November 2022 - Nuvolar

Team Event: Our very special “Weekend Out”! 🌟

Posted on November 30, 2022 by dev_nuvolar

Celebrating our milestones together, as a family, is something we love to do at Nuvolar! As a remote and global team that is constantly growing, we’re always taking steps to foster connections among our team members. One of these actions is our annual team meeting: Every year, we get together in the unique natural surroundings of the “Costa Brava” to stay connected, boost our team spirit and have plenty of fun!

This year, our annual team event was particularly special…

With members coming from different cities and countries, the Nuvofamily could finally gather together for 2 amazing days, with many of us meeting in person for the first time!

We got together. We connected. We collaborated. And of course, we had a lot of fun! That’s exactly what Nuvolar’s internal meetings are all about.

Amazing sport-games to build confidence & team spirit

The Nuvofamily also hit the beach to take part in exciting team building activities!

Through various wacky, fun activities and games we bonded as a team, improving certain skills to help work better together all whilst having fun!

Here’s some of the activities we took part in:

Egg throwing competition – The name says it all!
Haka dance – A Māori bold dance to feel strong as a team!
Tug’o’war – Who could pull the rope the hardest!

The whole session was conducted by an incredible team of professionals:

Thanks to Oh-Fit Barcelona, true magicians at organizing amazing team-building activities, this event became even more special.

It’s exercises like these that help us become even better at what we do! At Nuvolar, we really believe in our people and in building a strong team ready to take on any challenge thrown our way.

After spending a great weekend together, it was super enriching to see the great experience that everyone had with such positive comments on Slack:

It was a really really nice experience (day and night), looking forward to the next one!

– Gerard, Software Engineer –

It was great! Thanks for letting newbies like me to join this too, It was super cool!

– Natalia, FE Developer Intern –

Truly a great weekend! It was nice to meet everyone in person and I believe we all had so much fun! Thanks to all the organisers and the people who made the effort to come!

– Andrea, Salesforce Consulting Manager –

Definitely, an amazing weekend out and amazing organization!

– Oriol, Engineering Manager –

Fostering connections: part of our culture at Nuvolar

We strongly believe that encouraging connections, bonding between our people and organising all kinds of events for us to spend some time together is the best way to create a united and productive team.

And when working remotely, fostering connections between all team members becomes even more crucial.

The socialising part is very important for us. The Nuvolar team has been growing so much the past years and we find it crucial to maintain this bonding within the different team members.

– Marc Vivas, Nuvolar CEO –

Seeing people face to face, getting together, working on team building activities and having fun together, is essentially all it is! These kind of events help us to build team spirit and reinforce our amazing culture and our company values, and that is priceless!

– Marc-Anthony Padula, Nuvolar Consulting CEO –

In short, a big thank you to all the members of this great team for making this event so special… 💫

Looking forward to spending more time together!

Installing a NGINX proxy: Quick guide to get it running on a EC2 machine + SSL Certificate

Posted on November 17, 2022 by dev_nuvolar

A reverse proxy is an application that sits in front of back-end applications and forwards client (e.g. browser) requests to those applications. Reverse proxies help increase scalability, performance, resilience, and security. On the other hand, an SSL certificate displays important information for verifying the owner of a website and encrypting web traffic with SSL/TLS, including the public key, the issuer of the certificate, and the associated subdomains. In this article we will explain how to install an NGINX proxy on a Ubuntu Machine (an EC2 AWS in this case) and how to create an SSL certificate with auto-renewal.

Written by:


			Àlex López, DevOps Engineer at Nuvolar

Here are all the steps you need to follow to successfully install a NGINX reverse proxy server and get it running on a EC2 machine with its correspondent SSL Certificate:

1. Create the EC2 Instance:

For this example, an EC2 machine from AWS with an Ubuntu image will be used. The rest of the steps are valid for any other Ubuntu machine.
How to create the machine:

Log in to your AWS Console, in a region of your selection
Use the Launch instance wizard to create an instance with these values
- Ubuntu Server 22.04 LTS (HVM), SSD Volume Type AMI
- t2.micro instance type
- Select an existing key pair or create a new one. We will need to SSH to the machine later!
- Create a new security group allowing HTTPS from anywhere and HTTP and SSH traffic only from your IP
- Add 8GiB in a gp2 volume
Launch the instance and check you can SSH to it using your key from your local terminal. It will be something like:

If you get a ‘Permissions are too open’ error while connecting to the machine you will need to change the permissions of your key pair using:

2. DNS configuration:

Once your EC2 instance is created or you have your Ubuntu machine accessible from the internet, you need to create an A record in the DNS registry of your domain registrar. Some common domain registrars are GoDaddy, AWS, Bluehost, or Hostinger.

In this example, we will use the https://foo.example.com domain name and we will map it to the Public IP given by the EC2 console.

3. Ask for an SSL Certificate with certbot:

An SSL certificate is a bit of code on your web server that provides security for online communications. When a web browser contacts your secured website, the SSL certificate enables an encrypted connection. It’s kind of like sealing a letter in an envelope before sending it through the mail.

To be able to add an SSL certificate to our webserver, we will need to request one from a certificate authority, in this case, Let’s Encrypt. Let’s Encrypt is a free, automated, and open certificate authority (CA), run for the public’s benefit. It is a service provided by the Internet Security Research Group (ISRG).

We will use certbot to manage the SSL certificates communicating with Let’s Encrypt.

a. Install certbot:

Certbot is a free, open-source software tool for automatically using Let’s Encrypt certificates on manually-administrated websites to enable HTTPS. Install it using:

b. Install Acme-dns-certbot-joohoi script:

Download the acme-dns-certbot-joohoi python script which allows using DNS Challenge instead of HTTP one. This way, we don’t need to open port 80 to the world.

Modify the interpreter path in the shebang in the script to your python3 path. Check the path with:

Ask for a certificate:

You will be prompted to add a CNAME in your DNS domain registrar. The prompt will be similar to the example below. Go ahead with the wizard:

Once the CNAME has been added, you have to wait for it to be propagated. You can check it with a simple ‘dig’ command. Once propagated press Enter.

Once done, you will have the path of your certificate and your key. Take note of these paths, we will need them later to be added to the server blocks in the NGINX configuration.

4. How to install a NGINX proxy and create a Server Block:

To be able to add HTTPS with an SSL certificate, we need to use a reverse proxy, we will use NGINX.

a. Install NGINX:

NGINX is a web server that can also be used as a reverse proxy, load balancer, mail proxy, and HTTP cache. This command will install NGINX and enable it as a service in the system.

b. Create a Hello world HTML file:

To test our environment we will add a Hello world HTML file which will say Hello if all is working:

Edit the file /var/www/foo.exmaple.com/html/index.html and add the following content:

c. Create a server block

Create a Server Block, aka Virtual Host, in NGINX. “VirtualHost” is an Apache term. NGINX does not have Virtual hosts, it has “Server Blocks” that use the server_name and listen to directives to bind to TCP sockets.

Create a Server Block in /etc/nginx/sites-available/sonar.nuvolar.eu with this data. Check the comments in the code to understand how it works.

d. Enable the Server Block in NGINX

To have it all working, we need to activate the server blocks. This is done by adding a Symlink in the /etc/nginx/sites-enabled folder to the sites-available folder where we defined the server blocks. Then reload the NGINX configuration.

Now you will be able to access via HTTPS and HTTP your Hello World page at https://foo.example.com. Please note that you will be redirected to the HTTPS version of the page.

5. Auto Renew SSL certificates with certbot

The SSL certificates expire every 3 months and they must be renewed. It is very simple, you can do that with:

But we don’t want to access the machine every 3 months to do that, so we can schedule a cron task to do it for us:

Add this line to the file prompted:

This will trigger the renewal process on day 1 of every month, if the certificate is near its renewal date, it will be renewed and it will be ignored otherwise.

If you want to check, just in case, the renewal log is in /var/log/letsencrypt/letsencrypt.log . Enter day 1 of the month and see the result. You can also check the expiration date of a certificate with this command:

Month: November 2022