Last active
September 22, 2018 06:13
-
-
Save efreed/0fc337ab8aabf5ca3df4b2959a83f783 to your computer and use it in GitHub Desktop.
AWS Web Server
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #Launch Amazon Linux T2 Micro or T2 Nano instance | |
| #- Defaults are mostly good, Except select http and admin security groups | |
| SSH: | |
| ssh -i key.pem [email protected] | |
| http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/install-LAMP.html | |
| Use this page to install MariaDB (the new name for MySQL) https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-lamp-amazon-linux-2.html | |
| sudo yum update -y | |
| # Add git | |
| sudo yum install -y git | |
| git config --global user.name "webserver" | |
| git config --global user.email "[email protected]" | |
| # Add apache AMI v2 | |
| # https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-lamp-amazon-linux-2.html | |
| sudo amazon-linux-extras install lamp-mariadb10.2-php7.2 php7.2 | |
| sudo yum install -y httpd mariadb-server | |
| sudo systemctl start httpd | |
| # sudo systemctl start|stop|restart httpd | |
| sudo systemctl enable httpd | |
| # Laravel Spark needs: | |
| sudo yum install php-xml php-gd php-mbstring -y | |
| # And Composer from here: https://getcomposer.org/download/ | |
| # AMI v1 used to be: | |
| #sudo yum install -y httpd24 php56 php56-mysqlnd | |
| #sudo service httpd start | |
| #sudo chkconfig httpd on | |
| # Can prove chkconfig using `chkconfig --list httpd | |
| # Document root is /var/www/html | |
| #sudo groupadd apache | |
| sudo usermod -a -G apache ec2-user | |
| exit | |
| # Re-login so the group membership takes effect | |
| # Can prove you're in the group by running `groups` | |
| sudo chown -R root:apache /var/www | |
| sudo chmod 2775 /var/www | |
| find /var/www -type d -exec sudo chmod 2775 {} \; | |
| find /var/www -type f -exec sudo chmod 0664 {} \; | |
| # Can test server by running: | |
| echo "<?php phpinfo(); ?>" > /var/www/html/phpinfo.php | |
| rm /var/www/html/phpinfo.php | |
| # MySQL | |
| sudo systemctl start mariadb | |
| sudo mysql_secure_installation | |
| sudo systemctl enable mariadb | |
| # FYI stop sql service using: sudo systemctl stop mariadb | |
| # SSL info: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/SSL-on-an-instance.html |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/get-set-up-for-amazon-ec2.html | |
| (in the IAM section) | |
| Create New Group called "Administrators" (with the AdministratorAccess policy) | |
| Create IAM users and add to the group | |
| In the "dashboard" section, edit the account alias to make *alias*.signin.aws.amazon.com/console | |
| On the IAM homepage, finish the 5 security steps | |
| (in the EC2 section) | |
| Choose Oregon as it's cheaper | |
| Create a key pair for each type of servers (like prodfarm, webserver, etc) | |
| Remember to `chmod 400 key.pem` | |
| Create a VPC called "the-vpc" | |
| Leave the "default" security group as-is (It allows traffic between any servers in this group) | |
| Add an "http" security group allowing "http" and "https" inbound traffic | |
| Add an "admin" security group allowing "All Traffic" from known locations, like your office | |
| http://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/free-tier-alarms.html | |
| https://docs.aws.amazon.com/AWSEC2/latest/UserGuide | |
| # PHP error log | |
| sudo tail -f /var/log/php-fpm/www-error.log | |
| # Apache Logs | |
| sudo tail -f /var/log/httpd/error_log | |
| sudo tail -f /var/log/httpd/access_log |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # If using git on a private repo, need to setup a key and get it to remember the passphrase | |
| # https://help.github.com/articles/connecting-to-github-with-ssh/ | |
| # Can check first for existing keys using ls -al ~/.ssh | |
| ssh-keygen -t rsa -b 4096 -C "[email protected]" | |
| # When you're prompted to "Enter a file in which to save the key," press Enter. This accepts the default file location of /Users/you/.ssh/id_rsa | |
| # Go with a blank passphrase, it can be changed later with ssh-keygen -p | |
| # https://help.github.com/articles/adding-a-new-ssh-key-to-your-github-account | |
| # https://confluence.atlassian.com/bitbucket/set-up-an-ssh-key-728138079.html | |
| # From Bitbucket, choose Bitbucket settings from your avatar in the lower left. The Account settings page opens. | |
| # Click SSH keys. If you've already added keys, you'll see them on this page. | |
| # In your terminal window, copy the contents of your public key file. If you renamed the key, replace id_rsa.pub with the public key file name. | |
| # On Linux, you can cat the contents: | |
| cat ~/.ssh/id_rsa.pub | |
| # After adding the key in settings, return to the terminal window and verify your configuration and username by entering the following command: | |
| ssh -T [email protected] | |
| # Checkout code | |
| cd /var/www | |
| git clone [email protected]:user/repo.git | |
| # this will make a new folder as /var/www/repo | |
| # update apache to use we webroot | |
| sudo touch /etc/httpd/conf.d/custom.conf | |
| sudo nano /etc/httpd/conf.d/custom.conf |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| sudo yum install -y php56-gd php56-mbstring | |
| sudo service httpd restart | |
| cd ~ | |
| wget https://github.com/impresspages/ImpressPages/archive/master.zip | |
| unzip master.zip | |
| # If you unzip on accident, this command removes a whole tree: `rm -rf ImpressPages-master` | |
| mv ImpressPages-master/* /var/www/html | |
| mv ImpressPages-master/.htaccess /var/www/html | |
| rmdir ImpressPages-master | |
| rm master.zip | |
| # Add DB-specific user | |
| mysql -u root -p # The following commands are while logged into mysql | |
| CREATE USER 'website'@'%' IDENTIFIED BY 'your_strong_password'; | |
| CREATE DATABASE impress; | |
| GRANT ALL PRIVILEGES ON impress.* TO "website"@"%"; | |
| FLUSH PRIVILEGES; | |
| exit; | |
| # Give Impress Pages the needed file access | |
| sudo vim /etc/httpd/conf/httpd.conf # Edit line 151 (The AllowOverride None under Direcotry /var/www/html to be Allow Override All) | |
| sudo usermod -a -G www apache | |
| sudo service httpd restart | |
| # Then visit the website for a setup wizard | |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/hosting-wordpress.html | |
| # Generally useful | |
| sudo usermod -a -G www apache | |
| sudo service httpd restart |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment