Domain + SSL + NGINX vs. IP + NGINX
#1
Hi there...

If I want to run gekko in the cloud, is it mandatory or more secure over domain + ssl + nginx instead of simply using the ip from the server with nginx + password?


Thanks,
axelmatic
  Reply
#2
The risk of someone having access to your gekko:

- they can see your bots
- they can start/stop bots
- they can run many backtests that will basically DOS your server

If you use IP and password without SSL you can't use any public wifi since everyone can sniff the password in plain text. That is any wifi (even with a password) where you don't control all devices on it (cafe, restaurant, friends place, etc). Even if you are on your own wifi the password is going in plain text over the internet so anyone in the network (your isp, your vpn, etc) can sniff the password and access the gekko.

Another solution instead of nginx (with password) would be SSH tunneling, I think there are some guides for how to do this with Gekko if you search around!
  Reply
#3
(11-01-2018, 07:25 AM)askmike Wrote: The risk of someone having access to your gekko:

- they can see your bots
- they can start/stop bots
- they can run many backtests that will basically DOS your server

If you use IP and password without SSL you can't use any public wifi since everyone can sniff the password in plain text. That is any wifi (even with a password) where you don't control all devices on it (cafe, restaurant, friends place, etc). Even if you are on your own wifi the password is going in plain text over the internet so anyone in the network (your isp, your vpn, etc) can sniff the password and access the gekko.

Another solution instead of nginx (with password) would be SSH tunneling, I think there are some guides for how to do this with Gekko if you search around!

Big thanks...

I managed to run a gekko bot on my DigitalOcean server incl. SSL / Nginx.

Unfortunately, I have a few more questions, because I am relatively fresh immersed in the server world.

Everything runs on a Linux Ubuntu 18.04 server at DigitalOcean.

There is a root access and 2 more users. User_A and User_B.

On User_A the SSL access runs with
https://mydomain.com/ and the Nginx base auth. Everything works great.

I would like to let several different bots run.

I imagined it something like this:

The Bot of User_A can be reached at
https://user-a.mydomain.com/ or https://mydomain.com/user-a

The Bot of User_B can be reached at
https://user-b.mydomain.com/ or https://mydomain.com/user-b

And so on. Of course every user should have his own Ngnix login.

What needs to be done for this? I am very grateful for every tip.
  Reply
#4
push ^^
  Reply
#5
If you don't want to start hacking Gekko's server code (the UI) the easiest way would be to run multiple Gekko instances. Configure them to run on different ports and create multiple nginx sites to run all of them (have basic auth per user or something). I would also recommend using a single database like postgres all the gekko servers can share.

Keep in mind there are still potential issues: if user_A and user_B run a live bot on the same exchange your server's IP might get banned since both Gekkos will do a lot more requests.

---

I am actually building a cloud service right now, it comes with the things you described as well as a new UI and such. Check it here: https://gekkoplus.com.
  Reply
#6
(11-08-2018, 08:05 AM)askmike Wrote: If you don't want to start hacking Gekko's server code (the UI) the easiest way would be to run multiple Gekko instances. Configure them to run on different ports and create multiple nginx sites to run all of them (have basic auth per user or something). I would also recommend using a single database like postgres all the gekko servers can share.

Keep in mind there are still potential issues: if user_A and user_B run a live bot on the same exchange your server's IP might get banned since both Gekkos will do a lot more requests.

---

I am actually building a cloud service right now, it comes with the things you described as well as a new UI and such. Check it here: https://gekkoplus.com.

Okay, thanks for this Information. It helps me a lot =). So first i will keep just one gekko running. Is there a date for the gekko-plus release?
  Reply
#7
Quote:Is there a date for the gekko-plus release?

No specific date for when the full platform goes live, but that won't be before the contest is finished, that will finish at half December. See details here: https://app.gekkoplus.com/contest
  Reply
#8
I have a question. Should the port on which gekko runs be kept behind a firewall or open to web?
  Reply


Forum Jump:


Users browsing this thread: