Closet demo with the new PicoEngine

Im in the process of setting up the closet demo on the new Pico engine. I thought this would be a good place for questions and problem solving conversations.
My set up goals include.

1 - locally hosting Pico engine on a raspberry pi 2.
2 - exposing the the Pico engine to the web with ngrok.
3 - set up authentication to raspberry pi with nginx.
4 - create pico system structure with “subscriptions”.
5 - port closet demo rulesets to the raspberry pi Pico engine.
6 - install closet demo rulesets and configure.
7 - display closet demo in office.

I have successfully done 1 & 2.
I am now learning how to configure nginx.

This was helpful for installing nginx.

This was helpful for when I broke nginx.

to remove, “sudo apt-get purge nginx nginx-common nginx-full”, then you can reinstall.

What’s the difference between Ngrok and NGINX?

What are you doing with Ngrok?

Ngrok is a free service that will create a secure connection to one of their cloud severs providing you with a URL that directs all traffic to your desired port on localhost. For example, the current url Im using looks like, with all traffic directed to localhost:8080. They have a paid service where you can use your own domain, but I have no near plans for that.

NGINX is a powerful reverse proxy, Im attempting to use it to secure the raspberry pi network communication. Specifically, add login Authorization to the main devtools, while allowing event traffic on /sky/… urls.

The next step of security we have talked about is to set up fail2band, which would prevent a brute force attack of my login password. I have found this guide for the pi but am not sure if Im going to use fail2band this time around.

I was able to configure nginx with the help of guide and config.
I have successfully done part 3 of my goal.

My current ClosetDemo pico system.