install a HTTPS website on an amazon linux EC2 with Terraform

0

Hello I want to install a HTTPS website on an amazon linux EC2 with Terraform please ! Please send me a valid example or if it is not possible integrally with Terraform the manual procedure in the AWS console. I want a Let's Encrypt certificate. I precise that I want Apache not nginx. Thank you Best regards

asked 13 days ago63 views
2 Answers
0

To install an HTTPS website on an Amazon Linux EC2 instance using Terraform with a Let's Encrypt certificate, you'll need to combine Terraform for infrastructure provisioning and some manual steps for certificate installation. Here's a step-by-step guide:

  1. Use Terraform to provision the EC2 instance:
  • Create a main.tf file with the necessary AWS provider and EC2 instance resource.
  • Ensure the security group allows inbound traffic on ports 80 and 443.
  1. After the EC2 instance is created, connect to it via SSH.

  2. Install and configure NGINX web server:

  • Update the system: sudo yum update -y
  • Install NGINX: sudo amazon-linux-extras install nginx1 -y
  • Start NGINX: sudo systemctl start nginx
  1. Install Certbot for Let's Encrypt certificate:
  • Install EPEL repository: sudo amazon-linux-extras install epel -y
  • Update packages: sudo yum update -y --skip-broken
  • Install Certbot: sudo yum install -y certbot
  1. Obtain the Let's Encrypt certificate:
  • Run: sudo certbot certonly
  • Follow the prompts to complete the certificate request process.
  • The certificate files will be stored in a directory like /etc/letsencrypt/live/your-domain.com/
  1. Configure NGINX to use the SSL/TLS certificate:
  • Edit the NGINX configuration file (usually /etc/nginx/nginx.conf)
  • Add the SSL certificate paths in the server block: ssl_certificate /etc/letsencrypt/live/your-domain.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/your-domain.com/privkey.pem;
  1. Configure NGINX to redirect HTTP to HTTPS:
  • Add a server block to redirect all HTTP traffic to HTTPS.
  1. Test the configuration and restart NGINX:
  • sudo nginx -t
  • sudo systemctl restart nginx

While Terraform can automate the EC2 instance creation, the certificate installation and NGINX configuration require manual steps due to the interactive nature of Let's Encrypt certificate acquisition. You could potentially use a combination of Terraform and user data scripts to automate some of these steps, but manual intervention may still be needed for domain validation and certificate renewal.

Remember to set up a process for certificate renewal, as Let's Encrypt certificates are valid for 90 days. You can use a cron job to automatically renew the certificate before it expires.
Sources
Install an SSL certificate for an NGINX server in Amazon Linux | AWS re:Post
Install an SSL certification in an EC2 Linux Ubuntu instance | AWS re:Post
Tutorial: Configure SSL/TLS on AL2 - Amazon Linux 2

profile picture
answered 13 days ago
0

I would suggest creating the image first with all the dependencies using EC2 User Data/Packer or similar and on top of that create the all infra using Terraform or CFN. As for the certificate, check online for 'ec2 instance with ssl let's encrypt'

answered 13 days ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions