dvirlabs/my-recipes

Fork 0

dvirlabs e659b82905 Update docker-compose and add en for aws

2026-01-02 15:54:47 +02:00

6.4 KiB

Raw Blame History

AWS EC2 Deployment Guide

This guide explains how to deploy the my-recipes application on AWS EC2 with RDS database.

Prerequisites

AWS Account with EC2 and RDS access
Docker and Docker Compose installed on EC2 instance
RDS PostgreSQL database instance created
Domain name (optional, but recommended)
SSL certificate (optional, but recommended for production)

Step 1: Set Up AWS RDS

Create RDS PostgreSQL Instance:
- Go to AWS RDS Console
- Click "Create database"
- Choose PostgreSQL engine
- Select version 15 or higher
- Choose appropriate instance size (db.t3.micro for testing, db.t3.small+ for production)
- Set Master username (e.g., recipes_user)
- Set Master password (strong password)
- Database name: recipes_db
- Enable public accessibility if needed (not recommended for production)
- Configure VPC security group to allow connections from EC2
Security Group Configuration:
- Create/modify security group for RDS
- Add inbound rule: PostgreSQL (port 5432) from EC2 security group
- Note the endpoint: your-db-instance.xxxx.region.rds.amazonaws.com

Initialize Database Schema:

# Connect to RDS and run schema.sql
psql -h your-rds-endpoint.region.rds.amazonaws.com \
     -U recipes_user \
     -d recipes_db \
     -f backend/schema.sql

Step 2: Set Up AWS EC2

Launch EC2 Instance:
- Choose Ubuntu 22.04 LTS or Amazon Linux 2023
- Instance type: t3.micro (minimum), t3.small+ (recommended)
- Configure security group:
  - SSH (port 22) - your IP only
  - HTTP (port 80) - 0.0.0.0/0
  - HTTPS (port 443) - 0.0.0.0/0
  - Custom TCP (port 8000) - optional, for direct API access
- Add storage: 20GB minimum
- Assign Elastic IP (recommended)

Connect to EC2:

ssh -i your-key.pem ec2-user@your-ec2-public-ip
# or for Ubuntu:
ssh -i your-key.pem ubuntu@your-ec2-public-ip

Install Docker and Docker Compose:

# Update system
sudo yum update -y  # For Amazon Linux
# sudo apt update && sudo apt upgrade -y  # For Ubuntu

# Install Docker
sudo yum install docker -y  # Amazon Linux
# sudo apt install docker.io -y  # Ubuntu

sudo systemctl start docker
sudo systemctl enable docker
sudo usermod -a -G docker ec2-user  # or ubuntu

# Install Docker Compose
sudo curl -L "https://github.com/docker/compose/releases/latest/download/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
sudo chmod +x /usr/local/bin/docker-compose

# Logout and login again for group changes to take effect
exit

Step 3: Deploy Application

Clone Repository:

cd ~
git clone https://your-repo-url/my-recipes.git
cd my-recipes

Configure Environment Variables:

# Copy the example env file from root to backend directory
cp .env.example backend/.env
nano backend/.env  # or vim backend/.env

Update the following variables:

# Database Configuration (from RDS)
DB_USER=recipes_user
DB_PASSWORD=your_rds_password
DB_NAME=recipes_db
DB_HOST=your-rds-endpoint.region.rds.amazonaws.com
DB_PORT=5432

# Frontend URL (your domain or EC2 public IP)
FRONTEND_URL=http://your-ec2-ip
# or FRONTEND_URL=https://your-domain.com

# Update OAuth redirect URIs
GOOGLE_REDIRECT_URI=http://your-ec2-ip/auth/google/callback
AZURE_REDIRECT_URI=http://your-ec2-ip/auth/azure/callback

# Update other configurations as needed

Build and Start Services:

cd /home/ec2-user/my-recipes  # or /home/ubuntu/my-recipes
docker-compose up -d --build

Verify Services:

docker-compose ps
docker-compose logs -f

Step 4: Configure Domain and SSL (Optional but Recommended)

Set Up Domain:
- Point your domain's A record to EC2 Elastic IP
- Update FRONTEND_URL in .env file

Install Nginx and Certbot:

sudo yum install nginx certbot python3-certbot-nginx -y  # Amazon Linux
# sudo apt install nginx certbot python3-certbot-nginx -y  # Ubuntu

Configure Nginx: Create /etc/nginx/conf.d/recipes.conf:

server {
    listen 80;
    server_name your-domain.com;

    location / {
        proxy_pass http://localhost:80;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
    }

    location /api {
        proxy_pass http://localhost:8000;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
    }
}

Get SSL Certificate:

sudo certbot --nginx -d your-domain.com
sudo systemctl restart nginx

Step 5: Monitoring and Maintenance

View Logs:

docker-compose logs -f backend
docker-compose logs -f frontend

Restart Services:
```
docker-compose restart
```

Update Application:

git pull
docker-compose down
docker-compose up -d --build

Backup Database: Backups are automatic based on BACKUP_INTERVAL setting. Manual backup:
```
docker-compose exec backend python backup_db.py
```

Troubleshooting

Can't connect to RDS:
- Check security group rules
- Verify VPC and subnet configuration
- Test connection: telnet rds-endpoint 5432
Services won't start:
```
docker-compose logs
```
Database connection errors:
- Verify DATABASE_URL format
- Check DB credentials
- Ensure RDS is accessible from EC2

Port conflicts:

sudo netstat -tulpn | grep :80
sudo netstat -tulpn | grep :8000

Security Best Practices

Use strong passwords for DB and admin accounts
Enable SSL/TLS for all connections
Keep EC2 security groups restrictive
Don't expose RDS publicly
Use IAM roles for AWS service access
Regularly update Docker images and system packages
Enable CloudWatch monitoring
Set up automated backups
Use secrets management (AWS Secrets Manager or Parameter Store)

Cost Optimization

Use reserved instances for long-term deployments
Enable auto-shutdown for non-production environments
Monitor and optimize RDS instance size
Use S3 or R2 for backups (already configured)
Consider using Application Load Balancer for multiple instances

6.4 KiB Raw Blame History