Difference between revisions of "Amazon AWS Hosted Web Site, start to finish"
Jump to navigation
Jump to search
Line 146: | Line 146: | ||
* [http://www.the-tech-tutorial.com/?p=1408 Add swap space] for when you need more than 613MB of memory | * [http://www.the-tech-tutorial.com/?p=1408 Add swap space] for when you need more than 613MB of memory | ||
* Install [http://wp-cli.org/ WordPress CLI] - good for doing db dumps, etc | * Install [http://wp-cli.org/ WordPress CLI] - good for doing db dumps, etc | ||
+ | * Change the timezone of your site via Settings->General-Timezone | ||
+ | * Change the permalink settings to use the page name |
Revision as of 16:45, 11 December 2013
Contents
- 1 Buy the Domain
- 2 Initial EC2 Setup
- 3 Launch an instance
- 4 Enable billing alert
- 5 Connect To Your Instance
- 6 Installing LAMP Web Server
- 7 Allow ec2-user to manip web files
- 8 Secure MySQL server
- 9 Setup WordPress
- 10 Change server settings to allow for file uploads
- 11 DNS Configuration with AWS Route 53
- 12 Install Google Analytics
- 13 Other Stuff
Buy the Domain
- Buy the domain using Mydomain.com
Initial EC2 Setup
- Sign up for Amazon Web Services, create a Key Pair, and create a security group
- Sign up for AWS Free Usage Tier
Create Key Pair for SSHing
- Not possible to specify password when logging into instance, need public key (btw which only works for the region it was created):
- Open up Amazon Web Services Console
- Open up EC2 Console
- Choose your correct region via navigation bar at the top right
- On the left navigation pane under "NETWORK & SECURITY," choose Key Pairs
- Click Create Key Pair, choose a name for the key pair, probably including the region for which the key pair was created. A .pem file will automatically be downloaded locally.
chmod 400
the file. Need to specify the .pem file when SSHing.
Create Security Group
- Looks like EC2 is pedantic about who can connect. Need to create a white list of which IPs the instance can communicate, both inbound and outbound (ingress and egress filtering). Need to put your IP on the list.
- checkip.amazonaws.com is pretty simple
- Command line utility traceroute is helpful in figuring out ISP, also has built in IP utility
- Open up EC2 Console
- If necessary, choose your correct region via navigation bar at the top right
- On the left navigation pane under "NETWORK & SECURITY," choose Security Groups
- Click Create Security Group, and fill in the details
- Click on the Inbound tab and add Rules for HTTP (source=0.0.0.0), HTTPS (source=0.0.0.0), and SSH (your ip address with your.ip.address.boom/32) (always /32 if its your local machine, apparently)
Launch an instance
- Console, launch instance
- Top choice should be Amazon Linux AMI, default is 64bit instance (Figure out the difference between EBS and HVM)
- Micro instance is free tier eligible, selected by default
- Click Review and Launch
- Edit security group and select the one your just created, then click Review and Launch
- Click Launch, bringing up the Key Pair dialog, and select the one you just created, or create a new pair, or select the option not to specify pair
- The instance will show up on the dashboard.
