Personal website to display some data products and to impose my will on the internet via blog.
Run two independent apps that do not communicate with each other for debugging and dev. Requires: Python 3.5 and npm.
cd backendset FLASK_APP=run.py(export FLASK_APP=run.py)pip install -e .flask runcd frontendnpm installnpm run serve
The full app can be run through docker but tends to slow down my computer a lot.
cd websiteecho "VUE_APP_ROOT_API=http://localhost > frontend/.env.productiondocker-compose -f docker-compose-http.yml up --build
-
Set Up AWS EC2 instance:
- Ubuntu 18.04 Image
- t2.small (~$0.0023 / hour or ~$16 / month)
- t2.micro works if you download the
minifiedbranch ofcard-classifier, otherwise you will get aKillederror during install ofmasteron t2.micro (I assumetensorflowis the culprit). This is ~1/2 the price of t2.small.
- t2.micro works if you download the
- Optional: Check Spot Requests to lower costs. But be warned that Amazon is on bullshit and your instance will disappear without explanation.
- Enable Auto-assign Public IP
- 10-12 GB EBS (Costs ~$0.10 GB / month)
- Security Group
Website:- SSH on 22
- HTTP on 80
- HTTPS on 443
-
Set up project
- SSH into instance
- Go to server root (EC2 defaults login as
ubuntuso justcd ../../after ssh-ing in) sudo git clone https://github.com/spwhite1337/website.gitcd websitesource initialization.sh- Get AWS Keys from S3 Bucket
s3://scott-p-white/personal/keys
- Get AWS Keys from S3 Bucket
-
Update DNS records in GoDaddy account
-
Log-in -> Scott White (upper right) -> Manage Domains -> DNS -> Manage Zones -> Search
scottpwhite.com -
Match records to the IP Address from the EC2 instance
-
Can take as little as minutes to work, but takes days to cover the globe.
-
-
Update hard-coded domain name in the
nginxfolder andletsencryptfolder of this repo. The rest of the docs assumescottpwhite.com.nginx.confletsencrypt-staging.shletsencrypt-prod.sh(Also change the email in this script)
cd websitesudo sh -c "echo 'VUE_APP_ROOT_API=http://scottpwhite.com' > frontend/.env.production"sudo docker-compose -f docker-compose-http.yml up --build
SSL Certification can be accomplished with a free process from Let's Encrypt to enable transfer of data over HTTPS.
Generate an SSL certificate with Let's Encrypt / Certbot on a test site served over the domain. (Reference)
-
Stop and prune any running containers (e.g.
sudo docker system prune -a) -
cd website/letsencrypt -
sudo docker-compose up -d -
Go to
http://scottpwhite.comandhttp://www.scottpwhite.comto verify site is working over http -
Test the certification process with:
-
source letsencrypt-staging.sh
-
Optional: Ensure success with
source letsencrypt-info.sh
-
-
Generate the certificates and save them to docker-volumes (rate limits are currently at 50 certificates per domain per week. Should be plenty but best not waste them.):
-
Remove staging volumes:
sudo rm -rf ../../docker-volumes/ -
Get certs with
source letsencrypt-prod.sh
-
Optional: See info with
source letsencrypt-info.sh
-
-
Shut down initial certification container with:
sudo docker-compose down
This is a security key I don't totally understand but was recommended by the internet. We'll add it as well.
-
cd website -
sudo mkdir dh-param -
sudo openssl dhparam -out /website/dh-param/dhparam-2048.pem 2048
- Clear all containers / networks with:
sudo docker system prune -a cd websitesudo sh -c "echo 'VUE_APP_ROOT_API=https://scottpwhite.com' > frontend/.env.production"sudo docker-compose -f docker-compose-https.yml up --build
Set up a cron job to automatically renew SSL certificates in the docker environment (This still needs to be verified):
0 0 1 * * cd website/letsencrypt && echo 'Y' | source cert_renewal.sh >> cron.txt