M.Furqan Furqanameen

Deploy Rails Application to AWS EC2

Creating AWS EC2 Instance

- login to 'AWS Management Console' (https://aws.amazon.com/console/)
- from 'Services'(in navbar) choose 'EC2'
- from 'Create Instance' section, click on 'Launch Instance'
- then select 'AMI' (Amazon Machine Image), we will be using 'Ubuntu Server 16.04 LTS (HVM)' as example
- select 'Instance Type' as per your requirement
- then click 'Next:Configure Instance Details' to continue
  change 'Configure Instance Details' or used as default settings

fail2ban

Installation - Ubuntu / Debian

sudo apt-get update
sudo apt-get upgrade
sudo apt-get install fail2ban

Initially install your pry-rails to group development on your apps Gemfile

group :development do
  # ..
  gem 'pry-rails'
  # ..
end

Excellent GoRails Article(which is main source for this guide too). I did benefited from lot of other resources online as well.

Creating droplet on DigitalOcean(DO):

(Skip this if you are not using DO, and create your own VPS instance on the service of your choice. Steps below may still be helpful.)

There are few options for this step, DO provide us some pre built images for lot of platforms in which they have pre-installed nginx, node and other related dependencies for each image. Rails one is little outdated, I tried that but didn't go very well for me, you can give it a shot if you have enough time. For this guide we will go with bear bone ubuntu 18.04 server. While creating the droplet, you will be asked to set an ssh key, just generate an ssh key with ssh-keygen on your local system and copy contents of .pub file into the textbox provided.

Deploy Rails app to digitalocean with nginx, unicorn, capistrano & postgres

Create Droplet

Create droplet of your liking (ubuntu 12.04 x32) Use an xx.04 LTS version

Setup DNS

On Digital Ocean, create a DNS entry for your server (xyz.com)

Make sure it has NS records that use digital oceans nameservers

	https://www.digitalocean.com/community/tutorials/how-to-protect-an-apache-server-with-fail2ban-on-ubuntu-14-04

	sudo apt-get update
	sudo apt-get install fail2ban

	[sshd]

	# To use more aggressive sshd modes set filter parameter "mode" in jail.local:
	# normal (default), ddos, extra or aggressive (combines all).
	# See "tests/files/logs/sshd" or "filter.d/sshd.conf" for usage example and details.

	Best setup for fail2ban for hosts with ssh and apache

	Jails (monitored services):

	- apache - Blocks failed login attempts use the below jail
	- apache-overflows - Blocks the remote host that is trying to request suspicious URLs, use the below jail
	- apache-noscript - Block the remote host that is trying to search for scripts on the website to execute, use the below jail
	- apache-badbots - Block the remote host that is trying to request malicious bot, use below jail
	- http-get-dos - Stops DOS attack from remote host
	- ssh - Blocks failed login attempts on the SSH server



	scp deploy@ip:/home/deploy/ph_tax_rebats_staging_h2_29_agust_2023.sql /Users/brooksdaleltd/Documents

	Downloading anything from the server run below command
	Step 1: Open a new terminal in Linux/UNIX or command prompt in Windows.

	Step 2: To download a complete directory using the -r switch along with SCP command.

	scp deploy@IP:/home/deploy/filename.sql /Users/brooksdaleltd/Documents

	require 'sidekiq/api'

	# 1. Clear retry set

	Sidekiq::RetrySet.new.clear

	# 2. Clear scheduled jobs

	Sidekiq::ScheduledSet.new.clear