Doing some playing around with a self-hosted FaaS idea. This is just research/notes for myself.
Using Debian since it has all of the packages I need.
image_id_debian="ami-0fec2c2e2017f4e7b"
#image_id_red_hat="ami-016eb5d644c333ccb"
image_id_ubuntu="ami-007855ac798b5175e"
# Pick an image
image_id="$image_id_debian"
key_name="some-key-pair"
security_group_id="ID HERE"
subnet_id="ID HERE"
aws ec2 run-instances \
--image-id "$image_id" \
--count 1 \
--instance-type t2.micro \
--key-name "$key_name" \
--security-group-ids "$security_group_id" \
--subnet-id "$subnet_id"
SSHed into the box do:
sudo apt-get update
Get lighttpd
sudo apt-get install lighttpd
Get certbot
sudo apt-get install certbot
First create an elastic IP
TODO
Then assign the subdomain to that.
AWS_INPUT=$(jq -n '{Comment: "Add a new A record", Changes:[{Action: "UPSERT", "ResourceRecordSet":{Name:"subdomain.example.com", Type: "A", TTL: 300, ResourceRecords:[{Value: "IP ADDRESS"}]}}]}')
aws route53 change-resource-record-sets --hosted-zone-id $HOSTED_ZONE_ID --change-batch "$AWS_INPUT"
certbot certonly --webroot -w /var/www/subdomain.example.com -d subdomain.example.com
TODO update directory permissions
Update the configuration file:
vim /etc/lighttpd/conf-available/10-ssl.conf
ssl.privkey="/path/to/privkey.pem"
ssl.pemfile="/path/to/fullchain.pem"
Enable SSL
sudo lighty-enable-mod ssl
sudo service lighttpd force-reload
Forward HTTP to HTTPS
sudo echo '$HTTP["scheme"] == "http" {
url.redirect = ("" => "https://${url.authority}${url.path}${qsa}")
url.redirect-code = 308
}' > /etc/lighttpd/conf-available/redirect-http-to-https.conf
Should already be installed with the Ubuntu image.
Run init
lxd init
lxc launch ubuntu:22.10 nodefns