README

The AWS Cloud infrastructure for the victorsmirnov.blog

The AWS CDK project to build the AWS infrastructure for the personal blog project.

Notes

Why we do not have tests.

Useful commands

npm run build compile typescript to js.
npm run build:watch watch for changes and compile.
cdk --profile <name> diff compare deployed stack with current state.
cdk --profile <name> deploy --no-execute create change.
cdk --profile <name> deploy deploy the stack.

Install CloudWatch agent

Documentation https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/download-cloudwatch-agent-commandline.html

Copy configuration file src/amazon-cloudwatch-agent.json to the server's folder /opt/aws/amazon-cloudwatch-agent/.

Check agent status on the server with sudo service amazon-cloudwatch-agent status.

And my answer on StackOverflow about how to parse time from the logs: https://stackoverflow.com/questions/71148794/when-logging-to-cloudwatch-logs-in-a-json-format-what-is-the-name-of-the-timesta/73242108#73242108

Server and client certificates

./easyrsa init-pki

./easyrsa build-ca nopass

./easyrsa build-server-full server nopass

aws --profile <name> acm import-certificate --certificate fileb://easyrsa3/pki/issued/server.crt \
    --private-key fileb://easyrsa3/pki/private/server.key \
    --certificate-chain fileb://easyrsa3/pki/ca.crt

./easyrsa build-client-full <email-address> nopass

Parameters for tcpdump to show incoming HTTP headers

tcpdump -A -s 0 'tcp dst port 2369 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)'

Backup database with MySQL dump

mysqldump -h blog.cluster-csuhqkhwiw2d.eu-west-1.rds.amazonaws.com -u root -p \
    --column-statistics=0 --set-gtid-purged=OFF ghost > ghost.sql

PreviousLICENSE

Last updated 3 years ago