Deployment

Universal Environment Variables

  1. Usage in Docker-Compose
    1. Postgres
      1. POSTGRESHOSTAUTH_METHOD
      2. POSTGRES_DB
  2. Usage in .env File
    1. DB config
      1. DB_USER
      2. DB_PASS
      3. DB_NAME
      4. DB_HOST
      5. DB_PORT
    2. Common Backend
      1. PORT
      2. PRODUCTION_URL
      3. NODE_ENV
    3. gCloud
      1. GCPROJECTID
      2. GCPRIVATEKEY
      3. GCCLIENTEMAIL

Instructions for Installing Docker on Ubuntu 20.04 on AWS EC2

Connecting to the Instance

  1. Using SSH to Connect:

  • Open a terminal on your computer.

  • Run the following command:

    ssh -i /path/to/your-key.pem ubuntu@your-ec2-public-ip

  • Replace /path/to/your-key.pem with the path to your key file, and your-ec2-public-ip with the public IP address of your instance.

Installing Docker

  1. Update the Package List:

  • After connecting to the instance, update the package list:

    sudo apt update
  1. Install Required Packages:

  • Install the required packages to allow apt to use a repository over HTTPS:

    sudo apt install apt-transport-https ca-certificates curl software-properties-common -y
  1. Add Docker’s Official GPG Key:

  • Add Docker's official GPG key:

    curl -fsSL <https://download.docker.com/linux/ubuntu/gpg> | sudo apt-key add -
  1. Set Up the Docker Repository:

  • Add the Docker repository to APT sources:

    sudo add-apt-repository "deb [arch=amd64] <https://download.docker.com/linux/ubuntu> focal stable"
  1. Update the Package List Again:

  • Update the package list to include Docker's packages:

    sudo apt update
  1. Install Docker:

  • Install Docker:

    sudo apt install docker-ce -y
  1. Check Docker Status:

  • Verify that Docker is running:

    sudo systemctl status docker

  • If Docker is not running, start it with:

    sudo systemctl start docker

Running Docker Without Sudo (Optional)

Create Docker Group:

  • Create a Docker group:

    sudo groupadd docker

Add Your User to the Docker Group:

  • Add your user to the Docker group:

    sudo usermod -aG docker $USER

  • Log out and log back in so that your group membership is re-evaluated.

Instructions for Installing Nginx on AWS EC2 with Ubuntu

Creating an EC2 Instance

  • Log in to the AWS Management Console.
  • Navigate to the EC2 section and click "Launch Instance".
  • Select an Ubuntu image (e.g., Ubuntu Server 20.04 LTS).
  • Choose an instance type (e.g., t2.micro if you are on the free tier).
  • Configure network and security settings. Ensure that port 22 for SSH and port 80 for HTTP, port 443 HTTPS are open.
  • Create or select an existing key pair for SSH access.
  • Launch the instance and note its public IP address.

Connecting to the Instance

Using SSH to Connect:

  • Open a terminal on your computer.

  • Run the following command:

    ssh -i /path/to/your-key.pem ubuntu@your-ec2-public-ip

  • Replace /path/to/your-key.pem with the path to your key file, and your-ec2-public-ip with the public IP address of your instance.

Installing Nginx

Updating the Package List:

  • After connecting to the instance, run the command:

    sudo apt update

Installing Nginx:

  • Install Nginx with the command:

    sudo apt install nginx -y

Checking the Nginx Status:

  • Verify if Nginx is running:

    sudo systemctl status nginx

  • If Nginx is not running, start it with the command:

    sudo systemctl start nginx

Configuring the Firewall (if necessary)

Allowing HTTP Traffic:

  • Ensure that traffic on port 80 is allowed:

    sudo ufw allow 'Nginx HTTP'
sudo ufw enable

Verifying the Installation

Checking via Browser: - Open your browser and enter the public IP address of your EC2 instance. - You should see the default Nginx welcome page.

Additional Configuration (Optional)

Editing Nginx Configuration:

  • Nginx configuration files are located in the /etc/nginx directory.

  • The main configuration file is /etc/nginx/nginx.conf.

  • Site configurations are located in the /etc/nginx/sites-available and /etc/nginx/sites-enabled directories.

  • To create or modify a site configuration, edit the files in /etc/nginx/sites-available and create a symbolic link in /etc/nginx/sites-enabled:

    sudo ln -s /etc/nginx/sites-available/your-site /etc/nginx/sites-enabled/

Reloading Nginx to Apply Changes:

  • After making changes to the configuration files, reload Nginx:

    sudo systemctl reload nginx

Using Let's Encrypt for HTTPS with Nginx on AWS EC2

Installing Certbot

Certbot is a tool that automates the process of obtaining and renewing SSL certificates from Let's Encrypt.

Update the Package List:

  • Connect to your EC2 instance via SSH and update the package list:

    sudo apt update

Install Certbot and the Nginx Plugin:

  • Install Certbot and the Nginx plugin with the following command:

    sudo apt install certbot python3-certbot-nginx -y

Obtaining an SSL Certificate

Run Certbot:

  • Use Certbot to obtain an SSL certificate and configure Nginx:

    sudo certbot --nginx

Follow the Prompts:

  • Certbot will prompt you to enter your email address and agree to the terms of service.
  • Certbot will then automatically obtain and install the SSL certificate, and configure Nginx to use it.

Verifying the Installation

Check Nginx Configuration:

  • Verify that Nginx is correctly configured to use the SSL certificate by checking the configuration file. Certbot should have modified your Nginx configuration to include directives for SSL.

  • You can find your site configuration in /etc/nginx/sites-available/your-domain:

    sudo nano /etc/nginx/sites-available/your-domain

  • Ensure it contains lines similar to the following:

    server {
    listen 80;
    server_name your-domain.com www.your-domain.com;
    return 301 https://$host$request_uri;
}

server {
    listen 443 ssl;
    server_name your-domain.com www.your-domain.com;

    ssl_certificate /etc/letsencrypt/live/your-domain.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/your-domain.com/privkey.pem;
    include /etc/letsencrypt/options-ssl-nginx.conf;
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;

    location / {
        proxy_pass <http://localhost:3000>;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }
}

Test HTTPS Access:

  • Open your browser and navigate to https://your-domain.com. You should see a secure connection indicated by a padlock icon in the address bar.

Auto-renewal Configuration

Setting Up Auto-renewal:

  • Certbot sets up a cron job to renew the certificate automatically. You can verify this by checking the cron jobs:

    sudo systemctl list-timers

  • Ensure there is an entry for certbot.timer.

Testing Renewal:

  • It's good practice to test the renewal process to ensure it works correctly:

    sudo certbot renew --dry-run