We’re close to having our production environment set up, but have a few last mile questions. We have a load balancer which handles SSL termination via lets encrypt. I’m wondering what the best way is to map the various ports required by Nakama. Right now I have https 443 mapped to http 7351 for the console and it’s working fine. Should the other connections required by made over https and what’s the recommended port mapping? Also, I can’t find any information on how to implement and use the console.signing_key. How is that supposed to be set up? Thanks again guys.
I’m wondering what the best way is to map the various ports required by Nakama. Right now I have https 443 mapped to http 7351 for the console and it’s working fine.
@oscargoldman You’ll have to configure your load balancer to route anything on /v2/console into the console port (7351) and the rest into the main API (7350). How you handle these specifics depends on what load balancer you use and how to configure it.
Should the other connections required by made over https and what’s the recommended port mapping?
Yes all connections should be over HTTPS.
Also, I can’t find any information on how to implement and use the console.signing_key. How is that supposed to be set up?
The console signing key should be set to whatever value you like that you keep private to the project. It’s used to sign the JWT for the console dashboard.
From a security standpoint, you might also consider IP whitelisting for the console.
1 Like