Search results

How to Configure Bold BI with a reverse proxy server in the DMZ environment on a Windows server.

Prerequisites

You need the following prerequisites to Configure Bold BI with a reverse proxy server in the DMZ environment to the Windows server.

  1. Windows server.

  2. Reverse proxy server (Nginx).

  3. React front-end machine.

Follow the given steps to configure the Bold BI with a reverse proxy server in the DMZ in the windows server.

  1. You need to Install the Bold BI in the windows server, and after finishing the Application Setup create a dashboard.
  1. Then need to Change the binding from localhost to IP address as shown below.

    Change Bindings

  2. Need to proxy pass the Boldbi server to the reverse proxy server. Here you are considering the Nginx as a reverse proxy server. Follow the given steps to proxy pass the Bold BI to the Nginx server.

    1. Install Nginx.

    2. Move to the Nginx install directory by running the following command.

      cd /etc/nginx
    3. Edit the Nginx default sites-available file using the command shown.

      sudo nano sites-available/default

      nginx-proxy-pass

    4. You can reload the Nginx using the given command.

      sudo nginx -s reload
    5. You can test the Nginx using the given command.

      sudo nginx -t
    6. Now, you can access the Bold BI using the reverse proxy IP inside the same network connection.

  3. Then, set the inbound rule for the reverse proxy IP in the Bold BI server machine by following the below steps.

    1. Go to Start > Run and type firewall.cpl. The Windows Firewall window opens.

    2. Click on the Advanced Settings link on the left pane. The Windows Firewall with an Advanced Security window opens.

    3. Click on the Inbound Rules option.

    4. On the left pane, click on New rule.

    5. Under Rule Type select the option custom and click next.

    6. Select All program in the next tap and click next.

    7. Select TCP and specific local ports options.

      FYI: Here you enter the port used by Bold BI in the server machine.

      specific-local-ports

    8. Click next and add the reverse proxy IP address in the remote as shown.

      FYI: Here you enter your reverse proxy IP.

      add-the-reverse-proxy-ip

    9. Click next and select the option Allow the connection.

    10. Click next, do not change any option here, and click Next again.

    11. Specify a name for this rule.

    12. Click Finish.

  1. You need to embed the dashboards. Follow the given steps to run the embedded application in the react front-end machine.

    1. You can download the embedded sample here.

    2. Open the solution file in visual studio and you need to set the following properties in the EmbedProperties.cs file as follows.

      set-embed-properties-vs

      RootUrl Reverse Proxy server URL with IP (ex: http://10.0.0.31/bi)
      SiteIdentifier For Bold BI Enterprise edition, it should be like site/site1. For Bold BI Cloud, it should be empty string.
      UserEmail UserEmail of the Admin in your Bold BI, which will be used to get the dashboards list.
      EmbedSecret You can get your EmbedSecret key from embed tab by enabling Enable embed authentication in Administration page as mentioned in next step.

      FYI: Here our reverse proxy IP is 10.0.0.31 and the site name is site1.

      set-embed-properties

    3. You can get your Embed Secret key from the administrator setting section.

    4. Now, your application is ready to run, before running the application need to change the applicationUrl with your machine IP with the port number in the lanchSetting.json file as shown.

      FYI: Here our machine IP is 10.0.0.11:8082.

      change-applicationurl

    5. Run the application you can see the output in your default web browser shown below.

      embed-application-output

      NOTE: If you are facing the below issue while running the application with your machine IP, please open the command prompt in administered mode and run the given commands.

      iis-express-error

      netsh http add urlacl url=http://{yourlocalhostIP:port}/ user=everyone
      
      netsh advfirewall firewall add rule name="IISExpressWeb" dir=in protocol=tcp localport={port} profile=private remoteip=localsubnet action=allow
  2. You need to set the inbound rule for the react front end machine IP in the reverse proxy server by following the steps.

    1. Run the following command with the react front end machine IP.

      sudo ufw allow from {react front end IP}
    2. You can list the inbound rules, using the command shown as follows.

      sudo ufw status numbered

      add-inbound-rule

      NOTE: Make sure the react front end machine IP only accesses the reverse proxy machine.

    3. Finally, you can expose react front-end server to the internet. In our case, we are exposing the private URL http://10.0.0.11:8082/ to Public URL http://182.72.161.150:58951/ as shown below.

      expose-server-to-internet