I can find how to install SSL using let's encrypt on wordpress/Nginx/LAMP but not for Nodejs installation. I need help with installing SSL certificate for my nodejs server application which I have installed on aws Lightsail. How can I do that as there is no resource I can find for nodejs installation on lightsail?
I had this same issue and while I love Certbot, it is not an option for the NodeJS instance on AWS (at least as of August 2021) which uses Bitnami. After lots of searching, I was able to get the process working with the instructions found on this documentation page:
https://docs.bitnami.com/general/how-to/generate-install-lets-encrypt-ssl/
Before you do this (or any SSL tutorial), create a snapshot of your instance in case you need to roll back. 503 errors are common with this type of thing.
SSH into your AWS instance and start with the following command:
sudo /opt/bitnami/bncert-tool
You may see a message that says you'll need to update– if so, choose y and run the above command again. Follow the instructions carefully. For example, if you only enter your domain name, it'll ask if you want to add the www. to it as well. It'll then ask to set up http => https, no-www => www and www => no-www redirects– pay close attention to which you are enabling.
Don't forget to restart Apache afterwords:
sudo /opt/bitnami/ctlscript.sh restart apache
Hopefully that works for you! Most of the instructions and documentation for setting up an SSL certificate for AWS Lightsail instances of NodeJS are sparse, presumptive, and either way too brief or include so many unnecessary details they cause more confusion than they solve. Best of luck to anyone who finds this in the future– hope this helps!
Related
Followed the steps to setup an SSL for Lightsail AWS (new instance running Debian) in the official docs here:
https://lightsail.aws.amazon.com/ls/docs/en_us/articles/amazon-lightsail-using-lets-encrypt-certificates-with-wordpress
Everything is absolutely fine until I reach section 8.
In section 8.1 is says:
Enter the following command to set your wp-config.php and htaccess.conf files to be writeable. The Really Simple SSL plugin will write to the wp-config.php file to configure your certificates.
sudo chmod 666 /opt/bitnami/apps/wordpress/htdocs/wp-config.php && sudo chmod 666 /opt/bitnami/apps/wordpress/conf/htaccess.conf
However these paths don't exist in the Debian instance (used to work for Ubuntu instances).
The Really Simple SSL certificate says:
"No SSL detected"
How to install this properly on the newer Debian instances?
Bitnami Engineer here,
The Bitnami WordPress directory structure changed a bit some months ago but it seems that the Lightsail documentation was not updated (please note that we do not maintain those guides). The WordPress files are now inside the /opt/bitnami/wordpress directory.
https://docs.bitnami.com/aws/faq/get-started/understand-directory-structure/
Apart from that, I do now know why they are modifying the permissions of the htaccess.conf file so running these commands should be enough
sudo chmod 666 /opt/bitnami/wp-config.php
sudo chmod 666 /bitnami/wp-config.php
However, as I mentioned before, we do not maintain those guides. If you want to generate a SSL certificate, I suggest you take a look at this guide in the Bitnami documentation to generate a Let's Encrypt SSL certificate and redirect the requests to https if required.
https://docs.bitnami.com/aws/faq/administration/generate-configure-certificate-letsencrypt/
sudo /opt/bitnami/bncert-tool
I'm having difficulty to set this up correctly, and burning through AWS server time while I try to make it work. I have segmentation code that is heavily memory intensive that I'd like to temporarily spin up an AWS server with 192GB of ram. I understand that this is possible using docker, but the instructions on pycharm are non-existent with respect to the docker instructions necessary to tie it together (it references existing code as opposed to showing how to assemble it from scratch). What would the docker run command on the server look like to enable a connection to the 2375 port?
EDIT: I am using Pycharm Professional
UPD: Checking PyCharm options I found that there is an option to use Docker Machines. This seem to be exactly what you need. With Docker Machines you can make Docker spin up an EC2 instance for you with proper security out-of-the-box. Read official documentation on how to get started here and AWS driver options to learn how to set EC2 instance type, AMI, and other options here .
Original post:
To enable this feature you have to run Docker daemon with '-H' option:
sudo dockerd -H tcp://0.0.0.0:2375
You may read more on that in the Docker docs: https://docs.docker.com/engine/reference/commandline/dockerd/ .
Beware though, for EC2 you may also need to open that port using security group https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/authorizing-access-to-an-instance.html .
I also want to add that what you want to achieve isn't good from security perspective. Exposing docker socket like that is like an invitation for bad guys to throw a party at your EC2 instance. But since you mentioned that this is temporary...
