Connecting DHIS and Nginx

Dear All,
I had configure DHIS2 on ubuntu server 12.04 LTS and i had install
Ngnix because i didn't want my clients to using
http://1.1.1.1:8080/dhis on their browsers.
Please what is the necessary configuration i should do if i want to
map that IP to a name for example http or https (http://hmis.org).
Kindly note i am using apache-tomcat.
Please i need an urgent help.

···

--
Regards,

Gerald

Hi Gerald

There are three issues here. If you already know what i am on about then maybe it will be helpful to others if I explain anyway:

  1. you can’t just pick your own ip address unless its for use on an internal network where packets are not being exchanged with the public internet. So inside a LAN you might use private ips in the 192.168.x.x range or 10.x.x.x. For anything else you need to get them assigned by some party (typically an ISP) which controls a block of them. So for example Sierra Leone currently has just over 40000 public IP addresses assigned to it - controlled by various ISPs. Its not that many but a big improvement over pre-2012 I guess when there were only 8000 (http://www.nirsoft.net/countryip/sl.html). So you would typically have one or more public IP addresses which get routed to your MOHS router. Then its up to you to do something on your router like reverse NAT or some other means (port mapping?) to route packets for that ip address to and from the actual machine within the network where your nginx (or apache) is running.

  2. You also can’t just pick any old name. You need to either first register a domain with a registrar or assign a name to your machine from a domain which you already control. So for example the domain mohs.gov.sl should be under the control of the ministry of health of Sierra Leone (I know its not but it should be). Then you can just map names like hmis.mohs.gov.sl to addresses like 41.205.224.56 by creating records in the DNS server which is authoriatative for the mohs.gov.sl domain.

It could be your IT ministry is controlling gov.sl in which case they are the people who can give you control of mohs.gov.sl.

  1. Once your apache or nginx is reachable by its name then you can use it to act as a proxy for one or more dhis tomcat servers which are running behind it, either on the same machine or some other machine on your internal network. So if you have a tomcat running on your machine and listening on port 8080 then, for example, a line like the following in your nginx configuration:

location /hmis { proxy_pass http://localhost:8080/hmis; }

is going to forward requests for http://hmis.mohs.gov.sl/hmis

Bob

···

On 3 July 2014 16:41, gerald thomas gerald17006@gmail.com wrote:

Dear All,

I had configure DHIS2 on ubuntu server 12.04 LTS and i had install

Ngnix because i didn’t want my clients to using

http://1.1.1.1:8080/dhis on their browsers.

Please what is the necessary configuration i should do if i want to

map that IP to a name for example http or https (http://hmis.org).

Kindly note i am using apache-tomcat.

Please i need an urgent help.

Regards,

Gerald


Mailing list: https://launchpad.net/~dhis2-users

Post to : dhis2-users@lists.launchpad.net

Unsubscribe : https://launchpad.net/~dhis2-users

More help : https://help.launchpad.net/ListHelp

Dear Bob,
Clearly i am sure i understand what you are saying. Now this is the
scenario on the ground:
DPI ask the ICT to do a training server for them, which we had
completed and information about it had been sent to you.
Since they will be moving the server to a different location we want
the localhost to have a name so that way the clients using the server
only need that name rather than the IP address of the server.
I was reading and i found out that Nginx can do it. That is my question.
i want to replay the http://localhost:8080/dhis with maybe http://bob
for instance.
Thanks in advance

···

On 7/3/14, Bob Jolliffe <bobjolliffe@gmail.com> wrote:

Hi Gerald

There are three issues here. If you already know what i am on about then
maybe it will be helpful to others if I explain anyway:

1. you can't just pick your own ip address unless its for use on an
internal network where packets are not being exchanged with the public
internet. So inside a LAN you might use private ips in the 192.168.x.x
range or 10.x.x.x. For anything else you need to get them assigned by some
party (typically an ISP) which controls a block of them. So for example
Sierra Leone currently has just over 40000 public IP addresses assigned to
it - controlled by various ISPs. Its not that many but a big improvement
over pre-2012 I guess when there were only 8000 (
http://www.nirsoft.net/countryip/sl.html\). So you would typically have one
or more public IP addresses which get routed to your MOHS router. Then its
up to you to do something on your router like reverse NAT or some other
means (port mapping?) to route packets for that ip address to and from the
actual machine within the network where your nginx (or apache) is running.

2. You also can't just pick any old name. You need to either first
register a domain with a registrar or assign a name to your machine from a
domain which you already control. So for example the domain mohs.gov.sl
should be under the control of the ministry of health of Sierra Leone (I
know its not but it should be). Then you can just map names like
hmis.mohs.gov.sl to addresses like 41.205.224.56 by creating records in
the DNS server which is authoriatative for the mohs.gov.sl domain.

It could be your IT ministry is controlling gov.sl in which case they are
the people who can give you control of mohs.gov.sl.

3. Once your apache or nginx is reachable by its name then you can use it
to act as a proxy for one or more dhis tomcat servers which are running
behind it, either on the same machine or some other machine on your
internal network. So if you have a tomcat running on your machine and
listening on port 8080 then, for example, a line like the following in your
nginx configuration:

location /hmis { proxy_pass http://localhost:8080/hmis; }

is going to forward requests for http://hmis.mohs.gov.sl/hmis

Bob

On 3 July 2014 16:41, gerald thomas <gerald17006@gmail.com> wrote:

Dear All,
I had configure DHIS2 on ubuntu server 12.04 LTS and i had install
Ngnix because i didn't want my clients to using
http://1.1.1.1:8080/dhis on their browsers.
Please what is the necessary configuration i should do if i want to
map that IP to a name for example http or https (http://hmis.org).
Kindly note i am using apache-tomcat.
Please i need an urgent help.

--
Regards,

Gerald

_______________________________________________
Mailing list: DHIS 2 Users in Launchpad
Post to : dhis2-users@lists.launchpad.net
Unsubscribe : DHIS 2 Users in Launchpad
More help : ListHelp - Launchpad Help

--
Regards,

Gerald

Do you already own a domain name? If yes you should use the panel of your registrar and configure your DNS accordingly.

···

Le 3 juil. 2014 18:41, “gerald thomas” gerald17006@gmail.com a écrit :

Dear All,

I had configure DHIS2 on ubuntu server 12.04 LTS and i had install

Ngnix because i didn’t want my clients to using

http://1.1.1.1:8080/dhis on their browsers.

Please what is the necessary configuration i should do if i want to

map that IP to a name for example http or https (http://hmis.org).

Kindly note i am using apache-tomcat.

Please i need an urgent help.

Regards,

Gerald


Mailing list: https://launchpad.net/~dhis2-users

Post to : dhis2-users@lists.launchpad.net

Unsubscribe : https://launchpad.net/~dhis2-users

More help : https://help.launchpad.net/ListHelp

Hi Gerald

There is a limit to how much nginx can do.

For clients to be able to find the server using a fully qualified domain name is a network infrastructure issue unrelated to nginx.

As I see it there are 3 approaches which can work:

  1. if the clients (trainee laptops) are connected to the internet proper then you can make use of a cloud based instance which won’t change regardless of the location of the training. So for example you already can have https://sl.dhis2.org/training. The obvious downside of this is your training becomes dependent on the internet working always which is a big risk.

  2. If you are carrying around the training server with you and setting up a LAN for your trainees and the server then you pretty much control the infrastructure they will be connecting to. Presumably the server will have a private IP address (say 192.168.1.2) on this LAN. And the client machines will get IP addresses from a dhcp server which you setup on this LAN. What you would need to do is to also setup a DNS server, configure the dhcp so that clients will be directed to that dns server and create a host record in that dns server to resolve your chosen name to 192.168.1.2. You could set up this dns service on the very same ubuntu based training server. In which case all you would do is to configure the dhcp server (maybe in the wireless router or whatever it is you are using) to tell clients to use it.

