Changes in 4f76a9a: Update setup process for disposable reverse proxy

				wiki/info/landscape/creating-ec2-image-for-webserver-from-scratch.md
			
          @@ -172,28 +172,16 @@ maxretry = 5

           ## Basic setup for reverse proxy instance

          -perl 

          -httpd

          -apachetop

          -per-CGI

          -postfix

          -sendmail-cf

          - mod_proxy_html

          -tmux

          -nfs-utils

          -amazon linux extras install php7.2 && yum update && yum install php

          +From a fresh amazon linux 2023 instance (HVM) install perl, httpd, mod_proxy_html, tmux, nfs-utils, git, whois and jq. Then type `amazon-linux-extras install epel`, which adds the epel repo so you can then run install apachetop.

          +Then you need to remove the automatic ec2 code which disabled root access; reconfigure the sshd_config; setup the keys update script; and initialise the crontab. Store a bearer token in the home dir.

          +Rename the welcome.conf. Add a basic web page, as the Apache default page can sometimes return no 2xx codes, which can lead to failing health checks.

          +Setup fail2ban like above.

          +Ensure httpd is enabled, so that on restart the server auto boots.

          +Other modules may need to be installed.

          +Configure a startup service (either in /etc/systemd/system or etc/rc_x_ directories) to try to mount an attached nvme as swap space (this step needs to be checked after setup).

          +Swap space still needs to be fully automated.

          +Postmail is useful. The script for this procedure is in configuration and is titled setupDisposableProxy.sh

          +Setup the logrotate target (not in script yet)

          +Setup the fstab (not automated)

          -root access

          -num of connections trackable

          -keyreader token

          -

          -amazon-efs-utils

          -mounts

          -

          -mail -> I don't think anything is needed but I added the stuf to sendmail-cf   ///

          -

          -logrotate target

          -

          -chkconfig nfs on (half complete)

          -fail2ban setup

          \ No newline at end of file

...	...	@@ -172,28 +172,16 @@ maxretry = 5
172	172
173	173	## Basic setup for reverse proxy instance
174	174
175		-perl
176		-httpd
177		-apachetop
178		-per-CGI
179		-postfix
180		-sendmail-cf
181		- mod_proxy_html
182		-tmux
183		-nfs-utils
184		-amazon linux extras install php7.2 && yum update && yum install php
	175	+From a fresh amazon linux 2023 instance (HVM) install perl, httpd, mod_proxy_html, tmux, nfs-utils, git, whois and jq. Then type `amazon-linux-extras install epel`, which adds the epel repo so you can then run install apachetop.
	176	+Then you need to remove the automatic ec2 code which disabled root access; reconfigure the sshd_config; setup the keys update script; and initialise the crontab. Store a bearer token in the home dir.
	177	+Rename the welcome.conf. Add a basic web page, as the Apache default page can sometimes return no 2xx codes, which can lead to failing health checks.
	178	+Setup fail2ban like above.
	179	+Ensure httpd is enabled, so that on restart the server auto boots.
	180	+Other modules may need to be installed.
	181	+Configure a startup service (either in /etc/systemd/system or etc/rc_x_ directories) to try to mount an attached nvme as swap space (this step needs to be checked after setup).
	182	+Swap space still needs to be fully automated.
	183	+Postmail is useful. The script for this procedure is in configuration and is titled setupDisposableProxy.sh
	184	+Setup the logrotate target (not in script yet)
	185	+Setup the fstab (not automated)
185	186
186	187
187		-root access
188		-num of connections trackable
189		-keyreader token
190		-
191		-amazon-efs-utils
192		-mounts
193		-
194		-mail -> I don't think anything is needed but I added the stuf to sendmail-cf ///
195		-
196		-logrotate target
197		-
198		-chkconfig nfs on (half complete)
199		-fail2ban setup
...	...	\ No newline at end of file