【メモ書き】テスト環境向けamazon linux2のEC2セットアップ2
1.route53の設定
言うまでもなさそうなので端折ります。
2.nginxのインストール
extrasからnginxをインストール
sudo amazon-linux-extras install nginx1
3.lets encrypt導入
こちらを参考にした qiita.com
cd /var/www git clone https://github.com/certbot/certbot cd certbot cp certbot-auto certbot-auto.bak vi certbot-auto
# before elif [ -f /etc/issue ] && grep -iq "Amazon Linux" /etc/issue ; then Bootstrap() { ExperimentalBootstrap "Amazon Linux" BootstrapRpmCommon } BOOTSTRAP_VERSION="BootstrapRpmCommon $BOOTSTRAP_RPM_COMMON_VERSION" # after elif grep -i "Amazon Linux" /etc/issue > /dev/null 2>&1 || \ grep 'cpe:.*:amazon_linux:2' /etc/os-release > /dev/null 2>&1; then Bootstrap() { ExperimentalBootstrap "Amazon Linux" BootstrapRpmCommon } BOOTSTRAP_VERSION="BootstrapRpmCommon $BOOTSTRAP_RPM_COMMON_VERSION"
書き換えたら実行
./certbot-auto certonly --standalone --no-self-upgrade -d your.domain -m xxx@your.domain --agree-tos --debug
4.nginx設定
basic認証の準備
sudo yum install httpd-tools
cd /etc/nginx/conf.d sudo vi app_name.conf
error_log /var/www/rails/app_name/log/nginx.error.log; access_log /var/www/rails/app_name/log/nginx.access.log; client_max_body_size 2G; upstream app_server { server unix:/var/www/rails/app_name/tmp/sockets/.unicorn.sock fail_timeout=0; } server { listen 443 ssl; server_name your.domain; ssl_certificate /etc/letsencrypt/live/your.domain/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/your.domain/privkey.pem; keepalive_timeout 5; root /var/www/rails/app_name/public; try_files $uri/index.html $uri.html $uri @app; location @app { auth_basic "Restricted"; auth_basic_user_file /etc/nginx/.htpasswd; proxy_set_header X_FORWARDED_SSL on; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; proxy_redirect off; proxy_pass http://app_server; } error_page 500 502 503 504 /500.html; location = /500.html { root /var/www/rails/app_name/public; } }
設定は適宜変更
5.unicornの起動
冗談はさておき
bundle exec unicorn_rails -c /var/www/rails/app_name/config/unicorn.conf.rb -D -E production
以上!