My deploy setup for Known on AWS.
- Deploy ec2 instance
- Attach EFS volume at ~/data
- Get parameters for reaching RDS database
- Install docker, docker-compose on ec2 instance
- Move this repo to this instance
- scp the env file to this instance
- Ensure letsencrypt certs are up to date
- Run
docker-compose up -d
You can now access the Known instance at 80 and 443 on the machine.
Copy fullchain.pem and privkey.pem from /etc/letsencrypt/archive/$DOMAIN/ to ./certs (remove the trailing numbers from the file names). These will be passed into the NGINX container.
TODO: Periodically check validity of certs and re-run certbot if they expire.
To reach other instances on the VPC (e.g. the database) Docker must be told to
use the VPC's DNS server; by default it uses Google's public DNS at 8.8.8.8. Go
to the docker options file (for ec2 this is /etc/sysconfig/docker
) and change
the OPTIONS
line to include --dns 172.31.0.2 --dns 8.8.8.8 --dns 8.8.4.4
.
Amazon VPC DNS servers are usually at the base of the IP range +2 e.g. if the
VPC has block 172.31.0.0/16 then it will be at 172.31.0.2.