====== Install Etherpad Lite on AWS EC2 Amazon Linux 2 AMI ======
- Login to [[https://console.aws.amazon.com/|AWS EC2 Web Console]]
- Launch a new **t2.micro** EC2 instance from **Amazon Linux 2 AMI**
- Allocation new Elastic IP
- Allocate the Elastic IP to newly create EC2 instance
- Using [[https://putty.org|PuTTY]] SSH Client and PEM key login, SSH into in the new instance
- Run the following Linux shell command to update Amazon Linux 2:
sudo yum -y update
- Run following Linux shell command to install [[https://nodejs.org/|node.js]]:
[[https://github.com/nodesource/distributions/blob/master/README.md]]
curl -sL https://rpm.nodesource.com/setup_current.x | sudo bash -
sudo yum install -y nodejs git
- Run the following Linux shell commands to download and install [[https://etherpad.org/|Etherpad]] Lite:
[[https://github.com/ether/etherpad-lite#installation]]
sudo mkdir /usr/local/etherpad
sudo git clone --branch master https://github.com/ether/etherpad-lite.git /usr/local/etherpad/
sudo /usr/local/etherpad/bin/installDeps.sh
sudo groupadd etherpad
sudo useradd etherpad --system -g etherpad --home /var/etherpad
sudo chown -R etherpad:etherpad /usr/local/etherpad
- Setup Etherpad as service so that it can be started during boot by running Linux shell command ''sudo vi /usr/lib/systemd/system/etherpad.service'':
[[https://github.com/ether/etherpad-lite/wiki/How-to-deploy-Etherpad-Lite-as-a-service]]
[Unit]
Description=Etherpad-lite, the collaborative editor.
After=syslog.target network.target
[Service]
Type=simple
User=etherpad
Group=etherpad
WorkingDirectory=/usr/local/etherpad
Environment=NODE_ENV=production
ExecStart=/usr/bin/node --experimental-worker /usr/local/etherpad/node_modules/ep_etherpad-lite/node/server.js
# use mysql plus a complete settings.json to avoid Service hold-off time over, scheduling restart.
Restart=always
[Install]
WantedBy=multi-user.target
- Run following Linux shell commands to enable Etherpad service and start it immediately:
sudo chmod ugo+x /usr/lib/systemd/system/etherpad.service
sudo systemctl enable etherpad
sudo systemctl start etherpad
- Run following Linux shell command to install [[https://httpd.apache.org/|Apache httpd]] and [[https://httpd.apache.org/docs/current/mod/mod_ssl.html|Apache SSL Module]]:
sudo yum -y install httpd mod_ssl
- Edit **httpd.conf** file by running ''sudo vi /etc/httpd/conf/httpd.conf'' Linux shell command with following contents:
Replace //<>// \\
Replace //<>//
#Listen 80
ServerAdmin <>
ServerName <>:80
- Run the following Linux shell command to enable Apache httpd server to start at boot as well as immediately:
sudo systemctl enable httpd
sudo systemctl start httpd
- Update DNS host record with your Domain Registrar or Domain Management Service
- Generate CloudFlare Origin Certificate
- Run following Linux shell commands to create certificates:
[[https://www.digicert.com/kb/csr-ssl-installation/apache-openssl.htm#ssl_certificate_install]] \\
[[https://support.cloudflare.com/hc/en-us/articles/115000479507-Managing-Cloudflare-Origin-CA-certificates]]
Replace //<>// with your website's domain name \\
Replace //<>// with Origin Certificate generated in your CloudFlare account \\
