IT Wizard Professional

User Tools

Site Tools

Trace: etherpad_install_aws_ec2
sysadmin:etherpad:etherpad_install_aws_ec2

Install Etherpad Lite on AWS EC2 Amazon Linux 2 AMI

  1. Login to AWS EC2 Web Console
  2. Launch a new t2.micro EC2 instance from Amazon Linux 2 AMI
  3. Allocation new Elastic IP
  4. Allocate the Elastic IP to newly create EC2 instance
  5. Using PuTTY SSH Client and PEM key login, SSH into in the new instance
  6. Run the following Linux shell command to update Amazon Linux 2: 
    sudo yum -y update
  7. Run following Linux shell command to install node.js:

    https://github.com/nodesource/distributions/blob/master/README.md 

    curl -sL https://rpm.nodesource.com/setup_current.x | sudo bash -
sudo yum install -y nodejs git
  8. Run the following Linux shell commands to download and install Etherpad Lite:

    https://github.com/ether/etherpad-lite#installation 

    sudo mkdir /usr/local/etherpad
sudo git clone --branch master https://github.com/ether/etherpad-lite.git /usr/local/etherpad/
sudo /usr/local/etherpad/bin/installDeps.sh
sudo groupadd etherpad
sudo useradd etherpad --system -g etherpad --home /var/etherpad
sudo chown -R etherpad:etherpad /usr/local/etherpad
  9. Setup Etherpad as service so that it can be started during boot by running Linux shell command sudo vi /usr/lib/systemd/system/etherpad.service:

    https://github.com/ether/etherpad-lite/wiki/How-to-deploy-Etherpad-Lite-as-a-service

    etherpad.service
    [Unit]
Description=Etherpad-lite, the collaborative editor.
After=syslog.target network.target
 
[Service]
Type=simple
User=etherpad
Group=etherpad
WorkingDirectory=/usr/local/etherpad
Environment=NODE_ENV=production
ExecStart=/usr/bin/node --experimental-worker /usr/local/etherpad/node_modules/ep_etherpad-lite/node/server.js
# use mysql plus a complete settings.json to avoid Service hold-off time over, scheduling restart.
Restart=always
 
[Install]
WantedBy=multi-user.target
  10. Run following Linux shell commands to enable Etherpad service and start it immediately:
    sudo chmod ugo+x /usr/lib/systemd/system/etherpad.service
sudo systemctl enable etherpad
sudo systemctl start etherpad
  11. Run following Linux shell command to install Apache httpd and Apache SSL Module:
    sudo yum -y install httpd mod_ssl
  12. Edit httpd.conf file by running sudo vi /etc/httpd/conf/httpd.conf Linux shell command with following contents:

    Replace «Server Administrator Email address»
    Replace «Website DNS»

    httpd.conf
    #Listen 80
ServerAdmin <<Server Administrator Email address>>
ServerName <<Website DNS>>:80
  13. Run the following Linux shell command to enable Apache httpd server to start at boot as well as immediately:
    sudo systemctl enable httpd
sudo systemctl start httpd
  14. Update DNS host record with your Domain Registrar or Domain Management Service
  15. Generate CloudFlare Origin Certificate
  16. Run following Linux shell commands to create certificates:

    https://www.digicert.com/kb/csr-ssl-installation/apache-openssl.htm#ssl_certificate_install
    https://support.cloudflare.com/hc/en-us/articles/115000479507-Managing-Cloudflare-Origin-CA-certificates

    Replace «domain name» with your website's domain name
    Replace «Paste Origin Certificate» with Origin Certificate generated in your CloudFlare account
    Replace «Paste Private Key» with Private Key for Origin Certificate generated in your CloudFlare account 

    sudo mkdir /usr/local/ssl
sudo vi /usr/local/ssl/<<domain name>>.crt
<<Paste Origin Certificate>>
sudo vi /usr/local/ssl/<<domain name>>.crt
<<Paste Private Key>>
sudo vi /usr/local/ssl/cloudflare.crt
<<Paste CloudFlare certificate from below>>

    https://support.cloudflare.com/hc/article_attachments/360037885371/origin_ca_rsa_root.pem

    cloudflare.crt
    -----BEGIN CERTIFICATE-----
MIIEADCCAuigAwIBAgIID+rOSdTGfGcwDQYJKoZIhvcNAQELBQAwgYsxCzAJBgNV
BAYTAlVTMRkwFwYDVQQKExBDbG91ZEZsYXJlLCBJbmMuMTQwMgYDVQQLEytDbG91
ZEZsYXJlIE9yaWdpbiBTU0wgQ2VydGlmaWNhdGUgQXV0aG9yaXR5MRYwFAYDVQQH
Ew1TYW4gRnJhbmNpc2NvMRMwEQYDVQQIEwpDYWxpZm9ybmlhMB4XDTE5MDgyMzIx
MDgwMFoXDTI5MDgxNTE3MDAwMFowgYsxCzAJBgNVBAYTAlVTMRkwFwYDVQQKExBD
bG91ZEZsYXJlLCBJbmMuMTQwMgYDVQQLEytDbG91ZEZsYXJlIE9yaWdpbiBTU0wg
Q2VydGlmaWNhdGUgQXV0aG9yaXR5MRYwFAYDVQQHEw1TYW4gRnJhbmNpc2NvMRMw
EQYDVQQIEwpDYWxpZm9ybmlhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwEiVZ/UoQpHmFsHvk5isBxRehukP8DG9JhFev3WZtG76WoTthvLJFRKFCHXm
V6Z5/66Z4S09mgsUuFwvJzMnE6Ej6yIsYNCb9r9QORa8BdhrkNn6kdTly3mdnykb
OomnwbUfLlExVgNdlP0XoRoeMwbQ4598foiHblO2B/LKuNfJzAMfS7oZe34b+vLB
yrP/1bgCSLdc1AxQc1AC0EsQQhgcyTJNgnG4va1c7ogPlwKyhbDyZ4e59N5lbYPJ
SmXI/cAe3jXj1FBLJZkwnoDKe0v13xeF+nF32smSH0qB7aJX2tBMW4TWtFPmzs5I
lwrFSySWAdwYdgxw180yKU0dvwIDAQABo2YwZDAOBgNVHQ8BAf8EBAMCAQYwEgYD
VR0TAQH/BAgwBgEB/wIBAjAdBgNVHQ4EFgQUJOhTV118NECHqeuU27rhFnj8KaQw
HwYDVR0jBBgwFoAUJOhTV118NECHqeuU27rhFnj8KaQwDQYJKoZIhvcNAQELBQAD
ggEBAHwOf9Ur1l0Ar5vFE6PNrZWrDfQIMyEfdgSKofCdTckbqXNTiXdgbHs+TWoQ
wAB0pfJDAHJDXOTCWRyTeXOseeOi5Btj5CnEuw3P0oXqdqevM1/+uWp0CM35zgZ8
VD4aITxity0djzE6Qnx3Syzz+ZkoBgTnNum7d9A66/V636x4vTeqbZFBr9erJzgz
hhurjcoacvRNhnjtDRM0dPeiCJ50CP3wEYuvUzDHUaowOsnLCjQIkWbR7Ni6KEIk
MOz2U0OBSif3FTkhCgZWQKOOLo1P42jHC3ssUZAtVNXrCk3fw9/E15k8NPkBazZ6
0iykLhH1trywrKRMVw67F44IE8Y=
-----END CERTIFICATE-----
  17. Edit ssl.conf file by running sudo vi /etc/httpd/conf.d/ssl.conf Linux shell command with following contents:

    Replace «domain name» with your website's domain name

    ssl.conf
    SSLCertificateFile /usr/local/ssl/<<domain name>>.crt
SSLCertificateKeyFile /usr/local/ssl/<<domain name>>.key
SSLCertificateChainFile /usr/local/ssl/cloudflare.crt
 
ProxyVia On
ProxyRequests Off
ProxyPreserveHost on
 
<Location />
    ProxyPass http://localhost:9001/ retry=0 timeout=30
    ProxyPassReverse http://localhost:9001/
</Location>
<Location /socket.io>
    # This is needed to handle the websocket transport through the proxy, since
    # etherpad does not use a specific sub-folder, such as /ws/ to handle this kind of traffic.
    # Taken from https://github.com/ether/etherpad-lite/issues/2318#issuecomment-63548542
    # Thanks to beaugunderson for the semantics
    RewriteEngine On
    RewriteCond %{QUERY_STRING} transport=websocket    [NC]
    RewriteRule /(.*) ws://localhost:9001/socket.io/$1 [P,L]
    ProxyPass http://localhost:9001/socket.io retry=0 timeout=30
    ProxyPassReverse http://localhost:9001/socket.io
</Location>
 
<Proxy *>
    Options FollowSymLinks MultiViews
    AllowOverride All
    Order allow,deny
    allow from all
</Proxy>
  18. Run following Linux shell command to restart Apache httpd service:
    sudo systemctl restart httpd
  19. Edit Etherpad settings file by running Linux command sudo vi /usr/local/etherpad/settings.json
  20. Run following Linux command restart Etherpad service:
    sudo systemctl daemon-reload && sudo systemctl restart etherpad
sysadmin/etherpad/etherpad_install_aws_ec2.txt · Last modified: 2020/10/07 21:39 by vidyasb

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Noncommercial-Share Alike 4.0 International
CC Attribution-Noncommercial-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki