fabric/share/templates/readmes/aws.md

## links


#### visudo

[configuring visudo](http://askubuntu.com/questions/539243/how-to-change-visudo-editor-from-nano-to-vim)

#### users

[tecmint.com complete guide to users](http://www.tecmint.com/add-users-in-linux/)

[How To Configure SSH Key-Based Authentication on a Linux Server](https://www.digitalocean.com/community/tutorials/how-to-configure-ssh-key-based-authentication-on-a-linux-server)

#### postgres

[ubuntu community postgres docs](https://help.ubuntu.com/community/PostgreSQL)


## adding/deleting users

#### adding a user:

*("www-data" is the group name for website stuff on gandi)*

> *sudo useradd -G* ***www-data*** *-d /home/****username*** *-m -s /bin/bash* ***username***

***-G group*** adds the groups in a comma separated

***-d /home/username*** specifies the home directory to be created (necessary on ubuntu)

***-m*** flag to create scripts (necessary)

***-s /bin/bash*** what shell is to be used (default is none)

#### deleting a user

	userdel -r {username}
	
## IMPORTANT
### set users primary group

**this is critical**

	sudo usermod <username> -g www-data


### setting up ssh authentication

cat ~/.ssh/id\_rsa.pub | ssh **username@remote\_host**  "mkdir -p ~/.ssh && cat >> ~/.ssh/authorized\_keys"

## apt-get commands

**to see the package version:**

	dpkg -s postgresql | grep Version	

# setting up aws server

## creating the server instance

[aws instance](http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EC2_GetStarted.html)

1. Open the [amazon EC2 console](https://console.aws.amazon.com/ec2/)
2. Choose **Launch Instance**
3. The *Choose an Amazon Machine Image (AMI)* page has basic configuration, so pick the first *ubuntu* configuration
4. This will take you to the *Choose an Instance Type* page, this chooses the hardware configuration, you want to pick **t2.micro**
5. Hit **Review and Launch**
6. This will take you to *Review Instance Launch* page, and that has an option for **Security Groups**, hit **Edit security groups**, on the page that pops up, pick the options you want to allow for your instance
7. When finished, hit "done" or whatever and you'll be taken back to the *Review Instance Launch* page, from here hit the **Launch** key
8. this will prompt you for a key pair.  There are a few options.  Create a new Pair and choose an existing key pair

####key pair info:
[aws info on key pairs](http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html)

[importing id_rsa](http://www.admin-magazine.com/CloudAge/Blogs/Dan-Frost-s-Blog/Importing-SSH-keys-on-AWS)

[add_ssh](http://stackoverflow.com/questions/8193768/trying-to-ssh-into-an-amazon-ec2-instance-permission-error)

1. mv /path/to/myname.pem ~/.ssh
2. ssh-add ~/.ssh/myname.pem
3. ssh ubuntu@INSTANCE_IP_ADDRESS

Remember that the IP ADDRESS changes whenever you restart the instance

on your computer

1. vim /etc/hosts
2. add a line with the server name and IP ADDRESS for that insntace
3. ssh ubuntu@SERVERNAME

## updating the hostname

[aws ubuntu hostname](https://aws.amazon.com/premiumsupport/knowledge-center/linux-static-hostname/)

[scroll down to find the "echo" comment](https://forums.aws.amazon.com/message.jspa?messageID=495274)

there is an issue with ubuntu instances on AWS, the name given in /etc/hostname doesn't match what exist in /etc/hosts.  So if you try using sudo you'll get an error.

To fix this, you need to change those files, to get into sudo type in:

	sudo su -
	echo "127.0.0.1 $(hostname)" >> /etc/hosts
	
This will update /etc/hosts with the default hostname generated by amazon.  Alternatively you can do what it says in the first link [aws ubuntu hostname](https://aws.amazon.com/premiumsupport/knowledge-center/linux-static-hostname/)

	
### setup visudo

	sudo update-alternatives --config editor

	su -c 'visudo'

find this line:
	
	USERNAME ALL=(ALL) NOPASSWD: ALL
	
replace it with:

	admin ALL=(ALL) ALL
	

## add new user

[adding a user on linux AWS](http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/managing-users.html)

