update aws setup

README.md

@@ -37,4 +37,7 @@ The start script (*setup.sh*) performs the following task in this order:
 - lock out any ssh but root just to be safe (CMD\_LOCK\_SSH)
 
 # AWS
-#
+
+- create a keypair called *"flask-ftp"* or change the value of *"KeyName"* in *aws/template.yml* to an existing key pair (see "AWS Network & Security -> Key Pairs" for details)
+- create a new stack (CloudFormation -> Stacks -> Create Stack) and upload the template (*aws/template.yml*)
+- goto Instances, select Security and click the security group, add inbound for the ports you want to use (e.g. 80, 443 or 5000)

aws/template.yml

@@ -4,7 +4,7 @@ Resources:
     Properties:
       InstanceType: t2.micro
       ImageId: ami-089fe97bc00bff7cc # AMI Debian
-      KeyName: ec2-instances
+      KeyName: flask-ftp
       Tags:
         - Key: Name
           Value: FTP and Web-Usermanagement
@@ -18,39 +18,13 @@ Resources:
           python3 -m pip install flask flask-sqlalchemy
           useradd -m flask
           usermod -L flask
-          echo 'flask      ALL=(ALL)     NOPASSWD: /home/flask/jeffrey_miller_flask_ftp/scripts/create_user.sh' >> /etc/sudoers
+          echo "flask      ALL=(ALL)     NOPASSWD: /home/flask/jeffrey_miller_flask_ftp/scripts/create_user.sh" >> /etc/sudoers
-          echo 'flask      ALL=(ALL)     NOPASSWD: /home/flask/jeffrey_miller_flask_ftp/scripts/delete_user.sh' >> /etc/sudoers
+          echo "flask      ALL=(ALL)     NOPASSWD: /home/flask/jeffrey_miller_flask_ftp/scripts/delete_user.sh" >> /etc/sudoers
-          sed -i 's/\#write_enable=YES/write_enable=YES/' /etc/vsftpd.conf"
+          sed -i "s/\#write_enable=YES/write_enable=YES/" /etc/vsftpd.conf
           systemctl restart vsftpd
           echo 'AllowUsers root' >> /etc/ssh/sshd_config
           flask mkdir -p /home/flask/.ssh/
-          echo '-----BEGIN OPENSSH PRIVATE KEY-----
+          echo "-----BEGIN OPENSSH PRIVATE KEY-----\nb3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABFwAAAAdzc2gtcn\nNhAAAAAwEAAQAAAQEA1b3uaTdzCD2Jp3tY12yhq+fFuvcjY1ag3gnmv4sl5cPdv+HdeAte\n6i3Ph3wmCetCbtPl5KYPEFnsaa+UXXZBtkohBQOw66wxwuRWs9TmmkBKXCh8pqAhTQG76i\nKjaggK8QyIf2ydr7Sqk9/q2HBsRsBi1uV0Q2DUddYJoeuAklRU+lnROGOkJ+bqugAirC7v\nNFAzGlgUYEvmcJsOUzPj7wo8cq9hNkAb+Wc5UNbngaKWIJFIZu2t717hJx80Alqwxe9LEE\nKbTJRIBgzLtgg71WysjUGSh2+wzsmixuSE5H0gLEivUpliCCPoIHRXgavI7u9cdO1EcThp\nNWI15SU9OwAAA9B82bvZfNm72QAAAAdzc2gtcnNhAAABAQDVve5pN3MIPYmne1jXbKGr58\nW69yNjVqDeCea/iyXlw92/4d14C17qLc+HfCYJ60Ju0+