NodeJS app on AWS Lightsail with SSL
Create an instance on AWS Lightsail
Login to Lightsail page on AWS
https://lightsail.aws.amazon.com/
Click on create instance
- Select a platform Linux/Unix
- Select a blueprint Apps + OS (checked by default) Select:
Node.js (12.16.1) - Click Change SSH key pair Select existing key pair or create a new one
- Choose your instance plan eg $3.5 USD
- Identify your instance (Your Lightsail resources must have unique names.) eg:
game-app - Click on
Create instancebutton
Setup nodeJS app
Setup apache configuration
Click on terminal icon to connect instance
- cd stack
- sudo ./use_nodejs
- mkdir apps && cd $_
- mkdir egg-eliminate && cd $_
- mkdir /opt/bitnami/apps/egg-eliminate/conf
- Create the following configuration
/opt/bitnami/apps/egg-eliminate/conf/httpd-prefix.confAdd the line below to it
Include "/opt/bitnami/apps/egg-eliminate/conf/httpd-app.conf" 7. Create file /opt/bitnami/apps/egg-eliminate/conf/httpd-app.conf & append following
ProxyPass / http://127.0.0.1:3000/
ProxyPassReverse / http://127.0.0.1:3000/8. Append below ling in the following file /opt/bitnami/apache2/conf/bitnami/bitnami-apps-prefix.conf
Include "/opt/bitnami/apps/egg-eliminate/conf/httpd-prefix.conf" 9. Restart the apache server sudo /opt/bitnami/ctlscript.sh restart apache
Create a nodeJS app
- cd /opt/bitnami/apps/egg-eliminate/
- mkdir application && $_
- create app.js with the following content
const http = require('http');const hostname = '127.0.0.1';
const port = 3000;const server = http.createServer((req, res) => {
res.statusCode = 200;
res.setHeader('Content-Type', 'text/plain');
res.end('Hello World');
});server.listen(port, hostname, () => {
console.log(`Server running at http://${hostname}:${port}/`);
});
4. Start the nodeJS app node app.js
Test the app by access following
Setup SSL using Let’s Encrypt
Setup DNS record to access via subdomain
Configuring Amazon Route 53 DNS for your app
- Click on hosted zones
https://console.aws.amazon.com/route53/home?region=ap-northeast-1#hosted-zones:pages - Choose the domain eg example.com
- Click on Record Set
- Add following record
game.example.com. A 3.113.25.255Configure SSL for sub-domain using Let's encrypt
- sudo /opt/bitnami/bncert-tool
- Domain list []: game.example.com
- The following domains were not included: www.game.example.com. Do you want to add them? [Y/n]: n
- Enable HTTP to HTTPS redirection [Y/n]: y
- Confirm the final changes Changes to perform
The following changes will be performed to your Bitnami installation:
1. Stop web server
2. Configure web server to use a free Let's Encrypt certificate for the domains:
game.example.com
3. Configure a cron job to automatically renew the certificate each month
4. Configure web server name to: game.example.com
5. Enable HTTP to HTTPS redirection (example: redirect
http://game.example.com to https://game.example.com)
6. Start web server once all changes have been performedDo you agree to these changes? [Y/n]: Y
6. Create a free HTTPS certificate with Let’s Encrypt
Please provide a valid e-mail address for which to associate your Let's Encrypt
certificate.Domain list: game.example.comServer name: game.example.comE-mail address []: pramendra@gmail.comThe Let's Encrypt Subscriber Agreement can be found at:https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf
Do you agree to the Let’s Encrypt Subscriber Agreement? [Y/n]: Y
7. Find more details in the log file:
/tmp/bncert-xxxxx.logIf you find any issues, please check Bitnami Support forums at:https://community.bitnami.com
Press [Enter] to continue:
Test the app by access following
Note: bncert-tool creates a certificate and add a crontab to renew the certificate
0 0 * * * sudo /opt/bitnami/letsencrypt/legothe certificate gets renewed every day automatically.
