Installing AuthMachine on AWS
This document describes various options for installing and using AuthMachine on Amazon AWS platform.
Prerequisites
AuthMachine requires the following services:
- PostgreSQL database
- Redis
By default these services are installed by the AuthMachine installer (curl get.authmachine.com | sudo bash -
), but if you use Amazon AWS you might consider using Amazon RDS and Amazon Elasticache services instead.
EC2
Launch an EC2 instance for AuthMachine application server. Ensure that you can log in using SSH. Install docker and docker-compose. Also while it's not required, you can install psql
and redis-cli
utilities for testing connectivity with RDS and Elasticache. (For ubuntu run: apt-get install postegrsql-client redis-tools
).
RDS
Create a PostgreSQL RDS instance in your AWS console. After creating, ensure that you can connect to it from your EC2 instance (check the AWS security group docs for more details)
Setting up Elasticache
Create a Redis instance in your AWS Elasticache console. Ensure that you can connect to it from EC2 instance. Check AWS docs for more details.
Setting up Docker
Log in to your EC2 instance using SSH. Ensure that your current user is authorized to run docker commands (usually either root or a member of the "docker" group) Create a directory to store AuthMachine configuration files:
mkdir -p ~/authmachine
cd ~/authmachine
Run the following helper script:
curl get.authmachine.com/setup-nginx-aws.sh | bash -
Download the example docker-compose.yml file from here
curl get.authmachine.com/docker-compose-aws.yml -o docker-compose.yml
Open the docker-compose.yml
file in your favourite text editor and adjust the following variables there:
- AUTHMACHINE_DB_HOST
- AUTHMACHINE_DB_PORT
- AUTHMACHINE_DB_NAME
- AUTHMACHINE_DB_USER
- AUTHMACHINE_DB_PASSWORD
- AUTHMACHINE_SECRET_KEY
- AUTHMACHINE_BASE_URL
- AUTHMACHINE_SECRET_TOKEN
- AUTHMACHINE_REDIS_URL
- VIRTUAL_HOST
Adjust other variables as per your liking. Note, that AUTHMACHINE_SECRET_KEY and AUTHMACHINE_SECRET_TOKEN should be random 32-characters strings unique per installation.