I am trying to install an SSL certificate on my Apache server that's hosted on an EC2 instance from AWS. I originally intended to go with AWS Certificate Manager and put the SSL on a Load Balancer but I have no need for more than one EC2 instance.
What I have found is that you can install the SSL directly to the server that's hosted at AWS. What I am confused about is how to do it. https://www.digicert.com/ssl-certificate-installation-apache.htm, among others, is a link that I have been trying to follow. I am stuck at #2 in the digicert link above becuase I can't find the SSL configuration file. Is it possible that I could not have that set up? If so, do I create the virtual host like specified in #4? Where would I place the virtual host block of code in my server?
Thank you for any and all help!
You need to put ssl certificate inside tomcat on ec2 instance, then you can take an image of that instance and update image on amazon autoscale. The steps for installing ssl certificate in tomcat server, you can find on different links, google on this and you will find many links. While i am providing some below links, hope these helps :
https://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html
https://www.mulesoft.com/tcat/tomcat-ssl
http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/SSL-on-an-instance.html
If you can't find the SSL config file in /etc/httpd/conf.d it's because you don't have mod_ssl installed on your server. mod_ssl works for Apache version 2.2. mod24_ssl will not work for Apache version 2.2 but 2.4. I used command sudo yum install -y mod_ssl and it worked fine on my instance since I had version 2.2.
If anyone needs any more explanation on this issue, let me know. I figured it out from scratch and would be more than happy to help someone else avoid the confusion/frustration. It's pretty straight forward once you can understand it.
I am trying to setup an AMI such that, when booted it will auto configure itself with a defined "configuration" somewhere on a server. I came across Chef and Puppet. Considering Puppet, I was able to run though their examples but couldn't see one for auto configuration from master. I found out that Puppet Enterprise is not supported on "Amazon Linux". Team chose Amazon Linux and would like keep that instead of going to other OS just because one tool doesn't support it. Can someone please give me some idea about how I could achieve this? (I am trying to stay away from home grown shell scripts over a good industry adopted tool for maintainability)
What I have done in the past is to copy /etc/rc.local to /etc/rc.local.orig, and then configure /etc/rc.local to kick off a puppet run and then pave over itself.
/etc/rc.local:
#!/bin/bash
##
#add pre-puppeting stuff here, I add the hostname in "User-data" when creating the VM so I can set the hostname before checking in
##
/usr/bin/puppet agent --test
/bin/cp -f /etc/rc.local.orig /etc/rc.local
/sbin/init 6
AWS CloudFormation is one of Amazon's recommended ways to provision servers (and other cloud resources, too). You declare all the resources you need in a JSON file, and specify how to provision each server by declaring packages to install, services to run, files to create, and commands to run when the server is created. See the user guide for more information. I also wrote a couple of blog posts about getting started with it.
I am quite computer-illiterate, but I have managed to utilize the Django framework on my own machine. I have had an account on Amazon Web Service (AWS) for some time, but it appeared rather complex to set-up and to make use of, so I put it of for a while. Then I decided to give it a try, and it was not so hard as I first thought to load a AMI and connect to the server with PuTTY. But since I were already using BitNami's Django-Stack, I decided to take a look at their hosting offer (which builds on AWS). Since they appeared to offer "one-click deployment", I set up a new server through their interface. But then, it seems like the "one-click deployment"-promise is with regard to the server itself. There does not seem to be any interface for deploying Django projects through their site. Having used PuTTY already, and adding WinSCP to my machine, I can acceess the server and load my Django-code unto the server. But then I am lost. The documentation seems a bit thin (look here).
The crux of this is the following: Can anyone make this part of the process more understandable. I.e., how to deploy a Django project on a Linux server with Apache/mod_WSGI?
The other question is: I want to use Postgres. Am I free to install this on the server. Should I opt for EBM (EMB?) for this, or what is the downside of not having EBM?
I hope I am not too unworthy of your attention, thanks!
how to deploy a Django project on a Linux server with Apache/mod_WSGI The Bitnami AMI already comes with all this configured. Once installed try going to the EC2 public url on the default 8000 port and you will see the demo django project setup there. You can add your own project once you have logged into the machine via putty check the /home/bitnami/ directory for the demo project. Copy your project, configure your database The other question is: I want to use Postgres. Am I free to install this on the server Postgres and Mysql are already installed the same way you would do on your local machine. The in your project do ./manage.py runserver 0.0.0.0:9000 since the 8000 port is already running another application.