1
00:00:00,120 --> 00:00:03,750
OK, so now to reverse proxy Agraféna with engine.

2
00:00:04,290 --> 00:00:09,540
Now the reason why I want to add a reverse proxy in front of Crafar because the next step I will add

3
00:00:09,540 --> 00:00:15,330
an SSL certificate and open the SSL certificate to the next proxy rather than to the Griffon service

4
00:00:15,330 --> 00:00:15,780
itself.

5
00:00:15,840 --> 00:00:24,840
Also, using a proxy is a common approach to changing the port number of a service running on the internet

6
00:00:24,870 --> 00:00:29,800
in a more generic way, rather than modifying Griffon settings explicitly.

7
00:00:29,820 --> 00:00:33,930
It's a concept that you can use for many other services that you might be hosting on a service.

8
00:00:34,170 --> 00:00:39,720
So anyway, the purpose of this next section is to remove the need of typing in the code and 3000.

9
00:00:39,720 --> 00:00:46,410
So rather than typing that address, which works now that sitake or font become a dot net code 3000,

10
00:00:46,440 --> 00:00:48,510
I would just be able to type in that address.

11
00:00:48,520 --> 00:00:51,000
Hey, Shitbag follows the code on it without the column.

12
00:00:51,040 --> 00:00:53,730
OK, so and for that ability, I'll use engineers.

13
00:00:53,880 --> 00:00:56,190
OK, so switch onto your server.

14
00:00:56,310 --> 00:01:02,490
OK, so I log on to my cabana server that I got from Digital Ocean, and I can first test to see if

15
00:01:02,490 --> 00:01:03,530
Engine X is installed.

16
00:01:03,540 --> 00:01:07,320
It's very unlikely to be in Unix Hyphen V version.

17
00:01:07,470 --> 00:01:11,580
No, it's not there so we can install it so that I'll use that command name.

18
00:01:12,000 --> 00:01:14,370
Just a generic install command for engine.

19
00:01:15,390 --> 00:01:15,930
Yes.

20
00:01:17,120 --> 00:01:17,580
Very good.

21
00:01:17,600 --> 00:01:22,820
Now I can test the version again, if I just press on the up arrow on my keyboard, it shows me the

22
00:01:22,820 --> 00:01:24,300
last commands that I've just typed.

23
00:01:24,320 --> 00:01:26,900
So any next half of the version 1.1?

24
00:01:27,100 --> 00:01:27,470
Excellent.

25
00:01:27,560 --> 00:01:30,450
We can continue so we can check the status.

26
00:01:30,470 --> 00:01:34,820
It should already be running by sudo service engineer status.

27
00:01:35,000 --> 00:01:37,580
And next is actually running a patrol seat to get out of that.

28
00:01:37,650 --> 00:01:44,840
OK, now Engine X by default, is hosting a very simple website on Poor 80, not port three thousand

29
00:01:44,840 --> 00:01:45,900
like Agraféna service.

30
00:01:45,920 --> 00:01:53,170
So if I just type that IP address by itself into my browser and I don't have to put in column port I.D.

31
00:01:53,180 --> 00:01:55,320
like that, it's just default behind the scenes.

32
00:01:55,340 --> 00:01:56,540
Just put the IP address in.

33
00:01:56,540 --> 00:01:58,310
It will show me the default engine next.

34
00:01:58,310 --> 00:01:58,970
Welcome page.

35
00:01:59,060 --> 00:02:05,510
Now, if you're using us as your GCP or any other similar service, you might have to set up a firewall

36
00:02:05,510 --> 00:02:05,780
rule.

37
00:02:05,780 --> 00:02:07,280
So neither of us, I had to.

38
00:02:07,290 --> 00:02:09,320
I put 3000 in the security group.

39
00:02:09,320 --> 00:02:15,230
You have to open up a port in your security group in the equivalent user interface section of your cloud

40
00:02:15,230 --> 00:02:15,670
provider.

41
00:02:15,680 --> 00:02:20,480
But in digitalization and that's not poor, it is accessible by default as long as there's something

42
00:02:20,480 --> 00:02:23,840
on your server exposing Port I.D. and that is Engine X.

43
00:02:23,840 --> 00:02:25,800
Right now it's listening on Port 80.

44
00:02:25,820 --> 00:02:31,490
And if I visit the IP address directly, regardless, if I put in 80 or not, it's going to serve me

45
00:02:31,490 --> 00:02:32,630
just a simple web page.

46
00:02:32,690 --> 00:02:39,470
OK, so now to create a specific configuration for graphic violence, so we can also visit our California

47
00:02:39,470 --> 00:02:42,410
service through Port 80 using HDTV.

48
00:02:42,440 --> 00:02:46,610
OK, so see to the Engine X Sites Enable Folder.

49
00:02:46,620 --> 00:02:48,380
So usually that is ETSI engine.

50
00:02:48,620 --> 00:02:49,280
So it's enabled.

51
00:02:49,280 --> 00:02:52,940
So just copy that whole line, right click CD, ETSI and next.

52
00:02:52,940 --> 00:02:57,380
So it's enabled if I type less, it shows me this one fall in their code default.

53
00:02:57,380 --> 00:03:05,600
That default is instructions that tells Engine X to serve this basic content when someone visits provided

54
00:03:05,600 --> 00:03:06,320
that IP address.

55
00:03:06,440 --> 00:03:11,780
OK, so we're going to add another configuration that will listen for the domain name that we typed

56
00:03:11,780 --> 00:03:11,960
in.

57
00:03:11,960 --> 00:03:16,610
So we'll create New Fault Sudo Nano, whatever your domain name, dconf is.

58
00:03:16,730 --> 00:03:19,050
OK, so before that, I'm just going to clear the screen.

59
00:03:19,070 --> 00:03:22,090
OK, so sudo nano your domain name dconf.

60
00:03:22,100 --> 00:03:26,360
So my domain name is Bafana or ISP code.

61
00:03:26,480 --> 00:03:27,950
Dot net dot com.

62
00:03:28,040 --> 00:03:29,660
You can actually name it anything you like.

63
00:03:29,690 --> 00:03:34,970
I'm just naming it the same as my domain name, so this will create a new file name to that in the site.

64
00:03:34,990 --> 00:03:39,040
Snapped Photo and Nano is a text editor for Linux.

65
00:03:39,060 --> 00:03:40,070
It's quite easy to use.

66
00:03:40,220 --> 00:03:40,890
So enter.

67
00:03:40,910 --> 00:03:45,140
OK, so the text editors opened up so we can now write the contents of this new file.

68
00:03:45,170 --> 00:03:45,500
OK.

69
00:03:45,650 --> 00:03:48,620
So going further down, just copy this section here.

70
00:03:48,680 --> 00:03:51,800
Can use that icon if you like, copied the clipboard now.

71
00:03:51,830 --> 00:03:55,610
Right click and it will paste the contents into the text later today.

72
00:03:55,610 --> 00:04:02,300
So up here for server name change that to follow the recipe code.

73
00:04:02,480 --> 00:04:05,530
Dot net and make sure they've got semicolon at the end.

74
00:04:05,750 --> 00:04:09,050
That will cause the next proxy, which is essentially like a web server.

75
00:04:09,260 --> 00:04:10,950
So to listen on Port 80.

76
00:04:10,960 --> 00:04:17,990
But if the domain name typed in was Crafar s code dot net, it will redirect the TCP connection onto

77
00:04:17,990 --> 00:04:20,690
hasty FTP local host call and 3000.

78
00:04:20,700 --> 00:04:23,450
And that's where Agraféna service is listening to a proxy pass.

79
00:04:23,900 --> 00:04:26,380
So Control X is the option down there.

80
00:04:26,390 --> 00:04:29,630
Control X to save and select, Y to save.

81
00:04:29,660 --> 00:04:30,080
Yes.

82
00:04:30,690 --> 00:04:35,660
OK, so if what type list now, which means list the contents of the folder, it shows this to file's

83
00:04:35,660 --> 00:04:38,780
default and another one Cauca finite Echo Dot net dakonam.

84
00:04:38,870 --> 00:04:45,650
OK, so let's just verify that the configuration is correct and you can do that and x hyphen t test.

85
00:04:45,830 --> 00:04:49,000
OK, so syntax is OK and the artistic successful.

86
00:04:49,010 --> 00:04:52,160
So the syntax of microfinance Beko dot net took off was OK.

87
00:04:52,190 --> 00:04:56,690
So this restart Engine X restart and this check its status.

88
00:04:57,290 --> 00:04:57,770
Very good.

89
00:04:57,770 --> 00:04:59,930
Active running control C to get out of that.

90
00:04:59,960 --> 00:05:05,990
Now, if I open my browser and visit, just that address doesn't matter if I put the housekeeper or

91
00:05:05,990 --> 00:05:06,230
not.

92
00:05:06,290 --> 00:05:12,140
I'll just put that in Gryffindor ESP Code Dot Net, just like that takes me straight to the microphone

93
00:05:12,350 --> 00:05:17,120
application to the microphone and speak code on it is no longer necessary to put in the call and three

94
00:05:17,120 --> 00:05:17,570
thousand.

95
00:05:17,600 --> 00:05:20,180
Just remember, though, this is using default.

96
00:05:20,180 --> 00:05:21,380
Poor it now.

97
00:05:21,380 --> 00:05:26,660
And since I'm using a cloud provider which doesn't force a firewall in front of your service like I

98
00:05:26,930 --> 00:05:30,380
was and several others for it is already accessible now.

99
00:05:30,410 --> 00:05:37,040
If you are using IWC, you'd have to add it to your security group and just so you know, Port 3000

100
00:05:37,160 --> 00:05:38,540
does continue to work.

101
00:05:38,600 --> 00:05:43,460
If you wanted to use that, but it's no longer necessary, signal actually remove that additional rule

102
00:05:43,460 --> 00:05:46,100
from your security group and IWC if you wanted to.

103
00:05:46,130 --> 00:05:46,910
It's not necessary.

104
00:05:46,910 --> 00:05:52,160
But later on, I will create an IP table for all to block Port 3000, but that's in the next video.

105
00:05:52,220 --> 00:05:52,550
Excellent.

106
00:05:52,550 --> 00:05:54,310
So that's what we did in this video.

107
00:05:54,320 --> 00:05:56,210
Remove the need to type and call in three thousand.

108
00:05:56,210 --> 00:05:59,370
So already that's looking much better, but it's still not perfect.

109
00:05:59,780 --> 00:06:02,030
If I look at that, it says not secure.

110
00:06:02,060 --> 00:06:07,760
So in the next video will add an SSL certificate and bind it at the end of next proxy, and we'll be

111
00:06:07,760 --> 00:06:10,370
able to use HTTPS instead of 8TB.

112
00:06:10,700 --> 00:06:11,110
Excellent.