The procedure was tested on Rasberry Pi 2 platform with 2.0.1-rc25 installed.
For installing you need access to command line of your razberry and be familiar with some linux editor ( I used Midnight Commander).
Step 1- Setting up of nginx server
Install it with the next commands from command line
Code: Select all
sudo apt-get install nginx
Code: Select all
sudo /etc/init.d/nginx start
If you see the following screen then congratulations! you have your personal server running on razberry! In case of problems check the following link How to install nginx on Raspberry...
Step 2- Making nginx as reverse proxy for your Razberry
With your favorite editor edit the next file '/etc/nginx/sites-available/default'
Put the next lines in 'location /' section.
Code: Select all
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://localhost:8083/;
}
Code: Select all
sudo /etc/init.d/nginx restart
You should see the Welcome screen of your Raspberry Step 3- Provide access only for authenticated user
Install helper utility
Code: Select all
sudo apt-get install apache2-utils
Code: Select all
sudo htpasswd -c /etc/nginx/.htpasswd superuser
Add it in section 'location /' after proxy settings
Code: Select all
auth_basic "Restricted";
auth_basic_user_file /etc/nginx/.htpasswd;
Code: Select all
sudo /etc/init.d/nginx restart
But you still can access it on :8083 port, so lets block it.
Code: Select all
iptables -A INPUT -p tcp -s localhost --dport 8083 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -j DROP
***To revert changes to iptables run 'iptables -L --line-numbers' and check that there are 3 lines in INPUT section, then you can delete it with the next commands
Code: Select all
iptables -D INPUT 1
iptables -D INPUT 1
iptables -D INPUT 1
Adding SSL - Step 1
Create certificate for your razberry more info...
From command line enter
Code: Select all
sudo mkdir /etc/nginx/ssl
sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/nginx/ssl/nginx.key -out /etc/nginx/ssl/nginx.crt
Modify your nginx configuration file - '/etc/nginx/sites-available/default'
Add lines to 'server' section.
Code: Select all
listen 8085 ssl;
ssl_certificate /etc/nginx/ssl/nginx.crt;
ssl_certificate_key /etc/nginx/ssl/nginx.key;
Restart nginx.
Code: Select all
sudo /etc/init.d/nginx restart
And the last section
Example of settings to control razzberry remotely from javascript
The config file should look like that to allow cross origin requests
Code: Select all
location / {
add_header Access-Control-Allow-Origin http://localhost:8000;
add_header Access-Control-Allow-Methods GET,POST,OPTIONS;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://localhost:8083/;
proxy_hide_header Access-Control-Allow-Origin;
auth_basic "Restricted";
auth_basic_user_file /etc/nginx/.htpasswd;
}
Code: Select all
$.ajax({
type: 'GET',
url: 'https://superuser:password@192.168.10.98:8085/JS/Run/controller.devices.get("ZWayVDev_zway_2-1-48-1").get("metrics:level")',
xhrFields: {
withCredentials: true
},
data: {},
crossDomain: true
}).done(function(data) {
console.log("Data returned: " + data);
});