External Services - HeliumEdu/deploy GitHub Wiki

Getting Started with devbox

To get the started with the simplest prod-like setup using the devbox locally, you'll need credentials for AWS SES (Simple Email Service), two provisioned AWS S3 buckets and a Twilio account with a SMS-capable number.

Using SES

Generate security credentials for use with SES. To do this, follow the instructions as documented by AWS here.

These credentials are then used as your SMTP username and password, so set the environment variables PLATFORM_EMAIL_HOST_USER and PLATFORM_EMAIL_HOST_PASSWORD and you're good to go.

Using S3

Security Credentials

Generate security credentials for use with S3 (needs to be able to get, list, and put objects). To do this, follow the instructions as documented be AWS here.

Once you have access keys provisioned for use with AWS S3, set the environment variables PLATFORM_AWS_S3_ACCESS_KEY_ID and PLATFORM_AWS_S3_SECRET_ACCESS_KEY with these credentials.

Provisioning S3 Buckets

Two buckets need to be setup for the app to function properly using S3: heliumedu.{{ domain_environment }}.static and heliumedu.{{ domain_environment }}.media (names can be changed using environment variables).

Once the static bucket is created, set it up to allow public reads. To do this, set the following Bucket Policy:

{
    "Version": "2012-10-17",
    "Statement": [
       {
           "Sid": "AddPerm",
           "Effect": "Allow",
           "Principal": "*",
           "Action": "s3:GetObject",
           "Resource": "arn:aws:s3:::heliumedu.{{ domain_environment }}.static/*"
       }
    ]
}

To avoid errors when rendering pages, you'll also want to set the CORS Configuration to this:

<?xml version="1.0" encoding="UTF-8"?>
<CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
<CORSRule>
    <AllowedOrigin>*</AllowedOrigin>
    <AllowedMethod>GET</AllowedMethod>
    <MaxAgeSeconds>3000</MaxAgeSeconds>
    <AllowedHeader>Authorization</AllowedHeader>
</CORSRule>
</CORSConfiguration>

Now you're all setup. Rerun the helium-cli deployment command and the environment will be reprovisioned to rely on this new configuration.

Using Twilio Programmable SMS

Obtain a Twilio account SID and auth token. To do this, follow the instruction as documented by Twilio here.

These credentials are then used for sending text messages (verification codes, reminders, etc.), so set the environment variables PLATFORM_TWILIO_ACCOUNT_SID and PLATFORM_TWILIO_AUTH_TOKEN and you're good to go.

Next, you'll need a Twilio phone number. This is the number from which SMS messages will be sent. In the Twilio Console, navigate to Phone Numbers and purchase a new one (ensuring it is SMS-capable). Set the phone number, E.164 formatted, in the PLATFORM_TWILIO_SMS_FROM environment variable.

⚠️ **GitHub.com Fallback** ⚠️