Spotter POST Delivery Endpoint

[andermi]

How could I find the source IP for a firewall inbound rule for accepting a POST delivery from the spotter?

[tcj]

Hi @andermi — if putting the sofarocean.com domain on an allow-list is an option, we would recommend that.

Otherwise, it is possible that you would need to open up all AWS IPs across many regions, per: https://docs.aws.amazon.com/vpc/latest/userguide/aws-ip-ranges.html — the possible regions that may need to be open include: eu-west-1 us-east-1 eu-west-1 eu-central-1 us-west-2 ap-southeast-2 ap-northeast-1 us-east-1

I am recording a feature request which could open up the possibility of our having one static outbound IP address for POST delivery.

[tcj]

I wonder if it might also be possible to set up a proxy/forwarding service outside of your firewall, which can accept the POST message, and then open your firewall for that proxy/forwarding service.

[andermi]

I was able to add sofarocean.com. Would the POST delivery have any issue with a self-signed cert? I noticed it seems to need https? Also, what is the format of the delivery endpoint?

[tcj]

Hi @andermi — there is an example data packet you can see on the documentation site.

[andermi]

Hi @tcj , I see the example packet, but my question is more along the lines of how do you enter the delivery endpoint in the GUI? Is the format something like ip:port or domain:port? Does the endpoint need to be https? and would the POST have issues with a self-signed ssl certificate? I am unable to get the POST working.

[tcj]

Hi @andermi — the entry into the field into the dashboard should be a URL. For example:

http://example.com/listener.php?apikey=mytoken123

I have confirmed with Engineering that http and https (with a CA-issued cert) should work, but https with self-signed certificates will not work.

If you have more questions, we may be able to handle them more effectively via email: support@sofarocean.com