Deploying a PHP web app on AWS EC2 with Apache, MySQL, and SSL certificate

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
hi there in today's video I will show you how you can deploy a PHP web application in AWS in an ec2 instance now this video is not going to be a super comprehensive tutorial I just have this app that I created in a previous video and I would like to publish it so that the viewer can watch it so I might as well make a video about it so here is my app it is now currently running on my local machine so this is a guesser app that asks you yes or no questions about what you're thinking about and then it will try to guess what you're thinking about if you want to see how a build is you can watch the previous video by clicking up there or from the link in the description now let me Demo this for you quickly so if I start this over and let's say I'm thinking about Amazon AWS does it belong to the category person or character no it is not an object object or thing well yes it is an object or thing is it a way to manage and utilize resource it is you are thinking about virtualization software so we were pretty close but you get the point there are some things that I have to tweak but now let's publish this app so the first thing I'm going to do is I'm going to go to AWS and I will go to the ec2 section then I will go to the instances and I'll click here launch instances and I will give a name for my instance this will be guesser app I will also add a cost tag which I will use to see how much this costs and I will add it to the volumes as well and I will pick Ubuntu as the operating system and 64-bit yes that's fine and I will pick the cheapest possible thing from here I think it's nano or something 0.0073 USD per hour on Linux that is pretty cheap so it should be around five bucks a month for that and let's and then let's pick a key pair now I will actually create a new key pair here and I will call it guesser app and I will select the pen format and I will create key pair and this will download the getterapp.com on my computer which is the private key and I will allow SSH traffic from my IP and I will allow HTTP and https and eight gigs should be enough and I will select gp3 and I will encrypt the volume by clicking Advanced and then I click here and I select encrypted and we don't have to select the KMS key that will be automatic and do we have something in the advanced details nope that should be it so let's click launch instance and wait for a couple seconds all right now we have launched our instance let's go back to instances and let's get the IP address of this instant by clicking here and here we have public ipv4 address I will copy this and I will SSH into it but before we can SSH we need to set up the private key so I'll go to Nano SSH config and I will say Host this identity file will be I think it's in the downloads slash dresser app and I'll set the user here as well user will be admin I believe in Ubuntu the default username for the Ubuntu image in AWS is admin you can't log in with root directly so now that that is done I should be able to choose SSH into here and I will say yes and I need to change the permissions of that file and of course if you put this somewhere else on your downloads but I'm just doing it like this for the demonstration and we have been denied for some reason let me see he's the user actually admin okay here is the problem the default username is not admin it's Ubuntu on Ubuntu installation so I will have to change this to Ubuntu and then if we go back there without the username okay now we are inside the ec2 instance so let me do something here so that this looks a bit nicer for you I'm not quite sure what I should do all right can you see that now I hope you can if you're watching this on your phone or something so what are we going to do next we are now in the system okay first let's run sudo apt update so that we will update the packages so that we will actually have something to install all right and let's install apt upgrade as well so this will upgrade all the packages on the machine ah new kernel available yes restart that all right now we have an updated system so let's install everything we need so sudo apt install we need PHP we need Apache 2 although I think that might come with PHP we have to install MySQL server and I need PHP my admin as well and that is all I can think of right now let's see this will work all right and we are prompted for the phpmyadmin configuration we will use Apache 2. all right and we need a database for the phpmyadmin and we will just use the default settings and create a random password so we're gonna leave this empty so we're gonna get a random password and we have a problem this is not good can't connect to local MySQL server okay I guess we have to abort let's see what errors we got here MySQL is always not that fun to install okay it seems that I picked a server that is too small we are running out of memory so what I will do is I will create a swap file so I will say if allocate slash swap file and I will say four gigs if I can remember the syntax you need to have l in here and I have to have sudo okay now I have a swap file then I have to say swap on now I have to say MK swap swap file and sudo again and sudo swap on Swap file and we need to change the permissions again and let's do swap on again I have to say swap off now because it already did it before so now I should have swap yes now I need to make it so that when I reboot the system I will still have swap so I have to say sudo Nano Etc FS Tab and then I have to try and remember how this works label is Swap and it will be in swap file and type will be Swap and maybe this is swap as well and this is zero and what's the last one let's do one because everything else is one and let's reboot the system and see if we can connect to it again so let's wait for a while for it to boot up again and see if we still have Swap and it seems that I have breaked my machine so I have to start over all right I have now installed another machine and this time I will use Google to verify the format of the fs tab file all right so it should be non-swap sw00 so let's do that okay now we have Swap and then we will edit the file properly now I think the label I can just set whatever I want