h1. Using Amazon Web Services



h3. Mar 30, 2017 Updates


h4. CloudFront

http://d2sozmwf59ohoz.cloudfront.net

*disabled* the CloudFront distribution ID E3A66Z9WCFSUK1. not deleted. disabled. i assume that means pages are not cached. nope. still cached. that's because the status is "in progress". it's probably not disabled completely. it takes a while for changes to complete in cloudfront.


_origins:_

distribution origin had pointed to: ec2-54-211-235-101.compute-1.amazonaws.com

*changed* it to point to the s3 bucket.

Origin Domain Name: boghop.s3-website-us-east-1.amazonaws.com


_behaviors:_

prior behavior settings when distribution pointed to ec2 instance:

precedence : path pattern
0 : /api/v1/*
1 : /wren/update/*
2 : /wren/splitscreenedit/*
3 : Default (*)


*deleted* the first 3, leaving only Default(*)

Then in enabled the distribution again. In theory, cloudfront will point to S3 pages.

but when a page is not cached, it needs to get it from the correct machine. i think that i need to change something within route 53. maybe not. i think that if cloudfront does not have the page cache, then cloudfront "sends the user" to the s3 bucket to get the page, which then cloudfront will cache.

i have caching set only to 5 minutes.



h4. Route 53

DNS points to the above cloudfront distribution.

these were and will remain the settings, i think. i'm not making changes.

name: boghop.com.
Type: A - IPv4 address
alias target: d2sozmwf59ohoz.cloudfront.net.
Alias Hosted Zone ID: Z2FDTNDATAQYW2
routing policy: simple


name: boghop.com.
Type: SOA – Start of authority
TTL: 900 seconds
value: ns-1337.awsdns-39.org. awsdns-hostmaster.amazon.com. 1 7200 900 1209600 86400


name: boghop.com.
Type: NS - name server
TTL: 172800
value: ns-847.awsdns-41.net.
ns-1337.awsdns-39.org.
ns-1608.awsdns-09.co.uk.
ns-11.awsdns-01.com.


name: www.boghop.com. 
Type: A - IPv4 address
alias target: d2sozmwf59ohoz.cloudfront.net.
Alias Hosted Zone ID: Z2FDTNDATAQYW2
routing policy: simple


=================================


hr.


h3. Info prior to 2017


ssl:

https://aws.amazon.com/certificate-manager/

https://brandur.org/aws-intrinsic-static



hr. 

http://stackoverflow.com/questions/1268158/force-cloudfront-distribution-file-update

"Please note that invalidation will take some time (apparently 5-30 minutes according to some blog posts I've read)."

"Remember this costs $0.005 per file after your first 1,000 invalidation requests per month"

"After making an API createInvalidation request, i'm still seeing the update take 5-10 minutes or so to invalidate. Notice I write this comment 4 years after yours."



http://stackoverflow.com/questions/10878588/force-content-update-to-cloudfront-without-using-invalidate

http://boghop.com/info.html?timestamp=1234567



[x] http://docs.aws.amazon.com/AmazonCloudFront/latest/APIReference/API_CreateInvalidation.html



http://docs.aws.amazon.com/AmazonCloudFront/latest/APIReference/Welcome.html

http://stackoverflow.com/questions/1086240/how-can-i-update-files-on-amazons-cdn-cloudfront

??? https://www.quora.com/How-can-I-setup-Nginx-to-handle-static-files-images-CSS-JS-with-LAMP-stack-on-AWS-EC2

https://wordimpress.com/aws-ec2-rds-s3-cloudfront-nginx-wordpress-tutorial-roundup/

https://forums.aws.amazon.com/thread.jspa?messageID=111790��

http://serverfault.com/questions/770302/no-cache-control-header-for-files-from-aws-cloudfront-with-s3-origin

https://www.peterbe.com/plog/is-nginx-obsolete-amazon-cloudfront

http://stackoverflow.com/questions/21248999/cloud-front-backed-with-nginx-which-proxies-to-s3-randomly-missing-already-cac

http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/header-caching.html

http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html

http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesMinTTL


would this be a possible replacement for MailGun to send the login link for my no-password login functions?

Amazon SES - Bulk and transactional email-sending service.
http://stackshare.io/amazon-ses

q.
Amazon SES eliminates the complexity and expense of building an in-house email solution or licensing, installing, and operating a third-party email service. The service integrates with other AWS services, making it easy to send emails from applications being hosted on services such as Amazon EC2.
q..



hr.


good post to read:

https://www.davidbaumgold.com/tutorials/host-static-site-aws-s3-cloudfront/

---


h3. EC2


http://ec2-54-211-235-101.compute-1.amazonaws.com

Logged into aws.amazon.com with my Amazon account, which I then used to create an AWS account.

