I am deploying to Elastic Beanstalk with Deploybot. I need to change directory permissions for /app/tmp after deployment. The tmp directory in my cake 2 installation becomes unwritable and so forces an error.
Can anyone tell me how to do this (bearing in mind im using Deplybot and not the EB CLI)?
Thanks
You should be able to use a Container Command to chmod the directory appropriately. Something like this should work:
.ebextensions/01-chmod.config
container_commands:
chmod-tmp:
command: "chmod 777 /app/tmp"
Right.... couldn't get the container commands to do what I wanted so came at it from the other direction.
Put .gitignore files in all the tmp folders and set the content to:
*
!.gitignore
This ignored all the files but kept the folders.
Related
I have .env in my code. I copy it to s3. I want to delete it from my GitHub and beanstalk download it when it starts. which directory I should use?
I see my code is on
/var/app/current/
/var/www/html/
,...
I want to use .ebextensions
commands:
01_get_env_vars:
command: aws s3 cp s3://test/.env DIRECTORY
does it have a better solution?
Probably the best way would be to use container_commands instead of commands.
The reason is that conatiner_commands run in the staging folder /var/app/staging:
The specified commands run as the root user, and are processed in alphabetical order by name. Container commands are run from the staging directory, where your source code is extracted prior to being deployed to the application server.
Thus your code could be:
container_commands:
01_get_env_vars:
command: aws s3 cp s3://test/.env .
where DIRECTORY is replaced by ..
What path do I add to docker to enable AWS SAM to locally debug? Adding the path to the directory in which I work normally does not work.
Short Answer: add this path to docker: C:\Users\{user}\AppData\Local\Temp\aws-toolkit-vscode
The directory that needs to be mounted is the directory that sam COMPILES TO, NOT the directory in which you normally work in e.g onedrive, documents.
My app currently uses a folder called "Documents" that is located in the root of the app. This is where it stores supporting docs, temporary files, uploaded files etc. I'm trying to move my app from Azure to Beanstalk and I don't know how to give permissions to this folder and sub-folders. I think it's supposed to be done using .ebextensions but I don't know how to format the config file. Can someone suggest how this config file should look? This is an ASP.NET app running on Windows/IIS.
Unfortunately, you cannot use .ebextensions to set permissions to files/folders within your deployment directory.
If you look at the event hooks for an elastic beanstalk deployment:
https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/customize-containers-windows-ec2.html#windows-container-commands
You'll find that commands run before the ec2 app and web server are set up, and
container_commands run after the ec2 app and web server are setup, but before your application version is deployed.
The solution is to use a wpp.targets file to set the necessary ACLs.
The following SO post is most useful
Can Web Deploy's setAcl provider be used on a sub-directory?
Given below is the sample .ebextensions config file to create a directory/file and modify the permissions and add some content to the file
====== .ebextensions/custom_directory.config ======
commands:
create_directory:
command: mkdir C:\inetpub\AspNetCoreWebApps\backgroundtasks\mydirectory
command: cacls C:\inetpub\AspNetCoreWebApps\backgroundtasks\mydirectory /t /e /g username:W
files:
"C:/inetpub/AspNetCoreWebApps/backgroundtasks/mydirectory/mytestfile.txt":
content: |
This is my Sample file created from ebextensions
ebextensions go into the root of the application source code through a directory called .ebextensions. For more information on how to use ebextensions, please go through the documentation here
Place a file 01_fix_permissions.config inside .ebextensions folder.
files:
"/opt/elasticbeanstalk/hooks/appdeploy/pre/49_change_permissions.sh":
mode: "000755"
owner: root
group: root
content: |
#!/usr/bin/env bash
sudo chown -R ec2-user:ec2-user tmp/
Following that you can set your folder permissions as you want.
See this answer on Serverfault.
There are platform hooks that you can use to run scripts at various points during deployment that can get you around the shortcomings of the .ebextension Commands and Platform Commands that Napoli describes.
There seems to be some debate on whether or not this setup is officially supported, but judging by comments made on the AWS github, it seems to be not explicitly prohibited.
I can see where Napoli's answer could be the more standard MS way of doing things, but wpp.targets looks like hot trash IMO.
The general scheme of that answer is to use Commands/Platform commands to copy a script file into the appropriate platform hook directory (/opt/elasticbeanstalk/hooks or C:\Program Files\Amazon\ElasticBeanstalk\hooks\ ) to run at your desired stage of deployment.
I think its worth noting that differences exist between platforms and versions such as Amazon Linux 1 and Linux 2.
I hope this helps someone. It took me a day to gather that info and what's on this page and pick what I liked best.
Edit 11/4 - I would like to note that I saw some inconsistencies with the File .ebextension directive when trying to place scripts drirectly into the platform hook dir's during repeated deployments. Specifically the File directive failed to correctly move the backup copies named .bak/.bak1/etc. I would suggest using a Container Command to copy with overwriting from another directory into the desired hook directory to overcome this issue.
I'm trying to move a file located within my app directory:
{MyAppRoot}/.aws_scripts/eb_config.js
to
{MyAppRoot}/config.js.
I need this mv or cp to happen before the app is actually restarted, as this files presence is required immediately by the main app module. I've tried using .ebextensions various mechanisms like commands, container_commands, etc but all fail, with either no stat, or permission denied. I'm unable to get further details from eb_activity.log or any of the other log files. I came across this similar question on the aws forums but I'm not able to achieve any success.
What's the proper way to accomplish this? Thanks.
In commandsyour project specific files are not set up yet.
In container_commands they files are in a temporary staging location, but current path is that staging directory. The following should work:
container_commands:
cp .aws_scripts/eb_config.js config.js.
I've linked a git branch to my Elastic Beanstalk environment and using git aws.push it deploys correctly.
I've now added a .extensions directory which contains a config script which should be creating a couple of directories. However, nothing appears to be happening.
I understand that the .extensions directory should be copied across to the ec2 instance as well but I'm not seeing it.
I've checked eb-tools.log and it's not mentioned in the upload.
Is there something additional that's required?
The script contains:
commands:
cache:
command: mkdir /tmp/cache
items:
command: mkdir /tmp/cache/items
chmod:
command: chmod -R 644 /tmp
You can find the run logs for this at /var/log/cfn-init.log.
In here I could see that the mkdir commands had worked initially but subsequently failed as the directory already existed.
Turns out that eb extensions run commands in alphabetical order so I had to change the commands to:
01command1:
02command2:
etc.
From this point on it worked fine.
Something else that was confusing me is that the .ebextensions directory in my local git repo was not appearing on the target instance directory. this is because once it's been run it will delete the directory.
Double check that your local script file has a .config extension. I was having a similar problem because my local file was called .ebextensions/01_stuff.yaml and it was fixed once I renamed it to .ebextensions/01_stuff.config.