[WLUG] Web wizardry....

Mark J. Bobak mark at bobak.net
Sun Jan 14 19:54:13 EST 2018 

Thanks to all who replied.

Special thanks to Derek, who pointed me to NGINX.  Worked great to set up a
reverse proxy, exactly what I need.  Only took me a few hours to get the
thing working, from ground zero to working proof of concept.

Thanks!

-Mark

On Sun, Jan 14, 2018, 14:10 Derek DeJonghe <mittendevelopment at gmail.com>
wrote:

> Hey there,
>
> I can help with this. What you're looking for is a Reverse Proxy (NGINX).
> However, before we dive into setting up a reverse proxy, it'd be wise to
> ask what the security policy is. Setting up a reverse proxy like you're
> asking is circumventing the internal only access you have set up with the
> VPN / Private IP stuff.
>
> Does the content need to be 100% protected? If so you should not provide
> PDFCrowd access and rather just do the conversion yourself internally.
> Here's a python library that does exactly what you're asking for:
> https://pypi.python.org/pypi/pdfkit
>
> If it's not sensitive data you could provide access / limited access
> through a reverse proxy. With NGINX you can provide secured URL's that
> allow access to data as long as they have a generated hash that you
> provide. You then need to look into the VPC setup to ensure you have
> "Public" subnets, subnets associated with a route table that has a default
> route to an Internet Gateway. Set up a box in one of those subnets, install
> something like NGINX (preferably NGINX) and configure.
>
> Happy to help further, could use a distraction from trying to relearn
> angularJS AWS Cognito stuff.
>
> Derek DeJonghe
> On Sun, Jan 14, 2018 at 1:44 PM, Mark J. Bobak <mark at bobak.net> wrote:
>
>> Ok, probably not wizardry....but, as Arthur C. Clarke said, "Any
>> sufficiently advanced technology is indistinguishable from magic."  ;-)
>>
>> Seriously though, I'm *really* not a web guy...at all!
>>
>> Here's what's going on:
>> We use an online service called PDFCrowd to convert HTML to PDF.  We make
>> a call to a webservice, pass a URL of the HTML to be converted, and it
>> returns PDF.
>>
>> The problem is, some of the servers that hold the HTML to be converted,
>> are now behind a firewall.  So, this is broken.
>>
>> Our environment is on AWS, so, for those of you familiar, we have a VPC
>> (Virtual Private Cloud), that has private and public subnets.  The problem
>> hosts are in private subnet, so, have only private IP.  Access is achieved
>> by being in the office, where we have an always-on VPN tunnel, or via
>> SSLVPN client and two-factor authentication.
>>
>> So, I'm thinking I need some type of proxy (maybe the wrong term) running
>> on host in public subnet, which can accept incoming connection from
>> PDFCrowd, and connect back to private host on private subnet to retrieve
>> the HTML and pass it back to PDFCrowd.
>>
>> So, I want host on public IP, call it pub, to act as intermediary,
>> connect to host on private IP, call it priv, and pull the HTML and return
>> it.
>>
>> Not sure where to begin.....is this a proxy?  Squid?  Something else?
>> Server-side script on pub?
>>
>> Any thoughts or advice to point me in the right direction, would be
>> appreciated.
>>
>> AdvThanksance.
>>
>> -Mark
>>
>> ______________________________________________________
>> washlug mailing list    washlug web site
>> washlug at washlug.org     www.washlug.org
>> http://linux.marcdatabase.com/mailman/listinfo/washlug
>>
>> ______________________________________________________
> washlug mailing list    washlug web site
> washlug at washlug.org     www.washlug.org
> http://linux.marcdatabase.com/mailman/listinfo/washlug
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://linux.marcdatabase.com/pipermail/washlug/attachments/20180115/2213b372/attachment.html>

More information about the washlug mailing list