• This site contains affiliate links. If you choose to make a purchase after clicking a link, Poker Chip Forum may receive a commission at no additional cost to you. Thank you for your support!

Online Home Poker (2 Viewers)

@BearMetal The link I have to install Poker Mavens has expired. I've email Kent to provide me with an updated link. Hopefully after I have the software installed, the posts you linked me to earlier will provide what I need to complete my setup. THANKS! for all you help!

Also, I figured out how to terminate my original instance.
 
BearMetal said:
How to setup an Elastic IP Address for AWS clusters running with Poker Mavens. Note: This will change your current IP address and DNS computer name. Once associated with the new elastic IP address, it should not change again.
  • Login to AWS and go to your EC2 dashboard section.
  • Click on Elastic IPs from the menu
  • Click on the "Allocate Elastic IP Address"
  • Click on "Allocate" to allocate from Amazon's own pool
  • Now you have a single, new IP address in the elastic IP address in your list. You're going to need to associate this with your running instance.
  • Click on your new IP address and then choose Actions -> Associate Elastic IP Address
  • A new screen that looks scary will come up asking you to fill in boxes. It's not scary - when you click on a box, it will auto-populate with your 1 running instance.
That's it! Your running instance will automatically have a new IP address and name given to it. From now on, your IP address and name should be stable.

View attachment 436325
View attachment 436326
View attachment 436327

View attachment 436328
View attachment 436329
Click to expand...
I'm up and running. Now moving on to this step, but dang, I already shared the IP address with all my members to get them to test it out.

So this step WILL change the IP address, but adding the SSL cert will not? I was thinking that it would be the SSL cert that would give me an actual web address as opposed to using the IP address.

And neither of these will impact the user accounts that are being set up, correct?
 
TX_Golf_N_Poker said:
I'm up and running. Now moving on to this step, but dang, I already shared the IP address with all my members to get them to test it out.

So this step WILL change the IP address, but adding the SSL cert will not? I was thinking that it would be the SSL cert that would give me an actual web address as opposed to using the IP address.

And neither of these will impact the user accounts that are being set up, correct?
Click to expand...
Nothing will impact the user accounts. Those are completely separate.

At the end of the day, and IP address is what all of our computers use to identify themselves. since humans don't understand numbers very well, we came up with DNS which is a way to assign a name to a number. For example google.com is assigned to 8.8.8.8.

SSL doesn't work with IP addresses. It only works with DNS names... Domain names. So, you register a domain name, you purchase an SSL certificate, and then you associate your domain with an IP address.

Once you create your elastic IP it's done. You no longer have to do anything more than give out your members the name of your new site, assuming that you associated the name of your new site with your IP address. You could also just give out your elastic IP address since it will never change.

But one thing you have to know is that an SSL certificate does not work with an IP address. It works the domain name only.
 
BearMetal said:
Nothing will impact the user accounts. Those are completely separate.

At the end of the day, and IP address is what all of our computers use to identify themselves. since humans don't understand numbers very well, we came up with DNS which is a way to assign a name to a number. For example google.com is assigned to 8.8.8.8.

SSL doesn't work with IP addresses. It only works with DNS names... Domain names. So, you register a domain name, you purchase an SSL certificate, and then you associate your domain with an IP address.

Once you create your elastic IP it's done. You no longer have to do anything more than give out your members the name of your new site, assuming that you associated the name of your new site with your IP address. You could also just give out your elastic IP address since it will never change.

But one thing you have to know is that an SSL certificate does not work with an IP address. It works the domain name only.
Click to expand...
Just to be sure I'm understanding - when you say domain name, do you mean something like xyzPokerClub.com? What I was referring to as a web address?
 
BearMetal said:
Reserved pricing is what you want; it offers substantial savings over on-demand pricing.

View attachment 647201


With that said, yes, EC2 is the only thing you care about. EC2 = virtual machine in the cloud. The basic flow is this:
Everything else here is optional:
Click to expand...
OK, sorry to keep asking this stuff, but I have an extreme fear of doing this wrong. Breaking out from your punch list above - a couple more clarification questions.