Created an EC2 instance. I choose Ubuntu 14.04.

Instance is running in the US East (N. Virginia) region.


During the process, I had to create a key pair name. AWS created a private key, which I downloaded. It was a .pem file.

I moved the .pem file to another directory on my local Linux machine at home. From within this directory, I used ssh to connect to my EC2 account, using the command line instructions provided by AWS's web interface.

It's a fairly clean or empty Linux machine, as with my Digital Ocean Droplet account.

I chose to install Nginx first.

at my aws ec2 server:

ls /etc/nginx/sites-available
boghop.com  default.19jul2016

not using the default config file. its existence caused issues or conflicts. only have boghop.com config file links to the sites-enabled directory.


http://jothut.com/cgi-bin/junco.pl/blogpost/21154/14May2015/Installing-nodejs-nginx-mysql-junco-and-ghost-on-Digital-Ocean-Droplet#Installing-Nginx

http://jothut.com/cgi-bin/junco.pl/blogpost/71676/05Jul2016/Installing-thttpd-and-tor-to-create-a-onion-website

http://voidcanvas.com/setup-and-configure-nginx-in-aws-ec2-linuxubuntu-instance/

this starts in the home directory, which is /home/ubuntu 

* sudo apt-get update
* sudo apt-get install nginx
* sudo service nginx start
* sudo mkdir www
* cd www
* sudo mkdir mysite
* cd mysite
* sudo vim index.html
** added test content to index.html
* cd 
* sudo chmod -R 755 www
* cd /etc/nginx/sites-available
* ls
* sudo cp default mysite
* cd ..
* cd sites-enabled
* sudo ln -s /etc/nginx/sites-available/mysite mysite
* sudo service nginx restart

ec2-54-211-235-101.compute-1.amazonaws.com





h2. Route53

bought: perchwire.com and boghop.com through AWS.

used route53's dns setup to connect the ec2 instance with the domain name.





h2. AWS Info

https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/concepts.html?icmpid=docs_ec2_console


https://aws.amazon.com/start-now/

https://aws.amazon.com/documentation/gettingstarted/?sc_channel=em&sc_campaign=wlcm&sc_publisher=aws&sc_medium=em_wlcm_2&sc_detail=wlcm_2&sc_content=other&sc_country=global&sc_geo=global&sc_category=mult&ref_=pe_1679150_132208650

http://docs.aws.amazon.com/gettingstarted/latest/swh/website-hosting-intro.html

https://aws.amazon.com/route53/


https://forums.aws.amazon.com/thread.jspa?threadID=87279




h2. web access problem resolved

wed, evening, july 27, 2016. i have not looked at this since last week when i initiated this.

http://boghop.com now works, display a hello world type message.


https://forums.aws.amazon.com/message.jspa?messageID=571142

my issue was identical

q.
I have taken a look at your one running instance and I can see you have only allowed access to port 22 in the associated Security Group ("sg-0bbd436e").

In order to ping the instance, you will need to allow ICMP traffic. In order to browse to the instance, you will need to typically open port 80/443--this depends on which port you have configured the Web server to listen.
q..

in EC2 management:

- showed instances running, which is only one
- scroll to the right, all the way, to show security groups
- click the link for launch-wizard-1
- only thing permitted was port 22 for ssh
- i added http port 80
- i also added icmp


next, i need to install:

* perl
* fast cgi
* wren
** any modules used by wren
*** mailgun
*** json



h3. CloudFront

i created one distribution:
http://d2sozmwf59ohoz.cloudfront.net


Distribution ID	E3A66Z9WCFSUK1
ARN	arn:aws:cloudfront::545494550219:distribution/E3A66Z9WCFSUK1
Log Prefix	-
Delivery Method	Web
Cookie Logging	Off
Distribution Status	Deployed
Comment	-
Price Class	Use All Edge Locations (Best Performance)
AWS WAF Web ACL	-
State	Enabled
Alternate Domain Names (CNAMEs)	
www.boghop.com
boghop.com
SSL Certificate	Default CloudFront Certificate (*.cloudfront.net)
Domain Name	d2sozmwf59ohoz.cloudfront.net
Custom SSL Client Support	-
Supported HTTP Versions	HTTP/2, HTTP/1.1, HTTP/1.0
IPv6	Disabled
Default Root Object	index.html
Last Modified	2016-09-27 11:31 UTC-4
Log Bucket




ping boghop.com
PING boghop.com (54.230.5.191) 56(84) bytes of data.
64 bytes from server-54-230-5-191.dfw3.r.cloudfront.net (54.230.5.191): icmp_seq=1 ttl=243 time=104 ms



for my cloudfront dist, i created four behaviors:

precedence order:

