Doing some playing around with a self-hosted FaaS idea. This is just research/notes for myself.
Using Debian since it has all of the packages I need.
image_id_debian="ami-0fec2c2e2017f4e7b" #image_id_red_hat="ami-016eb5d644c333ccb" image_id_ubuntu="ami-007855ac798b5175e" # Pick an image image_id="$image_id_debian" key_name="some-key-pair" security_group_id="ID HERE" subnet_id="ID HERE" aws ec2 run-instances \ --image-id "$image_id" \ --count 1 \ --instance-type t2.micro \ --key-name "$key_name" \ --security-group-ids "$security_group_id" \ --subnet-id "$subnet_id"
SSHed into the box do:
sudo apt-get update
Get lighttpd
sudo apt-get install lighttpd
Get certbot
sudo apt-get install certbot
First create an elastic IP
TODO
Then assign the subdomain to that.
AWS_INPUT=$(jq -n '{Comment: "Add a new A record", Changes:[{Action: "UPSERT", "ResourceRecordSet":{Name:"subdomain.example.com", Type: "A", TTL: 300, ResourceRecords:[{Value: "IP ADDRESS"}]}}]}') aws route53 change-resource-record-sets --hosted-zone-id $HOSTED_ZONE_ID --change-batch "$AWS_INPUT"
certbot certonly --webroot -w /var/www/subdomain.example.com -d subdomain.example.com
TODO update directory permissions
Update the configuration file:
vim /etc/lighttpd/conf-available/10-ssl.conf
ssl.privkey="/path/to/privkey.pem" ssl.pemfile="/path/to/fullchain.pem"
Enable SSL
sudo lighty-enable-mod ssl sudo service lighttpd force-reload
Forward HTTP to HTTPS
sudo echo '$HTTP["scheme"] == "http" { url.redirect = ("" => "https://${url.authority}${url.path}${qsa}") url.redirect-code = 308 }' > /etc/lighttpd/conf-available/redirect-http-to-https.conf
Should already be installed with the Ubuntu image.
Run init
lxd init
lxc launch ubuntu:22.10 nodefns