  • Create an "Elastic IP Address" and associate it with your EC2 instance. This prevents your IP address from changing - done.
  • Register a domain name so that you don't access your machine through an IP address and can purchase an SSL cert - I think I was combining this step with the SSL step. So for this, I go somewhere like GoDaddy and buy a domain name - correct?
  • Associate your new domain name with your static Elastic IP Address - I assume I do this back in AWS?
  • Purchase an SSL certificate so you can host https:// secured endpoints - Then purchasing the SSL cert is so that my domain and IP address is secure. So my web address is https instead of http. This gets me the little padlock icon in the browser line. Correct?
  • Configure PM to use those SSL certs - Assuming I find how to do this in the PM users guide? Or is it as simple as just changing the IP address to the domain name address in the System section of PM?
  • Change firewall options to allow for SSL communication - not sure what to do here?
 
A domain name can contain many different services such as web-address, while there can be several different domain names pointing to the same IP address.
Think of IP adr. as a street address. When you go to that street address, you find a mall. Inside the mall you find different stores (domain names), and within the store you find different services, like purchasing goods (e.g. web-address), and fax service (mail-server record).
Take pokerchipforum.com as an example. It has IP-addr. 107.155.68.202, but if you enter that ip address into the browser, you just end up at the mall, not the store. However, if you go to an address and there's just one store there, like 195.88.54.16, you won't have a problem finding the store.
Your server with your elastic IP is the latter.

Web address is basically the layman's term for domain name e.g. pokerchipforum.com.

I don't think that explanation helped any though. :/

Edit: The SSL cert. is for the store (domain name), not the mall street adr. (ip addr.).
 
Last edited:
Rakrul said:
A domain name can contain many different services such as web-address, while there can be several different domain names pointing to the same IP address.
Think of IP adr. as a street address. When you go to that street address, you find a mall. Inside the mall you find different stores (domain names), and within the store you find different services, like purchasing goods (e.g. web-address), and fax service (mail-server record).
Take pokerchipforum.com as an example. It has IP-addr. 107.155.68.202, but if you enter that ip address into the browser, you just end up at the mall, not the store. However, if you go to an address and there's just one store there, like 195.88.54.16, you won't have a problem finding the store.
Your server with your elastic IP is the latter.

Web address is basically the layman's term for domain name e.g. pokerchipforum.com.

I don't think that explanation helped any though. :/

Edit: The SSL cert. is for the store (domain name), not the mall street adr. (ip addr.).
Click to expand...
Yeah, I think I understand the basics of the "what it is." It's the "how to get it done" part that I'm struggling with.
 
TX_Golf_N_Poker said:
  • Register a domain name so that you don't access your machine through an IP address and can purchase an SSL cert - I think I was combining this step with the SSL step. So for this, I go somewhere like GoDaddy and buy a domain name - correct?
Click to expand...
Correct. Be sure to not buy any hosting services. I'm not familiar with GoDaddy but I think everyone offers it. You're hosting on AWS so no need to buy that.
TX_Golf_N_Poker said:
  • Associate your new domain name with your static Elastic IP Address - I assume I do this back in AWS?
Click to expand...
No, you do this on GoDaddy. Once you have bought a domain, you go to GoDaddy's control panel and it should say something like DNS there. It will most likely contain an IP already which is pointing to GoDaddy. Replace that IP with your elastic IP. Please note that it can take up to 24 hours from you do this, until you see it working.
TX_Golf_N_Poker said:
  • Purchase an SSL certificate so you can host https:// secured endpoints - Then purchasing the SSL cert is so that my domain and IP address is secure. So my web address is https instead of http. This gets me the little padlock icon in the browser line. Correct?
Click to expand...
Correct*.
*depends on what you mean by secure. It doesn't protect your AWS from being hacked in any way, it protects the traffic to and from AWS from being tampered with.
TX_Golf_N_Poker said:
  • Configure PM to use those SSL certs - Assuming I find how to do this in the PM users guide? Or is it as simple as just changing the IP address to the domain name address in the System section of PM?
Click to expand...
When you buy the certificate you get a private key that you store somewhere in the PM folder. I think there was a description in the FAQ section on PM's site.
TX_Golf_N_Poker said:
  • Change firewall options to allow for SSL communication - not sure what to do here?
Click to expand...
You've probably already allowed TCP port 80 in the AWS firewall and the Windows firewall I guess? It's the same steps but for port 443 so you have both 80 and 443 opened.
 
