Install Nginx Proxy
Video Lecture
Description
I also want to point a domain name and an SSL certificate to the game server. We can add settings inside our server.js which is being run by NodeJS to manage this, but it is very common to use a proxy instead for this purpose. We can use Nginx. Nginx will be able to manage proxying for all your domain names and SSL certificates for this server, in case you ever want to have several websites running on it.
Check if Nginx is installed
nginx -v
No, then install it with
sudo apt install nginx
Now check its version
nginx -v
Now check it's status
sudo service nginx status
Visit http://[your ip address]
Delete the file /etc/nginx/sites-enabled/default
rm /etc/nginx/sites-enabled/default
Create a new file called /etc/nginx/sites-enabled/ballgame.your-domain.tld.conf
Add this script
server {
listen 80;
listen [::]:80;
location / {
proxy_pass http://127.0.0.1:3000/;
}
}
Test it by visiting again http://[your ip address]
Note that since this project I am setting up, includes Socket.IO, there will be errors in the console about how it is polling, and not creating a proper socket. This addition below is only applicable if you see this error in the developer tools, and are also serving SocketIO from your NodeJS server as I am.
server {
listen 80;
listen [::]:80;
location /socket.io/ {
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_pass "http://localhost:3000/socket.io/";
}
location / {
proxy_pass http://127.0.0.1:3000/;
}
}
Test nginx configuration is ok,
nginx -t
restart
sudo service nginx restart
And visit again http://[your ip address]
It should be perfect without any errors.
As an extra measure, to ensure that the game can only be played via the Nginx proxy, we can also block access to port 3000 from the internet but not locally on the server.
iptables -A INPUT -p tcp -s localhost --dport 3000 -j ACCEPT
iptables -A INPUT -p tcp --dport 3000 -j DROP
iptables -L