D. and that is Engine X. 02:23.840 --> 02:25.800 Right now it's listening on Port 80. 02:25.820 --> 02:31.490 And if I visit the IP address directly, regardless, if I put in 80 or not, it's going to serve me 02:31.490 --> 02:32.630 just a simple web page. 02:32.690 --> 02:39.470 OK, so now to create a specific configuration for graphic violence, so we can also visit our California 02:39.470 --> 02:42.410 service through Port 80 using HDTV. 02:42.440 --> 02:46.610 OK, so see to the Engine X Sites Enable Folder. 02:46.620 --> 02:48.380 So usually that is ETSI engine. 02:48.620 --> 02:49.280 So it's enabled. 02:49.280 --> 02:52.940 So just copy that whole line, right click CD, ETSI and next. 02:52.940 --> 02:57.380 So it's enabled if I type less, it shows me this one fall in their code default. 02:57.380 --> 03:05.600 That default is instructions that tells Engine X to serve this basic content when someone visits provided 03:05.600 --> 03:06.320 that IP address. 03:06.440 --> 03:11.780 OK, so we're going to add another configuration that will listen for the domain name that we typed 03:11.780 --> 03:11.960 in. 03:11.960 --> 03:16.610 So we'll create New Fault Sudo Nano, whatever your domain name, dconf is. 03:16.730 --> 03:19.050 OK, so before that, I'm just going to clear the screen. 03:19.070 --> 03:22.090 OK, so sudo nano your domain name dconf. 03:22.100 --> 03:26.360 So my domain name is Bafana or ISP code. 03:26.480 --> 03:27.950 Dot net dot com. 03:28.040 --> 03:29.660 You can actually name it anything you like. 03:29.690 --> 03:34.970 I'm just naming it the same as my domain name, so this will create a new file name to that in the site. 03:34.990 --> 03:39.040 Snapped Photo and Nano is a text editor for Linux. 03:39.060 --> 03:40.070 It's quite easy to use. 03:40.220 --> 03:40.890 So enter. 03:40.910 --> 03:45.140 OK, so the text editors opened up so we can now write the contents of this new file. 03:45.170 --> 03:45.500 OK. 03:45.650 --> 03:48.620 So going further down, just copy this section here. 03:48.680 --> 03:51.800 Can use that icon if you like, copied the clipboard now. 03:51.830 --> 03:55.610 Right click and it will paste the contents into the text later today. 03:55.610 --> 04:02.300 So up here for server name change that to follow the recipe code. 04:02.480 --> 04:05.530 Dot net and make sure they've got semicolon at the end. 04:05.750 --> 04:09.050 That will cause the next proxy, which is essentially like a web server. 04:09.260 --> 04:10.950 So to listen on Port 80. 04:10.960 --> 04:17.990 But if the domain name typed in was Crafar s code dot net, it will redirect the TCP connection onto 04:17.990 --> 04:20.690 hasty FTP local host call and 3000. 04:20.700 --> 04:23.450 And that's where Agraféna service is listening to a proxy pass. 04:23.900 --> 04:26.380 So Control X is the option down there. 04:26.390 --> 04:29.630 Control X to save and select, Y to save. 04:29.660 --> 04:30.080 Yes. 04:30.690 --> 04:35.660 OK, so if what type list now, which means list the contents of the folder, it shows this to file's 04:35.660 --> 04:38.780 default and another one Cauca finite Echo Dot net dakonam. 04:38.870 --> 04:45.650 OK, so let's just verify that the configuration is correct and you can do that and x hyphen t test. 04:45.830 --> 04:49.000 OK, so syntax is OK and the artistic successful. 04:49.010 --> 04:52.160 So the syntax of microfinance Beko dot net took off was OK. 04:52.190 --> 04:56.690 So this restart Engine X restart and this check its status. 04:57.290 --> 04:57.770 Very good. 04:57.770 --> 04:59.930 Active running control C to get out of that. 04:59.960 --> 05:05.990 Now, if I open my browser and visit, just that address doesn't matter if I put the housekeeper or 05:05.990 --> 05:06.230 not. 05:06.290 --> 05:12.140 I'll just put that in Gryffindor ESP Code Dot Net, just like that takes me straight to the microphone 05:12.350 --> 05:17.120 application to the microphone and speak code on it is no longer necessary to put in the call and three 05:17.120 --> 05:17.570 thousand. 05:17.600 --> 05:20.180 Just remember, though, this is using default. 05:20.180 --> 05:21.380 Poor it now. 05:21.380 --> 05:26.660 And since I'm using a cloud provider which doesn't force a firewall in front of your service like I 05:26.930 --> 05:30.380 was and several others for it is already accessible now. 05:30.410 --> 05:37.040 If you are using IWC, you'd have to add it to your security group and just so you know, Port 3000 05:37.160 --> 05:38.540 does continue to work. 05:38.600 --> 05:43.460 If you wanted to use that, but it's no longer necessary, signal actually remove that additional rule 05:43.460 --> 05:46.100 from your security group and IWC if you wanted to. 05:46.130 --> 05:46.910 It's not necessary. 05:46.910 --> 05:52.160 But later on, I will create an IP table for all to block Port 3000, but that's in the next video. 05:52.220 --> 05:52.550 Excellent. 05:52.550 --> 05:54.310 So that's what we did in this video. 05:54.320 --> 05:56.210 Remove the need to type and call in three thousand. 05:56.210 --> 05:59.370 So already that's looking much better, but it's still not perfect. 05:59.780 --> 06:02.030 If I look at that, it says not secure. 06:02.060 --> 06:07.760 So in the next video will add an SSL certificate and bind it at the end of next proxy, and we'll be 06:07.760 --> 06:10.370 able to use HTTPS instead of 8TB. 06:10.700 --> 06:11.110 Excellent.