* 0 : don't cache: /api/v1/*
* 1 : don't cache: /wren/update/*
* 2 : don't cache: /wren/splitscreenedit/*
* 3 : i think this caches all: Default (*)





hr.
https://aws.amazon.com/blogs/aws/


https://hackernoon.com/how-a-book-store-is-dominating-the-cloud-4ef3a839aaba#.sz2fcsl9w
Certificate Manager ( #ssl )

and CloudFront

https://docs.aws.amazon.com/acm/latest/userguide/acm-overview.html

https://docs.aws.amazon.com/acm/latest/userguide/gs-cf.html

http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Introduction.html

http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/SecureConnections.html

http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/HowCloudFrontWorks.html

https://console.aws.amazon.com/cloudfront/home?region=us-east-1#

https://aws.amazon.com/cloudfront/pricing/

http://www.slideshare.net/AmazonWebServices/whole-site-delivery-with-amazon-cloudfront

http://docs.aws.amazon.com/elasticloadbalancing/latest/userguide/what-is-load-balancing.html


load balancing info:
https://aws.amazon.com/articles/1636185810492479



https://docs.aws.amazon.com/acm/latest/userguide/acm-services.html


request a certificate:
https://console.aws.amazon.com/acm/home?region=us-east-1#/wizard/?firstrun=true


load balancer
https://docs.aws.amazon.com/acm/latest/userguide/gs-elb.html


cloudfront and s3
http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/MigrateS3ToCloudFront.html


etc.
https://wblinks.com/notes/aws-tips-i-wish-id-known-before-i-started/
https://news.ycombinator.com/item?id=7172060


load balancing doc
https://aws.amazon.com/articles/1636185810492479





http://docs.aws.amazon.com/AmazonS3/latest/dev/PresignedUrlUploadObject.html



python and aws:
https://aws.amazon.com/sdk-for-python/

https://aws.amazon.com/tools/



https://aws.amazon.com/cli/


Speeding up delivery of web content using Amazon Route 53, Elastic Load Balancer and CloudFront
http://www.slideshare.net/tomlaszewski/web-sitescalingpartnerwebinar



https://aws.amazon.com/cloudfront/


moving files to s3
https://news.ycombinator.com/item?id=7172583



https://www.davidbaumgold.com/tutorials/host-static-site-aws-s3-cloudfront


s3
http://docs.aws.amazon.com/AmazonS3/latest/dev/request-rate-perf-considerations.html


http://jothut.com/cgi-bin/junco.pl/replies/77700

https://news.ycombinator.com/item?id=12528070

"You can invalidate cache with fake (ignored) URL parameters (http://foo.html?hello) or HEAD section declarations." 


+1 on setting up an s3 bucket, cloudfront distribution, ssl sni, route 53 rules and simple "aws s3 sync" command with some cache-headers

GitHub (source) => TravisCI (deployment) => S3 (hosting).
I have a CloudFront distribution sitting in front of S3, secured with a free SSL certificate powered by Amazon ACM. I like S3 for its flexibility. My site is in both English and Dutch and I want to serve English content on .io and the Dutch content on .nl. With S3 I just create two buckets, associate the bucket with a different domain and welcome page (index_en.html and index_nl.html) and publish the same site to each bucket.

Amazon S3 + CloudFront here, for several websites and it works wonderfully. I recently set up attensee/s3_website as a pipeline on my BitBucket repo, so now when any team member pushes their HTML/CSS updates to BitBucket, it automatically deploys the site to S3 and invalidates the CloudFront caches automatically. Instant website updates using only `git push`.


http://stout.is/
Stout is a deploy tool for static websites. It takes a website and uploads it to S3 in a more reliable way than other tools.




https://tech.flyclops.com/posts/2016-04-27-flyclops-sites-static-ssl.html

https://www.smashingmagazine.com/2015/11/modern-static-website-generators-next-big-thing/




AWS Webcast - Best Practices for Content Delivery using Amazon CloudFront
https://www.youtube.com/watch?v=s9Xt1qzD6SA

Amazon CloudFront to improve delivery of static or dynamic content originating from AWS services such as Amazon S3, Elastic Load Balancing (ELB), or Amazon EC2. 