Swap and this is swap file and this is none and this is Swap and this way and let's see what happens this time when I reboot the machine and then wait for a minute and try again well that is embarrassing I have created another machine apparently that was not the right format either so let's see again all right we have swap let's edit the fs tab so apparently it was just here we don't have a label so this will be swap file and mount point is known and then type is Swap and then the extra thing is SW and then 0 and 0. so now let's reboot and now it's going to work all right now we are in and hopefully we still have some swap yes now we have four gigs of swap all right now we should be able to sudo apt install PHP Apache to mySQL server PHP my admin all right and now we are back in the PHP my admin installation and hopefully this time it will go through all right now we are going to install PSP my admin and I will set the password as blank so it will be automatically generated I have never had to use that password MySQL admin password and we have a new kernel all right now we should have everything we need so if we take this IP address and we go to it we should have some kind of default page here yes we have installed Apache now so now I have to put my app in there so let's do that so I will switch to the root user and I will CD into bar Tap Tap Tap and we have the HTML here so I will create a new folder for my guesser app and I will change into there and I will just put a test file here so now if I change the document rule to this folder then I should say hello so I will go to Nano Etc Apache to sites available and default so if I change this to guesser app and then I service Apache to reload then if I go back here and I refresh I will have hello here but now I don't want to use the IP address I want to actually create another domain for this specific app so I'll go back to my AWS and I will go to elastic IPS because normally the easy two instances will have a changing IP so if you shut it down and then you restart it later it will have a new IP but that's not very fun if you want to have a website there so we have to create an elastic IP and elastic IPS are free if you keep your server running if you shut it down then it's going to cost you a little bit but this is going to be running all the time so let me allocate a new elastic IP and I will set a cost tag for this and allocate and then I will click here associate this elastic IP address and I will associate it with the guesser app instance and I will check here allow this IB to be re-associated so now I should get a new IP address for the instance so I have my two terminated instances here and I should have one that is running so now if I check the IP address it should be different so now I can't go here anymore and I probably lost my connection here as well so let's start a new connection and I will actually change the SSH config to have the new IP here so I will copy this and paste it in here so now if I go here then it works again and if I go to this IP address here then this works as well but now I want to have a domain here not an IP so I will go to my Route 53 which is the domain name system for AWS and let me actually say I have never registered the domain from Amazon let's see if that is easy and if I can find an available domain let's just pick a common domain and let's see if we have some good domain available for this app so I will register it otherwise I will use a subdomain with an existing domain so let's say yes sir well it's not going to be available guesser.info guesser.me guesser.tv against the group guesser online how about guesser app that is available so I will buy it all right I have registered my domain it says domain registration in progress now I'm not sure how long this will take so I will create first the sub domain so I'll go to Route 53 and I will go to my existing domain and I will add a subdomain here with simple routing and I will Define simple record and this will be guesser app Dot unconventionalcoding.com and I will choose an endpoint that is an IP address and I will copy this IP address I will Define simple record and I will create that record so now I should have a domain for this app so let's go to the server and I will switch to the root user and then I will Nano Etc Apache 2 sites available slash guesserapp.com and here I'll create a new virtual host and this will be Port 80 and server name will be guesserapp.com and server Alias will be guesser app dot on conventional coding.com and document root will be War guesser app and do I need something else not quite sure and I will run A2 inside guesser app and then I have to run service Apache to reload so now if I did that correctly I should be able to go to guesser app dot unconventional coding.com and here I have Hello I changed the default place as well so Nano Etc Apache 2 sites available default I will put this back into HTML and see if it actually worked service Apache 2 reload and I will refresh this and this still goes here but if I go to the IP which is this I go to the default page so now I have the app in its own place so now I just have to move my app there so how do I do that I will start a new tab here and I will move to that folder where the app is on my computer it's in mind reader and here I have all kinds of files and I will use SCP to move these files everything to getter app dot on conventional coding.com slash bar guesser app and I realize I won't have permission because I'm using the Ubuntu user so I will temporarily say Joan Ubuntu Ubuntu slash guesser app and I wrote shown wrong and I will put recursive and now if I run this it should be able to move it there or not I think I need to use the IP here because that's how I set it up in the config file right now we are moving everything there and I forgot to put the r flag here so it's recursive all right now everything is there so let's go to VAR dot guesser app and we have everything here now the first thing I am going to do is I am going to move my API key to somewhere else because now it's publicly accessible and I will remove all the dot text files from here and I will go to the SRC folder and I will create a HD access file we don't want anybody to go there and same thing in that vendor folder and I wrote the