Automated AWS Foundry VTT Deployment with SSL Encryption

Introduction

This template will deploy Foundry VTT in AWS with SSL Encryption and is intended for novice users. This setup uses nginx and lets encrypt as is recommended by this guide https://foundryvtt.com/article/nginx/. I have included dynamic DNS in this build, therefore, a Dedicated Public IP is not required for this build.

The scripts used for installation are pulled from this repository. If you'd like to customize your build, we encourage you to fork the repository and make sure to change the git clone command in the AWS template.

I cannot stress enough how important it is that you carefully read the instructions in this wiki. Do not skip ahead unless explicitly told to do so in the instructions. While this template automates lots of items, it is heavily reliant on having the correct information to begin with. Don't be daunted by how long the instructions look! Everything is quadrupled since I have instructions for four different domain registrars :smile:

Cost

AWS

If you leave all the base configurations at default, they will be free tier compatible. I have included quality of life options that have a very minimal cost. Please read very carefully on how S3 charges work if you intend to utilize the cloud storage functionality https://aws.amazon.com/s3/pricing/

Note: Use this at your own discretion and please educate yourself on AWS pricing. Free tier expires after a year of use, and your usage may end up breaking Free tier requirements. Costs can really add up.

Domain Registrar

You will have to purchase a domain name from one of four supported domain registrars. While different domain registrars offer varying cost, there may be more steps involved for specific domain registrars. I have included additional information on this in the Domain Purchase Instructions.

Optional extras:

Automatic backups of the EC2 instance.

• These are called snapshots, and through the template you can have a snapshot taken either daily, or weekly.
• AWS will keep the last 5 snapshots, dropping the oldest one each time a new one is taken.
• https://aws.amazon.com/ebs/pricing/

Dedicated Public IP.

• Allows your instance IP to not change every time it is shutdown and started back up.
• Has a cost only while the IP is not in use. Must be attached to a running instance.
• https://aws.amazon.com/premiumsupport/knowledge-center/elastic-ip-charges/

Larger instance types

• By default the template uses t2.micro which qualifies for the AWS free tier, but I provided an option to scale up the instance if you like.
• https://aws.amazon.com/ec2/pricing/on-demand/

Template Details

The template works in all regions and uses a vanilla Amazon Linux 2 AMI.

Snapshots occur everyday at 12 PM UTC if Daily was selected, and every Monday at 12PM UTC if weekly was selected.

By default port 22 is only unblocked for other instances in the same VPC. If you want to SSH into it or transfer files from your home PC, you will need to modify the security group yourself, either manually or via CFN. I provide instructions for this in the Transferring Files section.