All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
static website creation with aws ec2 instance - nginx server - ssl installation - ssl redirection
_Here in this tutorial, we are now
_
=====> creating an aws account and provision an ec2-instance(linux)
======> you should have a domain name or register one with amazon rooute 53, if you have one, we are creating a hosted zone in aws and pointing to our ec2 instance
=======> installing nginx and creating virtual host for our domain
===========> installing lets encrypt and install ssl for our site and use one redirection to forward all traffic to https.
-------------------------------/////---------------------------------------
- Create an aws account in free tier basis
- provision ec2 instance
https://docs.aws.amazon.com/efs/latest/ug/gs-step-one-create-ec2-resources.html
- Open following ports in the security groups
22 for ssh
80 for http
443 for https
save the pem file in your local system to access the ec2 machine(server)
ssh [email protected] -i my.perm
use your own perm file here.
- sudo su -
// for granting root access
- yum update -y
- yum install nginx -y
It will install nginx for the amazon AMI linux machine - service start nginx
- chkconfig nginx on
- The default location for nginx configuration is /etc/nginx
Default nginx configurationfile is /etc/nginx/nginx.conf
Domain part
Go to amazon aws console >> Route 53 >> add your hosted zone for your domain.
Add A entry for domain.com and www.domain.com with the ec2 instance ip address
MAKE SURE THAT YOU HAVE USED THE SAME AMAZON NAME SERVERS IN THE REGISTRAR END
Now the website is pointing to our ec2 instance
Then come back to ec2 section.
By default, nginx will load the configuration files present in the /etc/nginx/conf.d/
so, we can create a configuration file(virtual host entry for our website).
if you want to host more websites;
----> go to /etc/nginx
-----> create a folder called sites-enabled
mkdir sites-enabled
and create our domain configuration file in it.
add the exact below virtual entry for get to working
server {
listen 80; ----------------------------> for listening to port 80
listen [::]:80;-----------------------------------> for ipv6 connections
root /home/sample/;-------------------------> your website files location
index index.html index.htm index.php;
server_name sample.com www.sample.com; ---------------------> replace with your domain name
location / {
try_files $uri $uri/ =404;
}
}
then check if nginx conf is fine or not
nginx -t
it will return the status code ok
restart nginx
service nginx restart
summary
So, now your domain sample.com is pointed to our ec2 instance via route53 in aws and we have configured nginx virtual entries for our webiste
CALL sample.com in your web browser, you will see the index.html page you have set up in /home/sample/
HTTPS part
As Lets encrypt is giving free ssl, we can get advantage of it.
install Lets encrypt on our server from github
yum install python27-devel git ---------------> install git on our server
git clone https://github.com/letsencrypt/letsencrypt /opt/letsencrypt --------> clone the git repository with a folder on our server
/opt/letsencrypt/letsencrypt-auto --debug -----> this will install Lets encrypt
DURING INSTALLATION, IT WILL ASK FOR
domain name
email address
and it will edit the configuration file in /etc/nginx/sites-enabled automatically and will place the cert files there.
You can visit the conf file now and you will see the certbot have entered the 443(ssl) section automatically
Redirect
if you want to redirect all traffic to ssl version of the website
put the redirection code block after the 443(ssl) block
server {
listen 80;
server_name sample.com www.sample.com;
rewrite ^ https://www.sample.com_uri? permanent;
}
Restart nginx now
Then access sample.cm, it will redirect to https://www.sample.com
========================The end=======================================
Comments
I would like to point out that you can use S3 + CloudFront for static website hosting.