name wrong and I will go back here and source and move this to be two SS great so then before I test my application which actually won't work yet because I don't have the mySQL database yet I will remove the database data SQL files as well okay now it should work if I just create the database in there so let's go to mySQL and let's create a new admin user here create user admin at localhost identified by foreign all privileges to admin at localhost on everything dot everything that's not how it goes everything at everything 400 scale well don't need to be everything localhost I will have to Google this because I don't remember it Grant all privileges on database too Grant all privileges on to this has to be star.loggerhost no that's the database name started star okay now we should have an admin user and let's see if our PHP my admin is accessible already yes it is so now I should be able to log in with admin and my password that I created which I forgot already all right I am in and I will save that my bit Warden and now I should be able to create a database here for guesser I want to call it guesser a little guesser app and I will select some encoding here and then I'll go to my local host and I take my guesser and I will export it everything and I will import it here and import okay now everything is there and I will create another user for here which is for the app so I will say create user guesser app at localhost identified by now I might as well show it to you because you're going to see it in the code I'll change it later like this and then I will say Grant all privilege privileges on Star dot guesser app two guesser app at localhost what is wrong with this command Grant all privileges on star.guessr app does it need to be in quotes nope it's the other way so geyser app dot star all right so now if we go to the database.php and I change here password to be my password and the username to be guesser app and database name is guesser app then now the app should work if I don't need some PHP library that I don't have so let's refresh and we have the app here amazing so let's see if this still works so if we are thinking about uh monkey it is an animal it is not other it is not object it is not abstract idea this is not a person it is not object it is a memo it is not a carnivore it is an omnivore it's not a pet it is not a herbivore it's not livestock it is not rodent it is not that one it is a primate it lives in trees it has opposable thumbs that learn complicated behaviors by observing other other teams well no because it's not a chimp it's a monkey large head compared to its body maybe it's a mammal it does have wide nostrils yes does it eat mainly plants yes it does live in tropical climates yes there's living groups yes does it have a short tail I don't know is it short or long sharp teeth I don't know it has fur it makes loud noises is it a male well sure why not does it have short legs yes does it use hand gestures to communicate yes it is a primate it lives in Africa it has powerful arms you're thinking about gorilla well that's close enough so now it works and now I have successfully published my gather app on Amazon ec2 now I just need to get some SSL certificate for this website because it is not secure right now so how do we do that let's install let's encrypt apt install cert bot okay and then we have to say insert bot install doesn't know how to install uh short only and I don't remember that okay it will ask me that's great Place files in Webroot I want to do that that's my email please read the terms of service yes I agree would you be willing to share your email address no I am not at this moment willing to do that please enter your domain name guesser app dot on conventional coding input the web root for guesser app War guesser app all right we have a certificate all right so now I have to create the virtual host for the SSL version so I will copy the default SSL and I will call it guesser app ssl.com and I will Nano gaserapp.com sorry caser app ssl.com and document root will be guesser app and certificate will be I forgot where it was but I think I remember the basic Etc let's encrypt um live guests or app Dot on convention now coding.com slash something full Jane dot pen maybe it's like this and this will be Etc let's encrypt live slash guesserapp dot on convention Journal coding.com slash something dot key I don't remember so that should be it and I will check I cleared it already let's list what is in ETC let's encrypt Live guesser app we have a full chain and a chain insert and priv key so the key file should be the priv key dot Pim and this one was full chain.pin and I will say a to enable site guesser app SSL and service Apache to reload and let's see if our SSL certificate will work connection refused I will have to enable PTC Apache 2 httpd.com no it's apache.com and listen ports.com so Nano Etc apache2boards.com um is that enabled A2 and mod SSL service Apache to reload and we get an error SSL certificate key file does not exist let's encrypt Live gaster app on on venture no no guesser app ssl.com and on conventional coding service Apache to reload that looks better and then let's refresh this and we have an SSL protected website great connection is secure certificate is valid that is amazing now of course it's valid only for three months so we have to make it update automatically so I will just do Chrome tab e and Nano and we will add here every um someday Saturday or Sunday we will run cert bot renew and Apache to reload a service shirt but preview is it like this yes but I have to say which service I have to put the whole thing in there and probably the which insert bot user be insert but now if you have some more important server you might want to Google how to do this properly this is just a quick hack for doing this because now it will reload the Apache configuration every week which might not be the optimal thing if you are doing some changes and then it reloads and then your changes update automatically so not a great thing but it should work so this is minute hour day of month month day of week every sixth day so maybe it's Sunday or Saturday one of those so uh let's see if this works how about here Echo updated third board updated dot text and let's make it so that it will do it