[how to get an add the public key to the new user](http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html#retrieving-the-public-key)

1. *sudo useradd -G* ***www-data*** *-d /home/****username*** *-m -s /bin/bash* ***username***
2. *mkdir projectdir*

### set users primary group

**this is critical**
- The primary group is the group applied to you when you log in using the usual methods (TTYs, GUI, SSH, etc.).

	sudo usermod <username> -g www-data
	
### set password

	sudo passwd <username>

### setting up ssh authentication 

1. get the public key:

		ssh-keygen -y -f /path/to/myinstance.pem

2. copy the above results

3. log in to the ubuntu instance using default ubuntu user

4. change users to the custom username

		sudo su - username

5. create the ssh directory and auth file

		cd /home/username
		mkdir .ssh
		touch .ssh/authorized_keys
		vim ~/.ssh/authorized_keys
		
6. change the permissions

		chown -R username:username_gropus .ssh
		chmod 700 .ssh
		chmod 600 .ssh/authorized_keys

7. now paste in the public_key you got in step 1
8. log out and test with the username

		ssh username@instance.domain

### add username to the sudo group
AWS has a sudo group that allows a user sudo priveleges

	usermod -a -G sudo username

### apt-get setup

	sudo apt-get update
	sudo apt-get install aptitude

## postgres


#### links fix locale error with postgres

[could not connect to server solution](http://askubuntu.com/questions/50621/cannot-connect-to-postgresql-on-port-5432)

[locale solution](http://ubuntuforums.org/showthread.php?t=1346581)

[remote connecting](http://www.railszilla.com/postgresql-tcpip-connections-port-5432/coffee-break)

	sudo apt-get install postgresql
	sudo apt-get install postgresql-contrib
	sudo locale-gen en_US en_US.UTF-8 hu_HU hu_HU.UTF-8
	sudo dpkg-reconfigure locales
	sudo service postgresql restart
	sudo -u postgres psql postgres
	sudo -u postgres createdb **website_dbname**

	sudo apt-get install postgresql-server-dev-X.Y
	sudo apt-get install postgresql-server-dev-9.3
	
#### change password for db user "postgres"
	sudo -u postgres psql postgres
	
	ALTER USER Postgres WITH PASSWORD '<newpassword>';
		
#### set up postgresql to remote access

######(see "remote connecting" link above)

#####Note: be careful with this, because **anyone** will be able to mess around with it

1. sudo vim /etc/postgresql/9.3/main/postgresql.conf
2. find **listen\_addresses** and change it to **listen\_addresses = '\*'**
3. sudo vim /etc/postgresql/9.3/main/pg_hba.conf
4. find **host    all             all             127.0.0.1/32            trust** and change **127.0.0.1/32** to **0.0.0.0/0**
5. sudo service postgresql restart
6. test it by running: *psql -h* ***ip\_address*** *-U* ***username*** *-d* ***database***
7. e.g. psql -h 173.246.107.96 -U postgres postgres

### setup the /var/www directory

	cd /var
	sudo mkdir www
	sudo chgrp www-data www -R
	sudo chmod g+w www -R
	
### install python packages

	sudo apt-get install python-dev
	sudo apt-get install libjpeg-dev
	
	
## install and set up supervisor

	sudo apt-get install supervisor

make sure www-data is a group for the main user

	vim /etc/supervisor/supervisord.conf

add the following:

	[unix_http_server]
	file=/var/run/supervisor.sock
	chmod=0770
	chown=nobody:www-data

	[supervisorctl]
	serverurl=unix:///var/run//supervisor.sock
	chmod=0770
	chown=nobody:www-data
	
#### run the following commands:

	sudo service supervisor stop
	sudo service supervisor start
	
### install pip and virtualenv

[virtualenv install](http://roundhere.net/journal/virtualenv-ubuntu-12-10/)

	sudo apt-get install python-pip
	sudo pip install virtualenv
	sudo pip install virtualenvwrapper
	
	echo "WORKON_HOME=~/.virtualenvs" >> .bashrc
	echo ". /usr/local/bin/virtualenvwrapper.sh" >> .bashrc
	
	
### install nginx

	sudo apt-get install nginx
	
	
# bootstrap server

	fab (prod|rel) deploy.bootstrap