====== Install Etherpad Lite on AWS EC2 Amazon Linux 2 AMI ====== - Login to [[https://console.aws.amazon.com/|AWS EC2 Web Console]] - Launch a new **t2.micro** EC2 instance from **Amazon Linux 2 AMI** - Allocation new Elastic IP - Allocate the Elastic IP to newly create EC2 instance - Using [[https://putty.org|PuTTY]] SSH Client and PEM key login, SSH into in the new instance - Run the following Linux shell command to update Amazon Linux 2: sudo yum -y update - Run following Linux shell command to install [[https://nodejs.org/|node.js]]: [[https://github.com/nodesource/distributions/blob/master/README.md]] curl -sL https://rpm.nodesource.com/setup_current.x | sudo bash - sudo yum install -y nodejs git - Run the following Linux shell commands to download and install [[https://etherpad.org/|Etherpad]] Lite: [[https://github.com/ether/etherpad-lite#installation]] sudo mkdir /usr/local/etherpad sudo git clone --branch master https://github.com/ether/etherpad-lite.git /usr/local/etherpad/ sudo /usr/local/etherpad/bin/installDeps.sh sudo groupadd etherpad sudo useradd etherpad --system -g etherpad --home /var/etherpad sudo chown -R etherpad:etherpad /usr/local/etherpad - Setup Etherpad as service so that it can be started during boot by running Linux shell command ''sudo vi /usr/lib/systemd/system/etherpad.service'': [[https://github.com/ether/etherpad-lite/wiki/How-to-deploy-Etherpad-Lite-as-a-service]] [Unit] Description=Etherpad-lite, the collaborative editor. After=syslog.target network.target [Service] Type=simple User=etherpad Group=etherpad WorkingDirectory=/usr/local/etherpad Environment=NODE_ENV=production ExecStart=/usr/bin/node --experimental-worker /usr/local/etherpad/node_modules/ep_etherpad-lite/node/server.js # use mysql plus a complete settings.json to avoid Service hold-off time over, scheduling restart. Restart=always [Install] WantedBy=multi-user.target - Run following Linux shell commands to enable Etherpad service and start it immediately: sudo chmod ugo+x /usr/lib/systemd/system/etherpad.service sudo systemctl enable etherpad sudo systemctl start etherpad - Run following Linux shell command to install [[https://httpd.apache.org/|Apache httpd]] and [[https://httpd.apache.org/docs/current/mod/mod_ssl.html|Apache SSL Module]]: sudo yum -y install httpd mod_ssl - Edit **httpd.conf** file by running ''sudo vi /etc/httpd/conf/httpd.conf'' Linux shell command with following contents: Replace //<>// \\ Replace //<>// #Listen 80 ServerAdmin <> ServerName <>:80 - Run the following Linux shell command to enable Apache httpd server to start at boot as well as immediately: sudo systemctl enable httpd sudo systemctl start httpd - Update DNS host record with your Domain Registrar or Domain Management Service - Generate CloudFlare Origin Certificate - Run following Linux shell commands to create certificates: [[https://www.digicert.com/kb/csr-ssl-installation/apache-openssl.htm#ssl_certificate_install]] \\ [[https://support.cloudflare.com/hc/en-us/articles/115000479507-Managing-Cloudflare-Origin-CA-certificates]] Replace //<>// with your website's domain name \\ Replace //<>// with Origin Certificate generated in your