in a few minutes well just every minute let's see when the minute changes if it will create a file all right now it's 8 11 and if I list this then I have a third bot updated here so now it ran it so that's good it should work but I will change it back to every day six and now I want to disable PHP my admin because I don't want people trying to get in so let's figure out where it is it's not in the Apache where is it I think it is here how is it how does it work if it's not in the Apache configuration then how does it work um this is always interesting I always forget where is it where is PHP my admin where is PHP my admin default location users user share PHP that's where I checked already it's a link okay there's no link wait a minute user share PHP my admin but where's that I know it does like an alias or something but why isn't it there is a mystery please let me know in the comments where the hell is PHP my admin on my server A2 disc conf phpmyadmin but there is no configuration file there service Apache to reload it is there where is it what here it is Alias PHP my admin user share PHP manager okay but how come it's not in the Apache 2 folder I don't understand I grabbed everything it's not there very interesting now I will rename this out Alias to something else so that it's not going to be the default all right so now we have disabled phpmyadmin and we have the guesser app here running and it's https now we should make it so that it will automatically redirect rewrite engine on rewrite rule rewrite called not I never remember this thing how it goes HTTP SSL let's Google this https redirection all the way acdp redirect to https HD access does anybody really remember how to do this you have to do it so rarely It's just sometimes so this is the code we need thank you freecodecamp.org so remove this and this should be now this is I I want it to be HTTP host it's like this nope um I have to do A2 n mod rewrite and reload Apache nope why doesn't it work for it to have this two times maybe I have to add that Nano allow override all and this should actually be server name and server Alias yeser app dot on conventional coding.com and I have an error allow override not allowed why is my mod really right not working hello all right where do I put it Nano ATC Apache to apache.com hello all right all service Apache to reload and let's try this again it still doesn't work I know it's I switched the wrong directory this one and in fact I will add another one here I guess this could be in the virtual post Paul and I will put minus indexes and service Apache 2 reload and I have an error plus or minus so I think I have to I have to add it to all of them so this has to be plus and this has to be minus if I'm gonna set some plus or minus then I have to do that and now I will make one more change which will be the HD access I want to not have to put in the domain here this should only be HTTP host if it's that way refresh yes now we are redirecting to the https website great so now it works now let me check if my new domain is already set up I have seven hosted zones so I think it has appeared in here yes we have guesserapp.com so I'll point that to the same server so let's take this IP address and edit oh I have to add a new record here simple routing Define simple record and there's no sub domain and it will be an IP address it will be that and Define simple record create records so now that is done now I'm going to have to wait for a couple minutes I think before it actually works so while I'm waiting let me check that I have made it so that it will work with that domain as well so I will go to Etc Apache to sites available and guesserapp.com sorry Nano Nano yes because I have the server name here and the server Alias so both of these should work but I have to change the SSL because it is getting the SSL certificate from this file I will change this to gasserapp.com like so and I guess it will work now so I will do this third bot insert only and I will use the number two option and I will say yeserapp.com [Music] and yes sir app dot on convention channel coding.com so now it should create the certificate for all of these so they will all work although I don't know if I will use the guesser app. I guess I don't have to do that I'm not sure if I have to have the www separately what let's do it anyway and Webroot is War guesser app and it is going to be the same for www although I didn't add it there so it's not going to work I have to add Alias I'll just add it here yes or.com and I will do the same with the non-ssl version and then I should be able to install the certificate um Perhaps it is not ah an instrument looking up for www I did not add it I added only the regular one I have to add it separately so this will be and can I make a c name and it will be guesser app.com you have to add dot in the end Define simple record create records all right let's try this one more time I need to run service Apache to reload and I can't run it yet because I changed the A2 this side guesser app ssl.com now it should work web root guesserapp.com guess or app still failed because I have the HD access file I have to disable this because it's trying to redirect fifth time is the charm all right now it is working so now I should be able to enable this rewrite rule again I should be able to say A2 inside guesser app SSL and service Apache to reload and now if I go to guesserapp.com I get my app here so now I have this website at guesserapp.com and it should also work with www.gessertap.com yes here is my app now so go ahead and go to getterapp.com and try if it works and tell me if it worked or not it's not perfect yet but perhaps I will keep improving it in the future so now this is the end of today's video and I hope you enjoyed it and I hope you've learned something let me know in the comments if you have some questions or some improvements to my workflow here or if I missed something so thanks for watching And subscribe if you want to see more videos like this and I will see you in the next video
Info
Channel: Unconventional Coding
Views: 184
Rating: undefined out of 5
Keywords:
Id: TqBnNVxfFyg
Channel Id: undefined
Length: 41min 37sec (2497 seconds)
Published: Mon Feb 20 2023
Related Videos
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.