I have Virtual Dedicated Server based on Ubuntu 20.04.6 with IP address 193.23.xxx.xx. blizcore.fun resolves to this IP. On this server I installed pterodactyl panel. Pterodactyl have IP 172.18.0.0/16. I install basic python 3.10 egg on pterodactyl and create server to port 6668.
My target: create GET request to https://blizcore.fun/status. This request should be handled by the Flask server running within the Pterodactyl environment.
Code:
from flask import Flask, request
from flask_restful import Api, Resource, abort
from dotenv import load_dotenv
load_dotenv()
import os
key = os.getenv("AUTH_KEY")
app = Flask(__name__)
api = Api()
class BlizcoreApi(Resource):
def get(self):
headers = request.headers
auth = headers.get("Authorization")
if auth == key:
return {"code": 200, "message": "All working stable."}
else:
return abort(401, message="Unauthorized.")
api.add_resource(BlizcoreApi, "/status")
api.init_app(app)
if __name__ == "__main__":
app.run(host="193.23.220.14", port=6668, debug=True)
But i have error (console output of server on port 6668):
* Serving Flask app 'server'
* Debug mode: on
Cannot assign requested address
I tried connect flask to host 0.0.0.0 for listen on all interfaces and Im connected to pterodactyl IP (console output after these actions):
* Serving Flask app 'server'
* Debug mode: on
WARNING: This is a development server. Do not use it in a production deployment. Use a production WSGI server instead.
* Running on all addresses (0.0.0.0)
* Running on http://127.0.0.1:6668
* Running on http://172.18.0.6:6668
Press CTRL+C to quit
* Restarting with stat
* Debugger is active!
* Debugger PIN: 144-915-975
Rules on Firewall looks like that:
root@vm25-lendnodes:~# sudo ufw status
Status: active
To Action From
-- ------ ----
22 ALLOW Anywhere
80 ALLOW Anywhere
443 ALLOW Anywhere
...
6668 ALLOW 172.18.0.0/24
...
I think I need to make a router to connect the stream from 172.18.0.6:6668 to 193.23.xxx.xx:6668, but it just my theory.
I solved my problem, making this actions:
http://172.18.0.6:6668:server {
listen [::]:3001 ssl ipv6only=on;
listen 3001 ssl;
server_name blizcore.fun;
ssl_certificate /etc/letsencrypt/live/blizcore.fun/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/blizcore.fun/privkey.pem;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers HIGH:!SSLv3:!aNULL;
ssl_prefer_server_ciphers on;
location / {
proxy_pass http://172.18.0.6:6668;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
sudo ln -s /etc/nginx/sites-available/flask-app /etc/nginx/sites-enabled/
root@vm25-lendnodes:~# sudo ufw status
Status: active
To Action From
-- ------ ----
22 ALLOW Anywhere
80 ALLOW Anywhere
443 ALLOW Anywhere
...
3001 ALLOW Anywhere
22 (v6) ALLOW Anywhere (v6)
80 (v6) ALLOW Anywhere (v6)
443 (v6) ALLOW Anywhere (v6)
...
3001 (v6) ALLOW Anywhere (v6)
if __name__ == "__main__":
app.run(host="172.18.0.6", port=6668, debug=True)
And now, i can create GET request to https://blizcore.fun:3001/status and my Flask server response on this request looks like what i want:
root@vm25-lendnodes:~# curl https://blizcore.fun:3001/status
{"message": "Unauthorized."}
root@vm25-lendnodes:~# curl https://blizcore.fun:3001/status -H "Authorization: mUoh68Bu3WcwQ5dr4lbo" #if you reading this, please do not abuse it, just test this url for yourself, otherwise I will change the key.
{"code": 200, "message": "All working stable."}