Learning Objectives: 
• Best practices for delivering your whole website on Amazon CloudFront 
• Best practices to deliver content securely via Amazon CloudFront 
• Best practices to deliver content from AWS services such as Amazon S3, Amazon EC2 and Elastic Load Balancing using Amazon CloudFront 

Who Should Attend: 
• All AWS (S3, EC2, or ELB) customers who have some data transfer to internet 
• All Amazon CloudFront customers





https://www.elegantthemes.com/blog/tips-tricks/how-to-use-amazon-s3-and-cloudfront-with-wordpress



ec2 and cloudfront
http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/CustomOriginBestPractices.html



https://aws.amazon.com/cloudfront/webinars/



https://aws.amazon.com/cloudfront/dynamic-content/

http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/ServingCompressedFiles.html


hr.


* http://www.slideshare.net/AmazonWebServices/whole-site-delivery-with-amazon-cloudfront
* http://www.slideshare.net/tomlaszewski/web-sitescalingpartnerwebinar
* https://aws.amazon.com/cloudfront/
* http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/MigrateS3ToCloudFront.html
* https://www.davidbaumgold.com/tutorials/host-static-site-aws-s3-cloudfront/
* https://aws.amazon.com/cloudfront/faqs/
* https://www.youtube.com/watch?v=s9Xt1qzD6SA
* https://aws.amazon.com/cloudfront/dynamic-content/
* http://docs.aws.amazon.com/AmazonS3/latest/dev/request-rate-perf-considerations.html
* https://aws.amazon.com/cloudfront/webinars/



previous route 53 dns settings:

name = www
type = CNAME
ttl = 300
value = boghop.com.


name=boghop.com.
type = A
ttl = 300
value = 54.211.235.101

d2sozmwf59ohoz.cloudfront.net



http://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-to-cloudfront-distribution.html


http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/CNAMEs.html


https://news.ycombinator.com/item?id=12401849


http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Invalidation.html




http://stackoverflow.com/questions/22021651/amazon-s3-and-cloudfront-cache-how-to-clear-cache-or-synchronize-their-cache



http://www.cdnplanet.com/tools/cloudfront-purge-tool/

http://www.technowise.in/2012/09/clear-cache-from-amazon-cloudfront-aws.html


http://docs.aws.amazon.com/AmazonCloudFront/latest/APIReference/GetInvalidation.html


https://www.quora.com/How-do-I-flush-a-Amazon-cloudfront-cache


http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Invalidation.html#invalidating-objects-api

http://docs.aws.amazon.com/AmazonCloudFront/latest/APIReference/Welcome.html


https://aws.amazon.com/developertools/0756890389303912


http://docs.aws.amazon.com/AmazonCloudFront/latest/APIReference/CreateInvalidation.html

https://aws.amazon.com/code/3143226315989801



[x] https://aws.amazon.com/developertools/0756890389303912

[x] http://docs.aws.amazon.com/AmazonCloudFront/latest/APIReference/RESTRequests.html


view CloudFront's REST API

* http://docs.aws.amazon.com/AmazonCloudFront/latest/APIReference/Welcome.html
* http://docs.aws.amazon.com/AmazonCloudFront/latest/APIReference/RESTRequests.html


http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesCacheBehavior



h3. S3

on fri, oct 7, 2016, i created an s3 bucket named boghop.

http://boghop.s3-website-us-east-1.amazonaws.com


http://s3tools.org/s3cmd

https://linuxconfig.org/getting-started-with-aws-s3cmd-command-by-examples

http://www.serveridol.com/2013/11/11/amazon-s3-awesome-usage-of-s3cmd-tools/

http://jothut.com/cgi-bin/junco.pl/blogpost/78395/02Oct2016/More-static-site-and-aws-links


http://tmont.com/blargh/2014/1/uploading-to-s3-in-bash


??? https://docs.aws.amazon.com/AmazonS3/latest/dev/website-hosting-custom-domain-walkthrough.html

http://docs.aws.amazon.com/AmazonS3/latest/UG/EditingBucketPermissions.html


Create a bucket policy with json:

[x] http://docs.aws.amazon.com/AmazonS3/latest/dev/WebsiteAccessPermissionsReqd.html

i copied this json from the above file and modified to use my bucket:

{
  "Version":"2012-10-17",
  "Statement":[{
	"Sid":"PublicReadGetObject",
        "Effect":"Allow",
	  "Principal": "*",
      "Action":["s3:GetObject"],
      "Resource":["arn:aws:s3:::example-bucket/*"
      ]
    }
  ]
}


i also added a permission with grantee Everyone and List access. unsure if this was needed.


hr.