Rakrul said:
Correct. Be sure to not buy any hosting services. I'm not familiar with GoDaddy but I think everyone offers it. You're hosting on AWS so no need to buy that.

No, you do this on GoDaddy. Once you have bought a domain, you go to GoDaddy's control panel and it should say something like DNS there. It will most likely contain an IP already which is pointing to GoDaddy. Replace that IP with your elastic IP. Please note that it can take up to 24 hours from you do this, until you see it working.

Correct*.
*depends on what you mean by secure. It doesn't protect your AWS from being hacked in any way, it protects the traffic to and from AWS from being tampered with.

When you buy the certificate you get a private key that you store somewhere in the PM folder. I think there was a description in the FAQ section on PM's site.

You've probably already allowed TCP port 80 in the AWS firewall and the Windows firewall I guess? It's the same steps but for port 443 so you have both 80 and 443 opened.
Click to expand...
Thanks. I'm going with Domain.com A little more the first year but much lower renewal than GoDaddy.

Working through the rest of this. Thanks so much!
 
TX_Golf_N_Poker said:
Configure PM to use those SSL certs - Assuming I find how to do this in the PM users guide? Or is it as simple as just changing the IP address to the domain name address in the System section of PM?
Click to expand...
  • Once you get your certificate, you'll actually get "several" files. The certificate, the chain, a keystore. These are all just dropped into your AWS machine and Poker Mavens is told where they are.
  • You'll also need to drop OpenSSL on your AWS machine. OpenSSL is software that let's Poker Mavens open and read encrypted files (like your certificate). It can't be shipped with Poker Mavens for legal reasons, so you need download it from here: https://www.briggsoft.com/download/OpenSSL.zip. You download this file and put it in the Poker Mavens directory right next to the executable.
 
I'm ready to associate my domain with my AWS IP address. On domain.com it appears I do this with an "A" record.

1614925683242.png


When I access the page to edit / create an A record, all of these are already set up. Do I edit all of them to point to my AWS elastic IP address? Or just one or some of them?

1614925812317.png
 
After reading everything I could find in the domain.com help files, and googling as well, I finally just called them to find out which DNS record to edit. Hopefully this will be helpful to someone else who finds themself in this situation. The only A record that need to be edited is the first one - the one named "@" The reamining records continue to point to the Domain.com server.
 
Faded Spade has virtual poker room. You may play public or private tables.
 
Now Domain.com is hitting me up to upgrade my account.

Is any of this necessary for my site? Or even desirable?

1614970777657.png
 
LotsOfChips said:
Upsellers gonna upsell!

If it does what you want with the base package, ignore the sales pitch.
Click to expand...
Sorry. My question may not have been clear. I don't understand a lot of this as this is my first experience with domain names and web hosting.

What I'm asking is what if any benefit could come to me from the additional services they are offering?
 
The whois tells everyone who owns the domain. Unless you're paranoid, it doesn't matter / offer you anything.

You get an alert if something changes on the domain settings on wherever you bought the domain, i.e. someone hacks your login to the dns provider. Using 15+ character password is better. Edit: Using 2 factor login renders this pointless, unless you're a company where x number of people has access to change your dns settings.

It checks if there's malware on pokermavens or if your site is tagged as a scamming site. Pointless for your use.
 
Rakrul said:
The whois tells everyone who owns the domain. Unless you're paranoid, it doesn't matter / offer you anything.

You get an alert if something changes on the domain settings on wherever you bought the domain, i.e. someone hacks your login to the dns provider. Using 15+ character password is better. Edit: Using 2 factor login renders this pointless, unless you're a company where x number of people has access to change your dns settings.

It checks if there's malware on pokermavens or if your site is tagged as a scamming site. Pointless for your use.
Click to expand...
Perfect! Thanks so much. I'm starting the get this stuff figured out with all the help you guys are giving me. Now just waiting on Domain.com to complete the assignment of my IP address, then on the the SSL certification. Or do I need to wait?
 
When trying to purchase my SSL at Comodo, they are asking for my CSR. Where do I find that? From AWS? From Domain.com? Generate it at Comodo?
 
So apparently AWS doesn't have chat or phone support. My request submitted for a CSR has been sitting in "pending" status for hours. No way to ask if there is a problem on my end or not.

