18243ea8292a6de8f68c505a8731989e7d28a518
wiki/info/landscape/creating-ec2-image-for-webserver-from-scratch.md
| ... | ... | @@ -174,14 +174,21 @@ maxretry = 5 |
| 174 | 174 | |
| 175 | 175 | From a fresh amazon linux 2023 instance (HVM) install perl, httpd, mod_proxy_html, tmux, nfs-utils, git, whois and jq. Then type `amazon-linux-extras install epel`, which adds the epel repo so you can then run install apachetop. |
| 176 | 176 | Then you need to remove the automatic ec2 code which disabled root access; reconfigure the sshd_config; setup the keys update script; and initialise the crontab. Store a bearer token in the home dir. |
| 177 | + |
|
| 177 | 178 | Rename the welcome.conf. Add a basic web page, as the Apache default page can sometimes return no 2xx codes, which can lead to failing health checks. |
| 179 | + |
|
| 178 | 180 | Setup fail2ban like above. |
| 179 | -Ensure httpd is enabled, so that on restart the server auto boots. |
|
| 180 | -Other modules may need to be installed. |
|
| 181 | -Configure a startup service (either in /etc/systemd/system or etc/rc_x_ directories) to try to mount an attached nvme as swap space (this step needs to be checked after setup). |
|
| 181 | + |
|
| 182 | +Ensure httpd is enabled, so that the server auto starts upon a restart. |
|
| 183 | +Other modules may need to be installed, depending on the httpd config. |
|
| 184 | + |
|
| 185 | +Configure a startup service (either in /etc/systemd/system or etc/rcX directories) to try to mount an attached nvme as swap space (this step needs to be checked after setup). |
|
| 182 | 186 | Swap space still needs to be fully automated. |
| 187 | + |
|
| 183 | 188 | Postmail is useful. The script for this procedure is in configuration and is titled setupDisposableProxy.sh |
| 184 | -Setup the logrotate target (not in script yet) |
|
| 185 | -Setup the fstab (not automated) |
|
| 189 | + |
|
| 190 | +Setup the logrotate target. |
|
| 191 | + |
|
| 192 | +Setup the fstab (not automated). |
|
| 186 | 193 | |
| 187 | 194 |