Wrap pico engine in nginx
These are notes from a meeting at Picolabs with Scott Lemon and Derek Carter, on February 10, 2017.
Derek installed and configured nginx as follows
server { listen 8080 default_server; listen [::]:8080 default_server; server_name _; root /usr/share/nginx/html; # Load configuration files for the default server block. include /etc/nginx/default.d/*.conf; location / { proxy_pass http://127.0.0.1:8888; } error_page 404 /404.html; location = /40x.html { } error_page 500 502 503 504 /50x.html; location = /50x.html { } }
started nginx, and then started the pico-engine running on port 8888. He was able to access all the pico functionality at port 8080, giving confidence that the pico engine can run and be accessed correctly and completely through nginx.
His next step was to use nginx to allow free access to sky queries and events, but password-protect all of the UI. The change to the configuration for this was:
location /sky/ { proxy_pass http://127.0.0.1:8888/sky/; } location / { auth_basic "Restricted"; # htpasswd -c /etc/nginx/users.htpasswd username auth_basic_user_file /etc/nginx/users.htpasswd; proxy_pass http://127.0.0.1:8888/; }
Derek shared with us all of the configuration files on github
Steps to use nginx to control access to the pico engine include
1) install nginx
2) install httpd-tools
3) create password file
4) edit config
5) restart and enable nginx
6) start pico engine
Copyright Picolabs | Licensed under Creative Commons.