Installing Nuntium on EC2 - dwilkie/nuntium GitHub Wiki

Set up EC2 in your in the AWS management console

  • Create an Elastic IP and assign it to your instance
    • Select Elastic IPs from Network and Security in your AWS Console
    • Create a new IP
    • Assign it to your instance
  • Open up port 80 and allow ICMP requests for pinging your instance
    • Select Security Groups fron Network and Security
    • Select All ICMP then press Add Rule
    • Select HTTP then press Add Rule
    • Select HTTPS then press Add Rule
  • Test things out by pinging your ip e.g. ping your_elastic_ip

Enable SSL

Enable the Apache ssl module and headers

sudo a2enmod ssl
sudo sudo a2enmod headers

Create a RSA key and enter a passphrase

openssl genrsa -des3 -out nuntium.key 2048

Create another key without a passphrase (entering the passphrase from step 1 when creating)

openssl rsa -in nuntium.key -out nuntium.key.insecure

Shuffle the key names (the insecure key in now named nuntium.key)

mv nuntium.key nuntium.key.secure
mv nuntium.key.insecure nuntium.key

Generate the CSR (and follow the prompts)

openssl req -new -key nuntium.key -out nuntium.csr

Submit nuntium.csr to a certificate authority such as StartSSL then copy the resulting certificate and key

sudo cp nuntium.crt /etc/ssl/certs
sudo cp nuntium.key /etc/ssl/private

Be sure to also copy the SSLCertificateChainFile and SSLCACertificateFile (e.g. http://www.startssl.com/?app=21/startssl)

sudo cp ssl_certificate_chain_file.pem /etc/ssl/certs
sudo cp ssl_ca_certificate_file.pem /etc/ssl/certs

Change the ownership and permissions so only root can read the file

sudo chown root:root /etc/ssl/certs/nuntium.pem && sudo chmod 400 /etc/ssl/certs/nuntium.pem
sudo chown root:root /etc/ssl/private/nuntium.key && sudo chmod 400 /etc/ssl/private/nuntium.key
sudo chown root:root /etc/ssl/certs/ssl_ca_certificate_file.pem && sudo chmod 400 /etc/ssl/certs/ssl_ca_certificate_file.pem
sudo chown root:root /etc/ssl/certs/ssl_certificate_chain_file.pem && sudo chmod 400 /etc/ssl/certs/ssl_certificate_chain_file.pem

Finally add the virtual host configuration to /etc/apache2/sites-enabled/nuntium.conf

<VirtualHost *:443>
  ServerName your_elastic_ip_or_dns
  SSLEngine on
  SSLCertificateFile    /etc/ssl/certs/nuntium-self.crt
  SSLCertificateKeyFile /etc/ssl/private/nuntium.key
  SSLCertificateChainFile /etc/ssl/certs/ssl_certificate_chain_file.pem
  SSLCACertificateFile /etc/ssl/certs/ssl_ca_certificate_file.pem
  DocumentRoot /home/ubuntu/nuntium/public
  PassengerSpawnMethod conservative
  <Directory /home/ubuntu/nuntium/public>
    AllowOverride all
    Options -MultiViews
  </Directory>
  RequestHeader set X_FORWARDED_PROTO 'https'
</VirtualHost>

And restart apache

sudo service apache2 restart
Add a custom footer
⚠️ **GitHub.com Fallback** ⚠️