CloudFlare account \\ Replace //<>// with Private Key for Origin Certificate generated in your CloudFlare account sudo mkdir /usr/local/ssl sudo vi /usr/local/ssl/<>.crt <> sudo vi /usr/local/ssl/<>.crt <> sudo vi /usr/local/ssl/cloudflare.crt <> [[https://support.cloudflare.com/hc/article_attachments/360037885371/origin_ca_rsa_root.pem]] -----BEGIN CERTIFICATE----- MIIEADCCAuigAwIBAgIID+rOSdTGfGcwDQYJKoZIhvcNAQELBQAwgYsxCzAJBgNV BAYTAlVTMRkwFwYDVQQKExBDbG91ZEZsYXJlLCBJbmMuMTQwMgYDVQQLEytDbG91 ZEZsYXJlIE9yaWdpbiBTU0wgQ2VydGlmaWNhdGUgQXV0aG9yaXR5MRYwFAYDVQQH Ew1TYW4gRnJhbmNpc2NvMRMwEQYDVQQIEwpDYWxpZm9ybmlhMB4XDTE5MDgyMzIx MDgwMFoXDTI5MDgxNTE3MDAwMFowgYsxCzAJBgNVBAYTAlVTMRkwFwYDVQQKExBD bG91ZEZsYXJlLCBJbmMuMTQwMgYDVQQLEytDbG91ZEZsYXJlIE9yaWdpbiBTU0wg Q2VydGlmaWNhdGUgQXV0aG9yaXR5MRYwFAYDVQQHEw1TYW4gRnJhbmNpc2NvMRMw EQYDVQQIEwpDYWxpZm9ybmlhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwEiVZ/UoQpHmFsHvk5isBxRehukP8DG9JhFev3WZtG76WoTthvLJFRKFCHXm V6Z5/66Z4S09mgsUuFwvJzMnE6Ej6yIsYNCb9r9QORa8BdhrkNn6kdTly3mdnykb OomnwbUfLlExVgNdlP0XoRoeMwbQ4598foiHblO2B/LKuNfJzAMfS7oZe34b+vLB yrP/1bgCSLdc1AxQc1AC0EsQQhgcyTJNgnG4va1c7ogPlwKyhbDyZ4e59N5lbYPJ SmXI/cAe3jXj1FBLJZkwnoDKe0v13xeF+nF32smSH0qB7aJX2tBMW4TWtFPmzs5I lwrFSySWAdwYdgxw180yKU0dvwIDAQABo2YwZDAOBgNVHQ8BAf8EBAMCAQYwEgYD VR0TAQH/BAgwBgEB/wIBAjAdBgNVHQ4EFgQUJOhTV118NECHqeuU27rhFnj8KaQw HwYDVR0jBBgwFoAUJOhTV118NECHqeuU27rhFnj8KaQwDQYJKoZIhvcNAQELBQAD ggEBAHwOf9Ur1l0Ar5vFE6PNrZWrDfQIMyEfdgSKofCdTckbqXNTiXdgbHs+TWoQ wAB0pfJDAHJDXOTCWRyTeXOseeOi5Btj5CnEuw3P0oXqdqevM1/+uWp0CM35zgZ8 VD4aITxity0djzE6Qnx3Syzz+ZkoBgTnNum7d9A66/V636x4vTeqbZFBr9erJzgz hhurjcoacvRNhnjtDRM0dPeiCJ50CP3wEYuvUzDHUaowOsnLCjQIkWbR7Ni6KEIk MOz2U0OBSif3FTkhCgZWQKOOLo1P42jHC3ssUZAtVNXrCk3fw9/E15k8NPkBazZ6 0iykLhH1trywrKRMVw67F44IE8Y= -----END CERTIFICATE----- - Edit **ssl.conf** file by running ''sudo vi /etc/httpd/conf.d/ssl.conf'' Linux shell command with following contents: Replace //<>// with your website's domain name SSLCertificateFile /usr/local/ssl/<>.crt SSLCertificateKeyFile /usr/local/ssl/<>.key SSLCertificateChainFile /usr/local/ssl/cloudflare.crt ProxyVia On ProxyRequests Off ProxyPreserveHost on ProxyPass http://localhost:9001/ retry=0 timeout=30 ProxyPassReverse http://localhost:9001/ # This is needed to handle the websocket transport through the proxy, since # etherpad does not use a specific sub-folder, such as /ws/ to handle this kind of traffic. # Taken from https://github.com/ether/etherpad-lite/issues/2318#issuecomment-63548542 # Thanks to beaugunderson for the semantics RewriteEngine On RewriteCond %{QUERY_STRING} transport=websocket [NC] RewriteRule /(.*) ws://localhost:9001/socket.io/$1 [P,L] ProxyPass http://localhost:9001/socket.io retry=0 timeout=30 ProxyPassReverse http://localhost:9001/socket.io Options FollowSymLinks MultiViews AllowOverride All Order allow,deny allow from all - Run following Linux shell command to restart Apache httpd service: sudo systemctl restart httpd - Edit Etherpad settings file by running Linux command ''sudo vi /usr/local/etherpad/settings.json'' - Run following Linux command restart Etherpad service: sudo systemctl daemon-reload && sudo systemctl restart etherpad