# s3cmd --configure 

entered the Access Key ID and the Secret Access Key.

s3cmd ls s3://boghop

cd Wren/root
s3cmd put index.html s3://boghop/index.html

WARNING: Module python-magic is not available. Guessing MIME types based on file extensions.
index.html -> s3://boghop/index.html  [1 of 1]
 4442 of 4442   100% in    0s   121.67 kB/s  done


s3cmd ls s3://boghop
2016-10-07 13:16      4442   s3://boghop/index.html


s3cmd put  *.html s3://boghop/

 *** don't use: s3cmd sync root s3://boghop/

problem is that it creates a root dir at the bucket.

http://boghop.s3-website-us-east-1.amazonaws.com/root/2014/07/19/a-full-rich-day-in-toledo-ohio.html


cd into my Wren root directory and then do:

s3cmd sync . s3://boghop/

now this works:

http://boghop.s3-website-us-east-1.amazonaws.com/2014/07/19/a-full-rich-day-in-toledo-ohio.html

deletes all files and sub-directories under root:
 ** no it doesn't:   s3cmd del s3://boghop/root/*
the above only deletes the files under root. it does not delete sub-dirs.

this will delete files and sub-dirs under root:

s3cmd del s3://boghop/root/ --recursive



deletes the root directory:
s3cmd del s3://boghop/root

to copy over a single file that's located in a subdirectory, it seems that the full name needs to be used:



to delete ALL contents in the bucket including subdirectories:

* s3cmd del -r --force s3://boghop/

the bucket remains though.


(cd into root)

s3cmd put 2016/11/03/facebooks-2016-growth.html s3://boghop/2016/11/03/facebooks-2016-growth.html

http://boghop.s3-website-us-east-1.amazonaws.com/2016/11/03/facebooks-2016-growth.html


If I only do this: 
s3cmd put 2016/11/03/facebooks-2016-growth.html s3://boghop/

then that puts the filename in the s3 bucket root like this without the "subdirectories"
http://boghop.s3-website-us-east-1.amazonaws.com/facebooks-2016-growth.html


this works fine too:
s3cmd put /home/ubuntu/Wren/root/2016/11/03/facebooks-2016-growth.html s3://boghop/2016/11/03/facebooks-2016-growth.html



h3. Perl Installs for S3 Usage

http://stackoverflow.com/questions/13986282/xmlparser-refusing-to-install

* apt-cache search expat

(look for package that states "XML parsing C library - development kit")

* sudo apt-get install libexpat1-dev

that should resolve the missing expat.h file and now the install of this module should work:

* sudo perl -MCPAN -e 'install XML::Parser'

then do:

* sudo perl -MCPAN -e 'install XML::Simple'
* sudo perl -MCPAN -e 'install Amazon::S3'


using module:
http://docs.ceph.com/docs/giant/radosgw/s3/perl/

https://metacpan.org/pod/Amazon%3a%3aS3




h3. Etc.

https://linuxconfig.org/getting-started-with-aws-s3cmd-command-by-examples


http://geek.co.il/2014/05/26/script-day-upload-files-to-amazon-s3-using-bash

http://stackoverflow.com/questions/9016881/s3cmd-list-of-contents-only-filenames-perl-one-liner





h3. CodeDeploy

something to try.

[x] https://blogs.aws.amazon.com/application-management/post/Tx33XKAKURCCW83/Automatically-Deploy-from-GitHub-Using-AWS-CodeDeploy


http://docs.aws.amazon.com/codedeploy/latest/userguide/github-integ.html

http://docs.aws.amazon.com/codedeploy/latest/userguide/getting-started-push-repo-windows.html

http://docs.aws.amazon.com/codedeploy/latest/userguide/how-to-deploy-revision.html

http://docs.aws.amazon.com/codedeploy/latest/userguide/how-to-create-new-deployment.html

http://docs.aws.amazon.com/codedeploy/latest/userguide/github-integ-tutorial.html

http://docs.aws.amazon.com/codedeploy/latest/userguide/welcome.html