Configure PyGoat Application Using a Template
=============================================


**Application 2 - PyGoat**

In this section, let's configure NGINX with some additional parameters for the **PyGoat** application.  Since the steps are mostly the same as in the previous section, we will not include all of the screenshots. 

1. In the left navigation, click **Templates**.

2. At the right side of the **Basic Reverse Proxy** template there will be a `...` menu in the **Actions** column. Click that, then select **Preview and Generate**. This will present a series of input forms to collect information for the new NGINX HTTP proxy configuration deployment.

3. Select the **Publish to an instance** radio button.

4. In the instance dropdown menu, select **nginx.f5demos.com**. This is an NGINX Plus instance that is already managed by NIM.

   You will see a message stating the **Existing config will be replaced**.  This is expected in our lab since we just used the template to publish Juice Shop

   .. image:: ../images/nim-templates-replace.png
     :width: 881

5. Click **Next**.

6. In the **Choose Augments** view, click **Next**.

7. On the **HTTP Servers** view, click the **Add HTTP Servers** link. This will reveal a new form to collect server information.

8. Enter the following data in this section:

   .. list-table:: 
     :header-rows: 1

     * - **Item**
       - **Value**
     * - Server Label
       - pygoat
     * - Listen Port
       - 443
     * - Default Server
       - true

9. Under **Server name**, click **+ Add item**.

   .. image:: ../images/nim-templates-add-item.png
     :width: 800

10. Enter the following data:

    .. list-table:: 
      :header-rows: 1

      * - **Item**
        - **Value**
      * - Server name
        - pygoat.f5demos.com

    .. image:: ../images/nim-templates-servername.png
     :width: 800

11. In the **TLS Settings** section, enter the following data:

    .. list-table:: 
      :header-rows: 1

      * - **Item**
        - **Value**
      * - Enable TLS  
        - TRUE
      * - TLS Certificate Path   
        - /etc/ssl/certs/wildcard.f5demos.com.crt.pem
      * - TLS Keyfile Path
        - /etc/ssl/private/wildcard.f5demos.com.key.pem
      * - Redirect Port  
        - 80

    .. image:: ../images/nim-templates-tls.png
      :width: 800

12. In the **Server Locations** section, click the **Add Server Locations** link.

13. Enter the following data in this section:

    .. list-table:: 
      :header-rows: 1

      * - **Item**
        - **Value**
      * - Location Match Strategy
        - Prefix
      * - URI   
        - /
      * - Upstream Name
        - pygoat-upstream

    Note: Do not enter any information into the **Proxy Headers** portion of the template form.

    That was a lot of data entry! But what did we just do? Based on the data we entered into the **HTTP Servers** template, we intend to:

    - Create a new HTTP Server called **pygoat.f5demos.com**
    - This server should listen on port 443
    - Will be the default HTTP server
    - Will encrypt communications using TLS
    - Reference an existing certificate and key for TLS
    - Will redirect any HTTP traffic to HTTPS
    - Create a single location using the `/` path prefix
    - Requests made to this location will pass traffic to an upstream called **pygoat-upstream**
    - No Proxy Headers were configured

    But where is the upstream itself defined?

14. Click **Next**. You will be presented with a form to collect the details of the upstream server for the PyGoat application, which is hosted on the `workloads.f5demos.com` server.

15. In the **HTTP Upstreams** section, click the **Add HTTP Upstream Servers** link.

    .. image:: ../images/nim-templates-upstream.png
      :width: 890


16. Enter the following data in this section:

    .. list-table:: 
      :header-rows: 1

      * - **Item**
        - **Value**
      * - Upstream Name
        - pygoat-upstream
      * - Load balancing strategy   
        - Round Robin

17. In the **Servers** section, click **+Add item**.

18. Enter the following data in this section:

    .. list-table:: 
      :header-rows: 1

      * - **Item**
        - **Value**
      * - Host
        - workloads.f5demos.com
      * - Port 
        - 8000
      * - Down
        - False
      * - Backup
        - False

    Note: Do not enter any information into the **Zone** portion of the template form.

    What did we configure in the **HTTP Upstreams** portion of the template?

    - An upstream that is configured with a Round Robin load balancing strategy (unused now, but would be relevant if we had multiple upstream servers configured)
    - A single upstream server, located at `workloads.f5demos.com` on port `8000` was configured
    - This server was not set to **Down**
    - This server was not set as a **Backup** server
    - No Zones were configured

    > Note: the value `pygoat-upstream` was entered into both the **HTTP Servers** and **HTTP Upstreams** templates. Why? This unique identifier needed to match so the templating system could properly correlate these objects together even though they were configured on different pages of the template.

19. Click **Next**. This will show you a preview of the config generated from the templates.

20. Click the filename dropdown (currently displaying `/etc/nginx/nginx.conf`) at the top of the screen. Click `/etc/nginx.mime.types` file. As a convenience, this base template also creates this file for you, and will publish it to the instance in addition to the main `nginx.conf` file.

21. Click the **Publish** button. If successful, you should see a message indicating so.

    .. image:: ../images/nim-templates-pub-success.png
      :width: 360

22. Click the **Close and Exit** button.

23. Click **Template Submissions** in the left navigation.

    You should see that the **Basic Reverse Proxy** has been deployed to 1 instance:

    .. image:: ../images/nim-templates-submission.png

24. Click on the **Basic Reverse Proxy** row. Details of the template submission appear.

25. At the right side of the **nginx.f5demos.com** row, there will be a `...` menu in the **Actions** column. Click that, then select **Edit Submission**.

   .. image:: ../images/image-20.png

   If we wanted to make changes to the submission, we could simply edit the values here, and publish configuration as we did before.

**Test the Deployed Configuration**

1. Back in the FireFox **Lab Links** tab, click on the **PyGoat Web Application** link once again. The application should load now:

   .. image:: ../images/image-21.png