Continuous Deployment using GitHub Actions and AWS EC2 — Part III: Configure domains with Nginx
If you have followed previous articles of this series, you’d have an AWS account created, domains routed to EC2 instance with Route 53. In this article, we will learn how to configure domains using Nginx and create a basic landing page for our website.
If you haven’t installed Nginx already, you can do that by running a few simple commands on your Ubuntu server.
sudo apt update
sudo apt install nginx
Make sure Nginx is running:
systemclt status nginx
Create Nginx Configuration file for your domain
First of all, log into SSH using your .pem file. If you do not have it, follow the instructions provided here to obtain one. Once you’re logged into your EC2 instance via SSH, browse to the nginx’s sites-available folder.
cd /etc/nginx/sites-available
Create a copy of the default nginx configuration file: cp default example.com
This will create a new file in the same folder named: example.com. Open the file and add the following contents to it.
sudo nano example.com
server {
listen 80;
listen [::]:80;
root /var/www/example.com/public;
index index.html index.htm index.nginx-debian.html;
server_name example.com www.example.com;
# Browser caching of static assets.
location ~* .(gif|jpg|jpeg|png|ico|wmv|3gp|avi|mpg|mpeg|mp4|flv|mp3|mid|js|css|html|htm|wml)$ {
root /var/www/example.com/public;
expires 7d;
}
location / {
try_files $uri $uri/ =404;
}
}
Note: Replace all the instance of example.com with your own domain name.
Here, we’re setting the root of our domain directory to /var/www/example.com/public i.e. the place from where we want to serve our files when our domain is accessed.
server_name directive is used to determine which server block is used for a given request. You can read more about server names on the official Nginx documentation page.
The next block: location ~* .()
tells the server to server the static assets from a given directory and cache the resources for 7 days.
The last block: location / {...}
is used to return 404 error if no match is found.
Save the file and exit.
Create symlink: ln -s /etc/nginx/sites-available/example.com /etc/nginx/sites-enabled/
Create directories to serve files from
Now we need to create folders for our domain’s root directory. In the server configuration we mentioned the root location as: /var/www/example.com/public
so let’s create the corresponding directories.
> cd /var/www
> mkdir -p example.com/public
> cd example.com/public
Once the directories are created, let’s create an index.html
file that’ll be the entry point of our website sudo nano index.html
with the following contents:
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Welcome!</title>
</head>
<body>
<h1>Welcome to example.com</h1>
</body>
</html>
Save the file and exit.
Confirm and test
Before we move ahead let’s confirm that nothing is broken in the nginx configuration that we did so far. We can do this by checking the Nginx configuration: nginx -t
If all goes well, you won’t see any errors in the output.
Restart your webserver: sudo service nginx restart
Now, open up your browser and type: http://www.example.com
, you should see an HTML page with the heading: Welcome to example.com
Installing SSL certificate using Certbot
In this section, we will learn how to install an SSL certificate for our website so that it can be accessed via https://www.example.com
To get started, first of all we need to install snapd software.
A snap is a bundle of one or more applications (“apps”) and their dependencies that works without modification across many different Linux distributions. Snapd comes pre-installed on Ubuntu 16+. For earlier versions, you can install snap as explained below:
sudo apt update
sudo apt install snapd
To test your system, install the hello-world snap and make sure it runs correctly:
$ sudo snap install hello-world
hello-world 6.4 from Canonical✓ installed
$ hello-world
Hello World!
Before we install Certbot snap, we need to remove any existing Certbot packages to ensure that when we run the command certbot
the snap is used rather than the installation from our OS package manager.
sudo apt-get remove certbot
Run this command on the command line on the machine to install Certbot.
sudo snap install --classic certbot
Execute the following instruction on the command line on the machine to ensure that the certbot
command can be run.
sudo ln -s /snap/bin/certbot /usr/bin/certbot
Run this command to get a certificate and have Certbot edit your Nginx configuration automatically to serve it, turning on HTTPS access in a single step.
sudo certbot --nginx
The command will run a short interactive session to ask you to agree to the terms, verify the domain names for which you want to generate certificates and if all goes well, you should receive a message similar to the following:
Successfully received certificate.
Certificate is saved at: /etc/letsencrypt/live/example.com/fullchain.pem
Key is saved at: /etc/letsencrypt/live/example.com/privkey.pem
This certificate expires on <3 months from today>.
These files will be updated when the certificate renews.
Certbot has set up a scheduled task to automatically renew this certificate
in the background.
Deploying certificate
Successfully deployed certificate for example.com to
/etc/nginx/sites-enabled/example.com
Reload your webserver: sudo service nginx restart
. You should now be able to browse to: https://www.example.com
successfully.
Hope you found this useful and were able to configure your website.
In this article, you learned how to configure your domain and route your traffic to a basic HTML landing page using Nginx web server. Pat yourself on the back for you have done something amazing today.
In the next article, we will learn how to setup Git and CodeDeploy.
Stat tuned!