Preparing an Amazon Web Services Instance

From material semantics
Jump to: navigation, search

This article describes how to customize a fresh Amazon Web Service Elastic Compute Cloud (EC2) instance (that uses a Fedora-based Amazon Linux image). Depending on the image type, some of the steps below may not be necessary.

Adjusting login permissions and adjusting the repository

AWS images may require an initial login using the ec2-user user.

sudo su

Enable logon using root (optional, not recommended)

Edit /etc/ssh/sshd_config.

nano /etc/ssh/sshd_config

Add or change to the following setting.

PermitRootLogin without-password

Edit ~/.ssh/authorized_keys.

nano ~/.ssh/authorized_keys

Remove the command portion; ssh-rsa should be first thing in the first line of the file.

Edit /etc/cloud/cloud.cfg.

nano /etc/cloud/cloud.cfg

In /etc/cloud/cloud.cfg, enable login using root.

disable_root: 0

Reload the SSH service.

/etc/init.d/sshd reload

Make sure yum has access to the Fedora repository (optional)

Update yum.

yum -y update

Create a file fedora.repo in the following directory:

/etc/yu.repos.d/

The file should contain the following (ensure that there is no whitespace at the beginning of each line).

[fedora]
name=Fedora 15 - i386
failovermethod=priority
baseurl=http://download.fedora.redhat.com/pub/fedora/linux/releases/15/Everything/i386/os/
mirrorlist=http://mirrors.fedoraproject.org/mirrorlist?repo=fedora-15
enabled=1
gpgcheck=0

Key files should be placed in the following directory:

/etc/pki/rpm-gpg/

Update yum.

yum -y --skip-broken update

Install, set up, and start common LAMP components

Install and set up httpd

yum -y install httpd
chkconfig httpd on
/etc/init.d/httpd start

Modify the DocumentRoot and <Directory "..."> setting in /etc/httpd/conf/httpd.conf if necessary (it should normally be /var/www/pub).

If the server will host websites for multiple domains, add entries and directories of the following form for each:

NameVirtualHost *:80
<VirtualHost *:80>
    DocumentRoot /var/www/pub-example
    ServerName example.org
</VirtualHost>

If the subdirectories of the document root should be readable, this should be specified explicitly:

<VirtualHost *:80>
    DocumentRoot /var/www/pub-example
    ServerName example.org
    ServerAlias *.example.org
    <Directory /var/www/pub-example>
        Options Indexes FollowSymLinks MultiViews
        AllowOverride all
        Order allow,deny
        Allow from all
    </Directory>
</VirtualHost>

You can now reload.

/etc/init.d/httpd reload

You may want to delete the old default DocumentRoot directory.

rm -rf /var/www/html

You may see the following warning:

httpd: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1 for ServerName

In this case, add the following to /etc/httpd/conf/httpd.conf:

ServerName localhost

Install and set up Python

One way to install Python is to retrieve an archive and build it.

yum -y install gcc
wget http://www.python.org/ftp/python/3.2.2/Python-3.2.2.tar.bz2
bzip2 -cd Python-3.2.2.tar.bz2 | tar xvf -
cd Python-3.2.2
./configure --prefix=/opt/python3
make
make install

It is also possible to use yum:

yum install -y python34.x86_64
yum install -y python34-pip

Install and set up PHP

yum -y install php php-mysql php-xml php-xcache php-intl

Add to /etc/mime.types the following two lines (note tabs):

application/x-httpd-php			php
application/x-httpd-php-source			phps

Reload the server.

/etc/init.d/httpd reload

Edit /etc/php.ini to add any necessary extensions (normally, this should not be necessary; all required extensions should already be available).

Install and set up MySQL

yum -y install mysql-server mysql

Start the service and set the administrator password (XXXX signifies a password).

service mysqld start
mysqladmin -u root password XXXX

Install and set up MongoDB

Create a /etc/yum.repos.d/mongodb-org-3.0.repo file:

[mongodb-org-3.3]
name=MongoDB Repository
baseurl=https://repo.mongodb.org/yum/amazon/2013.03/mongodb-org/3.3/x86_64/
gpgcheck=0
enabled=1

Install the MongoDB server, set it to start automatically on reboots, and run it.

yum install -y mongodb-org-unstable.x86_64
chkconfig mongod on
/etc/init.d/mongod restart

Install Git

yum -y install git

Add support for WordPress permalinks

Edit /etc/httpd/conf/httpd.conf so the following is present:

<Directory />
    Options FollowSymLinks
    AllowOverride All
</Directory>

Also make sure the following is present:

# AllowOverride controls what directives may be placed in .htaccess files.
# It can be "All", "None", or any combination of the keywords:
#   Options FileInfo AuthConfig Limit
#
AllowOverride All

If you plan to use WordPress, place in the root directory of your WordPress installation an .htaccess file with the following contents:

<IfModule mod_rewrite.c>
   RewriteEngine On
   RewriteBase /
   RewriteRule ^index\.php$ - [L]
   RewriteCond %{REQUEST_FILENAME} !-f
   RewriteCond %{REQUEST_FILENAME} !-d
   RewriteRule . /index.php [L]
</IfModule>

Install LaTeX and dvipng for LaTeX rendering in MediaWiki

The following components are sufficient to run an instance of MediaWiki with support for LaTeX processing.

yum -y install texlive texlive-latex
yum -y install dvipng

Install other common components and platforms

Install archiving utilities (usually no longer necessary)

yum -y install zip unzip

Install make

yum -y install make

Install the Haskell Platform

yum -y install haskell-platform

Other Adjustments

Allow directory listing at root level or in subdirectories

Edit /etc/httpd/conf/httpd.conf so the following is present in any virtual host entry that should support a directory listing at root level or in a subdirectory:

<VirtualHost *>
    ServerName example.com
    DocumentRoot /var/www/pub
    <Directory "/var/www/pub">
        Options +FollowSymlinks +Indexes
        AllowOverride all
    </Directory>
</VirtualHost>

You may also need to comment out the following entry in /etc/httpd/conf.d/welcome.conf

#<LocationMatch "^/+$">
#    Options -Indexes
#    ErrorDocument 403 /error/noindex.html
#</LocationMatch>