Enable billing alert
- Will let you know when your 12 months are over and your bill will exceed $0.00
- New style is in the console navigation under Services->Billing
- Services->CloudWatch, create alarm when billing rises above $0 (Don't forget to change the >= operator to a >)
- Use 6 hour period, or it might trip the alarm for insufficient data
Connect To Your Instance
- Get the public DNS via console, something like
ec2-184-73-8-87.compute-1.amazonaws.com
ssh -i /path/key_pair.pem ec2-user@public_dns_name
- Edit your ~/.ssh/config file so that you don't have to type in a fuck load of shit
Installing LAMP Web Server
- slap your customized .bashrc in there
- Tutorial: Installing a LAMP Web Server
sudo yum update -y
- yum grouplist, to see what groups are available
* ec2-user@ip-10-166-48-198 ~ $ yum grouplist Loaded plugins: priorities, update-motd, upgrade-helper There is no installed groups file. Maybe run: yum groups mark convert Available Groups: Console internet tools DNS Name Server Development Libraries Development tools Editors FTP Server Java Development Legacy UNIX compatibility Mail Server MySQL Database MySQL Database client NFS file server Network Servers Networking Tools PHP Support Performance Tools Perl Support PostgreSQL Database client (version 8) PostgreSQL Database server (version 8) Scientific support System Tools TeX support Technical Writing Web Server Web Servlet Engine Done
sudo yum groupinstall -y "Web Server" "MySQL Database" "PHP Support"
sudo yum install -y php-mysql
sudo service httpd start
sudo chkconfig httpd on
to configure Apache to start on bootchkconfig --list httpd
to check runlevels (2, 3, 4, and 5 is desired)- Connect to instance's public DNS to check that it's working
Allow ec2-user to manip web files
sudo groupadd www
sudo usermod -a -G www ec2-user
- Logout and log back in to pick up the new group. Type
groups
to check. sudo chown -R root:www /var/www
changes group ownership of the web dir to www groupsudo chmod 2775 /var/www; find /var/www -type d -exec sudo chmod 2775 {} +
find /var/www -type f -exec sudo chmod 0664 {} +
echo "<?php phpinfo(); ?>" > /var/www/html/phpinfo.php
, check it, and then delete it.
Secure MySQL server
sudo service mysqld start
sudo mysql_secure_installation
- Current rot pw by default is nothing so just press enter
- Y to set a new pw
- Enter new pw twice
- Y to the rest of the questions
Setup WordPress
wget https://wordpress.org/latest.tar.gz; tar zxvf latest.tar.gz
Setup MySQL user
mysql -u root -p
CREATE USER 'wordpress-user'@'localhost' IDENTIFIED BY 'some_other_pw';
CREATE DATABASE `wordpress-db`;
GRANT ALL PRIVILEGES ON `wordpress-db`.* TO "wordpress-user"@"localhost";
FLUSH PRIVILEGES;
exit
Create and Edit the wp-config.php file
cd wordpress; cp wp-config-sample.php wp-config.php
vim wp-config.php
define('DB_NAME', 'wordpress-db');
define('DB_USER', 'wordpress-user');
define('DB_PASSWORD', 'your_strong_password');
- Go to https://api.wordpress.org/secret-key/1.1/salt to generate unique keys and paste in
Move all files to web server root
mv * /var/www/html/
Visit the site in your browser and fill in all the details
Change server settings to allow for file uploads
cd /etc/httpd/conf
sudo cp httpd.conf httpd.conf.old
sudo vim httpd.conf
- Change the group Apache is running under to
www
. Save and exit vim. sudo service httpd restart
cd /var/www/html
chgrp -R www wp-content
- Navigate to your website and try making a post where you upload a picture
DNS Configuration with AWS Route 53
General Steps
1. Register your domain name with a domain name registrar. For a list of the registrars that you can use to register your domain name, go to ICANN.org. 2. In the Route 53 console, create a hosted zone. 3. Using the tools provided by your domain name registrar, update the registrar's name server (NS) records with the four name servers that we assigned to your Route 53 hosted zone. Name servers are listed in the Route 53 console. 4. In the Route 53 console, add record sets to your hosted zone.
Create Route 53 Hosted Zone
- Go into Route 53 from Console
- Click "Create Hosted Zone", fill in the details
- Create "Resource Record Sets"
- In Route 53 Console, double-click on hosted zone; Two Record Sets are created: NS (name server) and SOA (Start of Authority)
- Put the Delegation Set into the Nameservers of your domain registrar (in my case, mydomain.com)
- Route the query to the Amazon EC2 instance by creating another record set, type A, and put the public IP for the instance in there
Install Google Analytics
- Get plugin link from plugin page here
- wget and unzip the file in the /var/www/html/wp-content/plugins directory
- Login to the website, and activate the plugin
- While logged into Google Analytics, create new account, then new property, then refresh the account in WordPress
Other Stuff
- Git not available by default:
sudo yum install git
- Add swap space for when you need more than 613MB of memory
- Install WordPress CLI - good for doing db dumps, etc
- Change the timezone of your site via Settings->General-Timezone
- Change the permalink settings to use the page name