sheppy/jeffrey_miller_flask_ftp
1
0
Fork 0
mirror of https://github.com/FAUSheppy/jeffrey_miller_flask_ftp synced 2025-12-06 07:41:35 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

update aws

Browse Source
This commit is contained in:
Yannik Schmidt
2021-08-31 22:27:53 +02:00
parent 4086dfaf93
commit 952bd5b6ca
2 changed files with 12 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@@ -48,6 +48,8 @@ The start script (*setup.sh*) performs the following task in this order:
# AWS
The AWS-template setup uses git instead of rsync to pull the server files. The ssh-key fingerprint must be verified in advanced.
- create a keypair called *"flask-ftp"* or change the value of *"KeyName"* in *aws/template.yml* to an existing key pair (see "AWS Network & Security -> Key Pairs" for details)
- create a new stack (CloudFormation -> Stacks -> Create Stack) and upload the template (*aws/template.yml*)
- goto Instances, select Security and click the security group, add inbound for the ports you want to use (e.g. FTP Ports, 80, 443 or 5000, allowing all for simplicity, is reasonably safe too in this case, since there's nothing running on the server except the public services)

16
aws/template.yml
View File

@@ -13,8 +13,10 @@ Resources:
UserData:
Fn::Base64: !Sub |
#!/bin/bash
mkdir /root/.ssh/
cp -f /home/admin/.ssh/authorized_keys /root/.ssh/
apt update
apt install -y vsftpd python3 python3-pip sqlite3 python3-waitress
apt install -y vsftpd python3 python3-pip sqlite3 python3-waitress git jq curl
python3 -m pip install flask flask-sqlalchemy
useradd -m flask
usermod -L flask
@@ -22,15 +24,17 @@ Resources:
echo "flask ALL=(ALL) NOPASSWD: /home/flask/jeffrey_miller_flask_ftp/scripts/delete_user.sh" >> /etc/sudoers
sed -i "s/\#write_enable=YES/write_enable=YES/" /etc/vsftpd.conf
systemctl restart vsftpd
echo 'AllowUsers root' >> /etc/ssh/sshd_config
flask mkdir -p /home/flask/.ssh/
echo "-----BEGIN OPENSSH PRIVATE KEY-----\nb3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABFwAAAAdzc2gtcn\nNhAAAAAwEAAQAAAQEA1b3uaTdzCD2Jp3tY12yhq+fFuvcjY1ag3gnmv4sl5cPdv+HdeAte\n6i3Ph3wmCetCbtPl5KYPEFnsaa+UXXZBtkohBQOw66wxwuRWs9TmmkBKXCh8pqAhTQG76i\nKjaggK8QyIf2ydr7Sqk9/q2HBsRsBi1uV0Q2DUddYJoeuAklRU+lnROGOkJ+bqugAirC7v\nNFAzGlgUYEvmcJsOUzPj7wo8cq9hNkAb+Wc5UNbngaKWIJFIZu2t717hJx80Alqwxe9LEE\nKbTJRIBgzLtgg71WysjUGSh2+wzsmixuSE5H0gLEivUpliCCPoIHRXgavI7u9cdO1EcThp\nNWI15SU9OwAAA9B82bvZfNm72QAAAAdzc2gtcnNhAAABAQDVve5pN3MIPYmne1jXbKGr58\nW69yNjVqDeCea/iyXlw92/4d14C17qLc+HfCYJ60Ju0+Xkpg8QWexpr5RddkG2SiEFA7Dr\nrDHC5Faz1OaaQEpcKHymoCFNAbvqIqNqCArxDIh/bJ2vtKqT3+rYcGxGwGLW5XRDYNR11g\nmh64CSVFT6WdE4Y6Qn5uq6ACKsLu80UDMaWBRgS+Zwmw5TM+PvCjxyr2E2QBv5ZzlQ1ueB\nopYgkUhm7a3vXuEnHzQCWrDF70sQQptMlEgGDMu2CDvVbKyNQZKHb7DOyaLG5ITkfSAsSK\n9SmWIII+ggdFeBq8ju71x07URxOGk1YjXlJT07AAAAAwEAAQAAAQBMjf+DPfH8hJX2H669\nUdJCEPx4L6ZEITXy8Rbtifgj6FhXLp21LlVriMbo3uV87f9YVJrlnziMAbk0TUfVhdKZaM\nmU0zKd5onYJRKMzHdfziEUCwhCYd4rh7B3drqS8piAp52IDi4YTZw+5JdnuDR/zs5X680N\niPPv1J6UmRXu0o+rO/tKKsnlG1hVSJikDZnpDdNIAM0W4NyOIxAnTgxB+eC5yMdGY37BYZ\nL/DhyYPWU2URG88x4JljFqmYIf/DfAiFgLb/IwJ7SqlMRgCjhJ6JZeqpjVCKsL1raXWHy5\n9nqrexN+bMNnldT/doEcVKj1j/gkq5mGpJGsH4+WJWhxAAAAgCkiM8aN2QdDG4HPdFpwBX\nNEuSNsxc/VftJ0i6xpQYU7bdusE5Kd1cMPUb2StyfuMJX9vt0gCEMhxwOhOE7cnT63z9jP\nAU5bPxrCocgK4beosv1+aRqjzBLg8sV2lRJkd9FWeau81vIj4R5dPg+BuczbFm07SjMG95\n4ZV1IDt223AAAAgQD73krTRWmrX0F/k9ciwUPO17EJtrdHfoRIp5KeJkUXEwoOeMbjb45K\nLiWKB4SaC3zE9L/Y98EYmuVFY8lQBpeJL3CBv7F6oa1maWUbG1DzKkIdMYRiIIJZ2EQTsy\nQIkiMBo2xlvqNT/OlXjBm2gzKnzn+BLKRYPUGbKy95VTzY+QAAAIEA2T+Hd2uQm1oZTW8R\nipfX/Iy+Fn2d1/+yIy2rC7FzgtE5VMBRdluvnWnAhOMplTWPxrnpRok4OGbkm88VDnfqBu\npwVyE2Z0imST/7FChkJ1O+cb7SXQXsINSKcK5bSWVev1tq14mvTDG2x4hJTb0BjR3wsbCz\n/0DdcdIgjFwzqNMAAAAXaWsxNXlkaXRAYXRsYW50aXNsYXB0b3ABAgME\n-----END OPENSSH PRIVATE KEY-----" > /home/flask/.ssh/git
echo 'AllowUsers root admin' >> /etc/ssh/sshd_config
systemctl reload sshd
mkdir -p /home/flask/.ssh/
echo "-----BEGIN OPENSSH PRIVATE