That is a fairly complex setup, but is what would be required to do what you want to do.

  1. You can “simulate” the above by mapping the hostname to an ip address in each of the hosts files on the trainees computers. I think it is called LMHOSTS on windows. This is less hassle than 2 if there are few trainees.

As far as I figure those are your choices. If I was doing a lot of training with many trainees in many locations I would invest some time and effort into 2. If it was occasional and with very few then I might either do 3 or tell people to connect using the IP address eg. http://192.168.1.2/hmis.

Maybe Matthieu can tell us what they do with the academy training server. I’m guessing just use the IP address …

Regards

Bob

···

On 3 July 2014 18:21, gerald thomas gerald17006@gmail.com wrote:

Dear Bob,

Clearly i am sure i understand what you are saying. Now this is the

scenario on the ground:

DPI ask the ICT to do a training server for them, which we had

completed and information about it had been sent to you.

Since they will be moving the server to a different location we want

the localhost to have a name so that way the clients using the server

only need that name rather than the IP address of the server.

I was reading and i found out that Nginx can do it. That is my question.

i want to replay the http://localhost:8080/dhis with maybe http://bob

for instance.

Thanks in advance

On 7/3/14, Bob Jolliffe bobjolliffe@gmail.com wrote:

Hi Gerald

There are three issues here. If you already know what i am on about then

maybe it will be helpful to others if I explain anyway:

  1. you can’t just pick your own ip address unless its for use on an

internal network where packets are not being exchanged with the public

internet. So inside a LAN you might use private ips in the 192.168.x.x

range or 10.x.x.x. For anything else you need to get them assigned by some

party (typically an ISP) which controls a block of them. So for example

Sierra Leone currently has just over 40000 public IP addresses assigned to

it - controlled by various ISPs. Its not that many but a big improvement

over pre-2012 I guess when there were only 8000 (

http://www.nirsoft.net/countryip/sl.html). So you would typically have one

or more public IP addresses which get routed to your MOHS router. Then its

up to you to do something on your router like reverse NAT or some other

means (port mapping?) to route packets for that ip address to and from the

actual machine within the network where your nginx (or apache) is running.

  1. You also can’t just pick any old name. You need to either first

register a domain with a registrar or assign a name to your machine from a

domain which you already control. So for example the domain mohs.gov.sl

should be under the control of the ministry of health of Sierra Leone (I

know its not but it should be). Then you can just map names like

hmis.mohs.gov.sl to addresses like 41.205.224.56 by creating records in

the DNS server which is authoriatative for the mohs.gov.sl domain.

It could be your IT ministry is controlling gov.sl in which case they are

the people who can give you control of mohs.gov.sl.

  1. Once your apache or nginx is reachable by its name then you can use it

to act as a proxy for one or more dhis tomcat servers which are running

behind it, either on the same machine or some other machine on your

internal network. So if you have a tomcat running on your machine and

listening on port 8080 then, for example, a line like the following in your

nginx configuration:

location /hmis { proxy_pass http://localhost:8080/hmis; }

is going to forward requests for http://hmis.mohs.gov.sl/hmis

Bob

On 3 July 2014 16:41, gerald thomas gerald17006@gmail.com wrote:

Dear All,

I had configure DHIS2 on ubuntu server 12.04 LTS and i had install

Ngnix because i didn’t want my clients to using

http://1.1.1.1:8080/dhis on their browsers.

Please what is the necessary configuration i should do if i want to

map that IP to a name for example http or https (http://hmis.org).

Kindly note i am using apache-tomcat.

Please i need an urgent help.

Regards,

Gerald


Mailing list: https://launchpad.net/~dhis2-users

Post to : dhis2-users@lists.launchpad.net

Unsubscribe : https://launchpad.net/~dhis2-users

More help : https://help.launchpad.net/ListHelp

Regards,

Gerald