Domain.com, on the other hand, has EXCELLENT support, both phone and chat. I highly recommend them for anyone needing a domain name. I even found a coupon code for 25% off. Paid for 3 years up front - $22.50! Hard to beat that.
 
CSR=Customer Service Representative?
Are you up and running now?

I just upgraded to Pro last night and went with the free Let's Encrypt and certbot. If you're not computer savy, I wouldn't recommend it. So while I am running free certificate there is an issue with automatic renewal unique to me, as well as some other snags;
  • As I have a Linux web-server running in my home network, there's an issue with renewal. Certbot temporarily fires up an nginx server on port 80 to verify that I'm the owner and try to loop back to it. Since I already have port 80 forwarded to my linux web-server, this doesn't work as it never hits the newly started nginx server, so I have to renew manually every 3 months or so and to get it working I have to temporarily forward port 80 to my PM server instead of my Linux server.
  • There's a DNS-01 process that you can run but since this requires a manual update on the DNS server and certbot (windows client) doesn't automatically support this process, temporarily changing port forwarding is easier
  • The first time you run certbot and PM it works like a charm. After a reboot the PM server doesn't automatically restart since it can't access the certificate anymore. After the reboot my admin user no longer has read access to the fullchain.pem file. Checking further, fullchain.pem no longer has an owner. Setting owner to the user running PM solved this. You can probably just add the user running PM with read access and you should be fine.
If you're only running PM from home (or AWS for that matter) and don't have anything else on port 80, you should be fine after making sure the PM user can access fullchain.pem. Auto-renew should work like a charm then. Remember to forward port 80 if needed (I'm not familiar with AWS and don't know if they NAT or not), as well as opening both AWS firewall the windows firewall for TCP port 80.

You can see the step by step guide for Certbot that I used, here. Certbot is made for Let's Encrypt, not sure if it can be used for other providers.

I should mention that once you go over the period where Certbot automatically renews, without renewing, you get a warning mail from Let's Encrypt informing you that you're certificate is about to run out.
 
Rakrul said:
CSR=Customer Service Representative?
Are you up and running now?

I just upgraded to Pro last night and went with the free Let's Encrypt and certbot. If you're not computer savy, I wouldn't recommend it. So while I am running free certificate there is an issue with automatic renewal unique to me, as well as some other snags;
  • As I have a Linux web-server running in my home network, there's an issue with renewal. Certbot temporarily fires up an nginx server on port 80 to verify that I'm the owner and try to loop back to it. Since I already have port 80 forwarded to my linux web-server, this doesn't work as it never hits the newly started nginx server, so I have to renew manually every 3 months or so and to get it working I have to temporarily forward port 80 to my PM server instead of my Linux server.
  • There's a DNS-01 process that you can run but since this requires a manual update on the DNS server and certbot (windows client) doesn't automatically support this process, temporarily changing port forwarding is easier
  • The first time you run certbot and PM it works like a charm. After a reboot the PM server doesn't automatically restart since it can't access the certificate anymore. After the reboot my admin user no longer has read access to the fullchain.pem file. Checking further, fullchain.pem no longer has an owner. Setting owner to the user running PM solved this. You can probably just add the user running PM with read access and you should be fine.
If you're only running PM from home (or AWS for that matter) and don't have anything else on port 80, you should be fine after making sure the PM user can access fullchain.pem. Auto-renew should work like a charm then. Remember to forward port 80 if needed (I'm not familiar with AWS and don't know if they NAT or not), as well as opening both AWS firewall the windows firewall for TCP port 80.

You can see the step by step guide for Certbot that I used, here. Certbot is made for Let's Encrypt, not sure if it can be used for other providers.

I should mention that once you go over the period where Certbot automatically renews, without renewing, you get a warning mail from Let's Encrypt informing you that you're certificate is about to run out.
Click to expand...
OK, no I'm not "speak IT language" computer savvy. So most of what you just said is not comprehensible to me. :ROFL: :ROFLMAO: Sorry.