Replace //<>// with Private Key for Origin Certificate generated in your CloudFlare account
sudo mkdir /usr/local/ssl
sudo vi /usr/local/ssl/<>.crt
<>
sudo vi /usr/local/ssl/<>.crt
<>
sudo vi /usr/local/ssl/cloudflare.crt
<>
[[https://support.cloudflare.com/hc/article_attachments/360037885371/origin_ca_rsa_root.pem]]
-----BEGIN CERTIFICATE-----
MIIEADCCAuigAwIBAgIID+rOSdTGfGcwDQYJKoZIhvcNAQELBQAwgYsxCzAJBgNV
BAYTAlVTMRkwFwYDVQQKExBDbG91ZEZsYXJlLCBJbmMuMTQwMgYDVQQLEytDbG91
ZEZsYXJlIE9yaWdpbiBTU0wgQ2VydGlmaWNhdGUgQXV0aG9yaXR5MRYwFAYDVQQH
Ew1TYW4gRnJhbmNpc2NvMRMwEQYDVQQIEwpDYWxpZm9ybmlhMB4XDTE5MDgyMzIx
MDgwMFoXDTI5MDgxNTE3MDAwMFowgYsxCzAJBgNVBAYTAlVTMRkwFwYDVQQKExBD
bG91ZEZsYXJlLCBJbmMuMTQwMgYDVQQLEytDbG91ZEZsYXJlIE9yaWdpbiBTU0wg
Q2VydGlmaWNhdGUgQXV0aG9yaXR5MRYwFAYDVQQHEw1TYW4gRnJhbmNpc2NvMRMw
EQYDVQQIEwpDYWxpZm9ybmlhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwEiVZ/UoQpHmFsHvk5isBxRehukP8DG9JhFev3WZtG76WoTthvLJFRKFCHXm
V6Z5/66Z4S09mgsUuFwvJzMnE6Ej6yIsYNCb9r9QORa8BdhrkNn6kdTly3mdnykb
OomnwbUfLlExVgNdlP0XoRoeMwbQ4598foiHblO2B/LKuNfJzAMfS7oZe34b+vLB
yrP/1bgCSLdc1AxQc1AC0EsQQhgcyTJNgnG4va1c7ogPlwKyhbDyZ4e59N5lbYPJ
SmXI/cAe3jXj1FBLJZkwnoDKe0v13xeF+nF32smSH0qB7aJX2tBMW4TWtFPmzs5I
lwrFSySWAdwYdgxw180yKU0dvwIDAQABo2YwZDAOBgNVHQ8BAf8EBAMCAQYwEgYD
VR0TAQH/BAgwBgEB/wIBAjAdBgNVHQ4EFgQUJOhTV118NECHqeuU27rhFnj8KaQw
HwYDVR0jBBgwFoAUJOhTV118NECHqeuU27rhFnj8KaQwDQYJKoZIhvcNAQELBQAD
ggEBAHwOf9Ur1l0Ar5vFE6PNrZWrDfQIMyEfdgSKofCdTckbqXNTiXdgbHs+TWoQ
wAB0pfJDAHJDXOTCWRyTeXOseeOi5Btj5CnEuw3P0oXqdqevM1/+uWp0CM35zgZ8
VD4aITxity0djzE6Qnx3Syzz+ZkoBgTnNum7d9A66/V636x4vTeqbZFBr9erJzgz
hhurjcoacvRNhnjtDRM0dPeiCJ50CP3wEYuvUzDHUaowOsnLCjQIkWbR7Ni6KEIk
MOz2U0OBSif3FTkhCgZWQKOOLo1P42jHC3ssUZAtVNXrCk3fw9/E15k8NPkBazZ6
0iykLhH1trywrKRMVw67F44IE8Y=
-----END CERTIFICATE-----
- Edit **ssl.conf** file by running ''sudo vi /etc/httpd/conf.d/ssl.conf'' Linux shell command with following contents:
Replace //<>// with your website's domain name
SSLCertificateFile /usr/local/ssl/<>.crt
SSLCertificateKeyFile /usr/local/ssl/<>.key
SSLCertificateChainFile /usr/local/ssl/cloudflare.crt
ProxyVia On
ProxyRequests Off
ProxyPreserveHost on
ProxyPass http://localhost:9001/ retry=0 timeout=30
ProxyPassReverse http://localhost:9001/
# This is needed to handle the websocket transport through the proxy, since
# etherpad does not use a specific sub-folder, such as /ws/ to handle this kind of traffic.
# Taken from https://github.com/ether/etherpad-lite/issues/2318#issuecomment-63548542
# Thanks to beaugunderson for the semantics
RewriteEngine On
RewriteCond %{QUERY_STRING} transport=websocket [NC]
RewriteRule /(.*) ws://localhost:9001/socket.io/$1 [P,L]
ProxyPass http://localhost:9001/socket.io retry=0 timeout=30
ProxyPassReverse http://localhost:9001/socket.io
Options FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
- Run following Linux shell command to restart Apache httpd service:
sudo systemctl restart httpd
- Edit Etherpad settings file by running Linux command ''sudo vi /usr/local/etherpad/settings.json''
- Run following Linux command restart Etherpad service:
sudo systemctl daemon-reload && sudo systemctl restart etherpad