KEY-----\nb3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABFwAAAAdzc2gtcn\nNhAAAAAwEAAQAAAQEA1b3uaTdzCD2Jp3tY12yhq+fFuvcjY1ag3gnmv4sl5cPdv+HdeAte\n6i3Ph3wmCetCbtPl5KYPEFnsaa+UXXZBtkohBQOw66wxwuRWs9TmmkBKXCh8pqAhTQG76i\nKjaggK8QyIf2ydr7Sqk9/q2HBsRsBi1uV0Q2DUddYJoeuAklRU+lnROGOkJ+bqugAirC7v\nNFAzGlgUYEvmcJsOUzPj7wo8cq9hNkAb+Wc5UNbngaKWIJFIZu2t717hJx80Alqwxe9LEE\nKbTJRIBgzLtgg71WysjUGSh2+wzsmixuSE5H0gLEivUpliCCPoIHRXgavI7u9cdO1EcThp\nNWI15SU9OwAAA9B82bvZfNm72QAAAAdzc2gtcnNhAAABAQDVve5pN3MIPYmne1jXbKGr58\nW69yNjVqDeCea/iyXlw92/4d14C17qLc+HfCYJ60Ju0+Xkpg8QWexpr5RddkG2SiEFA7Dr\nrDHC5Faz1OaaQEpcKHymoCFNAbvqIqNqCArxDIh/bJ2vtKqT3+rYcGxGwGLW5XRDYNR11g\nmh64CSVFT6WdE4Y6Qn5uq6ACKsLu80UDMaWBRgS+Zwmw5TM+PvCjxyr2E2QBv5ZzlQ1ueB\nopYgkUhm7a3vXuEnHzQCWrDF70sQQptMlEgGDMu2CDvVbKyNQZKHb7DOyaLG5ITkfSAsSK\n9SmWIII+ggdFeBq8ju71x07URxOGk1YjXlJT07AAAAAwEAAQAAAQBMjf+DPfH8hJX2H669\nUdJCEPx4L6ZEITXy8Rbtifgj6FhXLp21LlVriMbo3uV87f9YVJrlnziMAbk0TUfVhdKZaM\nmU0zKd5onYJRKMzHdfziEUCwhCYd4rh7B3drqS8piAp52IDi4YTZw+5JdnuDR/zs5X680N\niPPv1J6UmRXu0o+rO/tKKsnlG1hVSJikDZnpDdNIAM0W4NyOIxAnTgxB+eC5yMdGY37BYZ\nL/DhyYPWU2URG88x4JljFqmYIf/DfAiFgLb/IwJ7SqlMRgCjhJ6JZeqpjVCKsL1raXWHy5\n9nqrexN+bMNnldT/doEcVKj1j/gkq5mGpJGsH4+WJWhxAAAAgCkiM8aN2QdDG4HPdFpwBX\nNEuSNsxc/VftJ0i6xpQYU7bdusE5Kd1cMPUb2StyfuMJX9vt0gCEMhxwOhOE7cnT63z9jP\nAU5bPxrCocgK4beosv1+aRqjzBLg8sV2lRJkd9FWeau81vIj4R5dPg+BuczbFm07SjMG95\n4ZV1IDt223AAAAgQD73krTRWmrX0F/k9ciwUPO17EJtrdHfoRIp5KeJkUXEwoOeMbjb45K\nLiWKB4SaC3zE9L/Y98EYmuVFY8lQBpeJL3CBv7F6oa1maWUbG1DzKkIdMYRiIIJZ2EQTsy\nQIkiMBo2xlvqNT/OlXjBm2gzKnzn+BLKRYPUGbKy95VTzY+QAAAIEA2T+Hd2uQm1oZTW8R\nipfX/Iy+Fn2d1/+yIy2rC7FzgtE5VMBRdluvnWnAhOMplTWPxrnpRok4OGbkm88VDnfqBu\npwVyE2Z0imST/7FChkJ1O+cb7SXQXsINSKcK5bSWVev1tq14mvTDG2x4hJTb0BjR3wsbCz\n/0DdcdIgjFwzqNMAAAAXaWsxNXlkaXRAYXRsYW50aXNsYXB0b3ABAgME\n-----END OPENSSH PRIVATE KEY-----" | sed 's/\\n/\n/g' > /home/flask/.ssh/git
eval `ssh-agent`
ssh-add /home/flask/.ssh/git
git clone git@github.com:FAUSheppy/jeffrey_miller_flask_ftp.git
ssh-keyscan github.com >> /root/.ssh/known_hosts
git clone git@github.com:FAUSheppy/jeffrey_miller_flask_ftp.git /home/flask/jeffrey_miller_flask_ftp
cp /home/flask/jeffrey_miller_flask_ftp/flask-ftp.service /etc/systemd/user/
chmod a+r /etc/systemd/user/flask-ftp.service
systemctl enable /etc/systemd/user/flask-ftp.service
systemctl daemon reload
systemctl daemon-reload
systemctl start flask-ftp.service
chown -R flask:flask /home/flask