CSR = Certificate Signing Request. I'm going through Comodo for my SSL cert and that is one of the things they request in the order process. There is not much explanation as to exactly what it is or where I get it. I had asked that question above in post #1129, but no one replied. I did research and it appears this is something I need to get from AWS. I found an area within AWS called the Certificate manager, and submitted a request for the CSR. As part of that request, they provided me with some information that needed to be added to a DNS CNAME record on Domain.com. I spoke with a representative there, and he created the record for me. So I should be good to go, but AWS doesn't seem to be making an attempt to look at my domain since I made the change. And there doesn't seem to be any way to contact AWS to ask them to do so.

Here is a screen shot from Comodo:

1615053696759.png


Here is what is on the Certificates console at AWS:

1615053793579.png


And this is the CNAME record that AWS requested that I enter at my domain:

1615053929399.png


This record is input on this area of my DNS records at Domain.com:

1615054005734.png


Sorry for the long post and all the screen shots, but hopefully someone can look at all this and help me figure out if I've done something wrong or what I need to do next. The AWS help files say that after a certificate request has been in Pending state for 72 hours that it will cancel. Then I have to start all over again. At that point I will have lost 3 days and I don't know what I would do differently...

Thanks.
 
Yeah, I went down a completely different path but I believe you can just forget about the AWS part here and just generate your own CSR with the tool they linked to. After that you should get a private key and a certificate that you store anywhere on your server. Then in the PM server software you point to those files.
 
Rakrul said:
Yeah, I went down a completely different path but I believe you can just forget about the AWS part here and just generate your own CSR with the tool they linked to. After that you should get a private key and a certificate that you store anywhere on your server. Then in the PM server software you point to those files.
Click to expand...
Tried that. The tool is a dead link:

1615062103690.png


Plus, I wouldn't have a clue how to prepare it anyway...
 

Attachments

  • 1615062028230.png
    1615062028230.png
    14.5 KB · Views: 84
I don't know how many Mavens clients are running out there...not even sure how many PCFers are running a Mavens site, but it must be a decent number... I am not willing to give access to my site for a service/software to extract information and/or do any analysis, but I am interested in a few more features that I think should be a part of the software and unfortunately will take for EVER for Briggs/Kent to implement (if ever)... Is there any chance one of you guys knows of some software engineer who would want to spearhead a project to create a tool to extract some info from our databases for a flat fee? Maybe the Maven hosts on this site would be willing to contribute a few bucks towards the effort (I certainly would):
  • Individual player hand history...just extract it form the damn data base with the ability to send it to anyone requesting it (even if it's done manually)
  • A visual hand replayer..even the dumb Pokerrr 2 app had a replayer! :p
  • Site stats, including number of hands dealt (by month, YTD, all-time, etc.), stats on each player (how many hands played, how many days, etc.)
 
kk405 said:
I don't know how many Mavens clients are running out there...not even sure how many PCFers are running a Mavens site, but it must be a decent number... I am not willing to give access to my site for a service/software to extract information and/or do any analysis, but I am interested in a few more features that I think should be a part of the software and unfortunately will take for EVER for Briggs/Kent to implement (if ever)... Is there any chance one of you guys knows of some software engineer who would want to spearhead a project to create a tool to extract some info from our databases for a flat fee? Maybe the Maven hosts on this site would be willing to contribute a few bucks towards the effort (I certainly would):
  • Individual player hand history...just extract it form the damn data base with the ability to send it to anyone requesting it (even if it's done manually)
  • A visual hand replayer..even the dumb Pokerrr 2 app had a replayer! :p
  • Site stats, including number of hands dealt (by month, YTD, all-time, etc.), stats on each player (how many hands played, how many days, etc.)
Click to expand...
I could be wrong, but I think this sounds similar to what @BearMetal is working on. Go back to this post and start reading.
 

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account and join our community. It's easy!

Register

Log in

Already have an account? Log in here.

Similar threads

Munchies11
Biggest challenge Hosting a home poker game?
2 3
Replies
74
Views
3K
snowman7777
snowman7777
R
Looking for a home game to deal anywhere
Replies
5
Views
464
readytodeal
R
FlushMD
List of Home Games and Rules
Replies
5
Views
433
chippitydoodah
chippitydoodah
nbrun
Canadian (MB) Home Game Rake Discussion
Replies
4
Views
559
OfficerLovejoy
OfficerLovejoy
Deklan
Home Games in Portland, OR?
Replies
2
Views
439
Deklan
Deklan
Back
Top Bottom