- Installing on WindowsOS
- Installing on Linux
- Installing using Docker
- Deploying with a Reverse Proxy
- Deploying with HTTPS
- Configuring an Integration Security Token and Using DirectURL
- Logging on to the Administrator Portal
- Ports in Firewall
Wyn Enterprise: Deploying with HTTPS
You need to expose two web applications to internet when you publish Wyn Enterprise. These web applications are identity service and portal.
You must have your own domain name *.grapecitydev.com and its SSL certificates. The server's OS is Ubuntu 16.04 and its dns is gces-dev2.southeastasia.cloudapp.azure.com.
Publish Wyn Enterprise to Internet
- Install Wyn Enterprise.
Install Nginx with the following command.
sudo apt-get update sudo apt-get install nginx
Create the sub domain names for identity service and portal in the site that you purchase the domain name and map the sub domain names to your server's DNS. For example,
identity service → is.grapecitydev.com; document portal → docportal.grapecitydev.com.
- Put your SSL certificates on the server.
Change the identity service URL and portal URL in Wyn Enterprise configuration. The sample Wyn.conf is as follows.
# This is a YAML file. Format reference: (EN) https://en.wikipedia.org/wiki/YAML ; (ZH) https://zh.wikipedia.org/wiki/YAML . # You can specify the global setting in global_settings section. These settings will be applied to all services in the services section. Of course, you can override the item via specify the item in particular service section. # Available settings: # identity_server_url: Identity server URL. # enable_health_check: A value indicates if health check is enabled. The default value is true. # try_restart_count: A value indicates how many time the monitor restarts the service when the service crashes. # command: Define the command to run the service. global_settings: identity_server_url: 'http://localhost:51988' command: dotnet enable_health_check: true try_restart_count: -1 # log_level: Error # redirect_output_of_service: true # Service section includes all service definitions. # There are a set of common settings. These settings are available for each Service # Common settings: # urls: The service URLs. The value is a semicolon-separated list; # disabled: A value indicates if this service is disabled. The default value is false. # enable_health_check: A value indicates if health check is enabled. The default value is true. # try_restart_count: A value indicates how many times the monitor restarts the service when the service crashes. If you want to try until the service is started successfully, you can specify -1. # identity_server_url: Identity server URL. # command: Define the command to run the service. # arguments: Define the arguments that command starts the service with. # working_directory: The directory that the service is started in. You don't have to specify the working directory unless you change the directory that the service is installed. services: identity_server: urls: 'http://:51988' # The extra urls that are authorized. By default identity server adds all URLs that Wyn Enterprise runs. # If you want to setup the reverse proxy or use public IP address or DNS for the portal, you should add the portal's URL to allowed_urls. allowed_urls: # - "http://www.yourdomain.com:51980" # - "http://youserver.eastus.coluadapp.azure.com:51980" server: urls: 'http://:51981' # You don't have to sepcify this item unless you change the directory that data providers were installed. # data_provider_directory: DataProviders # storage: # engine: Postgres # Plugin's path can be an absolute path or a relative path to root of install directory plugins: - 'Plugins/Dashboard/dashboard/Gces.Dashboards.Plugin.dll' - 'Plugins/Reporting/Gces.Reporting.Plugin.dll' - 'Plugins/Dataset/dataset/Gces.Dataset.Plugin.dll' - 'Plugins/Dataset/account/Gces.Account.Plugin.dll' portal: urls: 'http://*:51980' # backend: # host: localhost # port: 51981 worker: urls: 'http://localhost:51982' environment: Development # display_name: 'reporting-worker' # backend: # server_url: 'http://localhost:51981'
Note : As the https uses port 443 by default, you need to add the inbound rule to allow 443 port to be accessed remotely.