How do I expose the web dev module to the internet safely?

For some backgorund information I have a 3rd party service called LINE that can send webhooks to other services (Ignition for example).

Previously, I have had hardware on our internal network sending POSTs to the internal Ignition web server (using the web dev module).

Now I want to take this process a step further and create a URL I can give to the 3rd party service LINE which will then send webhooks to the Ignition web dev server.

My root problem is how do I create that URL that LINE can talk to? How do I ensure this process is safe from bad actors?

1 Like

Generally, you would put a reverse proxy on the internet (apache, nginx, whatever) configured to pass through just the desired webdev URLs to your Ignition server. Such a reverse proxy could also shorten them.


So, with the NGINX setup, we can, for example, set up the ignition backend project in multiple clouds, as redundant servers? If one server is down, the other severs can take over the communication, or with multiple server running, the comms can be distributed among different servers?

I know node.js backend works well with NGINX about the multi server setup, but with ignition gateway already setup with redundancy configuration internally, will it still work?

I would expect you to need two separate, publicly reachable names to use redundancy in public. A single nginx server could host multiple distinct host names, but that would be a single point of failure. I'm not at all aware of how to or even if nginx does load balancing. I think of HAproxy for that.

good point. the load balancer brings in a single point of failure.

Found the following link, mirror up the load balancer.
How to avoid a single point of failure.

1 Like

this is from Nginx