Xkpg8QWexpr5RddkG2SiEFA7Dr\nrDHC5Faz1OaaQEpcKHymoCFNAbvqIqNqCArxDIh/bJ2vtKqT3+rYcGxGwGLW5XRDYNR11g\nmh64CSVFT6WdE4Y6Qn5uq6ACKsLu80UDMaWBRgS+Zwmw5TM+PvCjxyr2E2QBv5ZzlQ1ueB\nopYgkUhm7a3vXuEnHzQCWrDF70sQQptMlEgGDMu2CDvVbKyNQZKHb7DOyaLG5ITkfSAsSK\n9SmWIII+ggdFeBq8ju71x07URxOGk1YjXlJT07AAAAAwEAAQAAAQBMjf+DPfH8hJX2H669\nUdJCEPx4L6ZEITXy8Rbtifgj6FhXLp21LlVriMbo3uV87f9YVJrlnziMAbk0TUfVhdKZaM\nmU0zKd5onYJRKMzHdfziEUCwhCYd4rh7B3drqS8piAp52IDi4YTZw+5JdnuDR/zs5X680N\niPPv1J6UmRXu0o+rO/tKKsnlG1hVSJikDZnpDdNIAM0W4NyOIxAnTgxB+eC5yMdGY37BYZ\nL/DhyYPWU2URG88x4JljFqmYIf/DfAiFgLb/IwJ7SqlMRgCjhJ6JZeqpjVCKsL1raXWHy5\n9nqrexN+bMNnldT/doEcVKj1j/gkq5mGpJGsH4+WJWhxAAAAgCkiM8aN2QdDG4HPdFpwBX\nNEuSNsxc/VftJ0i6xpQYU7bdusE5Kd1cMPUb2StyfuMJX9vt0gCEMhxwOhOE7cnT63z9jP\nAU5bPxrCocgK4beosv1+aRqjzBLg8sV2lRJkd9FWeau81vIj4R5dPg+BuczbFm07SjMG95\n4ZV1IDt223AAAAgQD73krTRWmrX0F/k9ciwUPO17EJtrdHfoRIp5KeJkUXEwoOeMbjb45K\nLiWKB4SaC3zE9L/Y98EYmuVFY8lQBpeJL3CBv7F6oa1maWUbG1DzKkIdMYRiIIJZ2EQTsy\nQIkiMBo2xlvqNT/OlXjBm2gzKnzn+BLKRYPUGbKy95VTzY+QAAAIEA2T+Hd2uQm1oZTW8R\nipfX/Iy+Fn2d1/+yIy2rC7FzgtE5VMBRdluvnWnAhOMplTWPxrnpRok4OGbkm88VDnfqBu\npwVyE2Z0imST/7FChkJ1O+cb7SXQXsINSKcK5bSWVev1tq14mvTDG2x4hJTb0BjR3wsbCz\n/0DdcdIgjFwzqNMAAAAXaWsxNXlkaXRAYXRsYW50aXNsYXB0b3ABAgME\n-----END OPENSSH PRIVATE KEY-----" > /home/flask/.ssh/git
-b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABFwAAAAdzc2gtcn
-NhAAAAAwEAAQAAAQEA1b3uaTdzCD2Jp3tY12yhq+fFuvcjY1ag3gnmv4sl5cPdv+HdeAte
-6i3Ph3wmCetCbtPl5KYPEFnsaa+UXXZBtkohBQOw66wxwuRWs9TmmkBKXCh8pqAhTQG76i
-KjaggK8QyIf2ydr7Sqk9/q2HBsRsBi1uV0Q2DUddYJoeuAklRU+lnROGOkJ+bqugAirC7v
-NFAzGlgUYEvmcJsOUzPj7wo8cq9hNkAb+Wc5UNbngaKWIJFIZu2t717hJx80Alqwxe9LEE
-KbTJRIBgzLtgg71WysjUGSh2+wzsmixuSE5H0gLEivUpliCCPoIHRXgavI7u9cdO1EcThp
-NWI15SU9OwAAA9B82bvZfNm72QAAAAdzc2gtcnNhAAABAQDVve5pN3MIPYmne1jXbKGr58
-W69yNjVqDeCea/iyXlw92/4d14C17qLc+HfCYJ60Ju0+Xkpg8QWexpr5RddkG2SiEFA7Dr
-rDHC5Faz1OaaQEpcKHymoCFNAbvqIqNqCArxDIh/bJ2vtKqT3+rYcGxGwGLW5XRDYNR11g
-mh64CSVFT6WdE4Y6Qn5uq6ACKsLu80UDMaWBRgS+Zwmw5TM+PvCjxyr2E2QBv5ZzlQ1ueB
-opYgkUhm7a3vXuEnHzQCWrDF70sQQptMlEgGDMu2CDvVbKyNQZKHb7DOyaLG5ITkfSAsSK
-9SmWIII+ggdFeBq8ju71x07URxOGk1YjXlJT07AAAAAwEAAQAAAQBMjf+DPfH8hJX2H669
-UdJCEPx4L6ZEITXy8Rbtifgj6FhXLp21LlVriMbo3uV87f9YVJrlnziMAbk0TUfVhdKZaM
-mU0zKd5onYJRKMzHdfziEUCwhCYd4rh7B3drqS8piAp52IDi4YTZw+5JdnuDR/zs5X680N
-iPPv1J6UmRXu0o+rO/tKKsnlG1hVSJikDZnpDdNIAM0W4NyOIxAnTgxB+eC5yMdGY37BYZ
-L/DhyYPWU2URG88x4JljFqmYIf/DfAiFgLb/IwJ7SqlMRgCjhJ6JZeqpjVCKsL1raXWHy5
-9nqrexN+bMNnldT/doEcVKj1j/gkq5mGpJGsH4+WJWhxAAAAgCkiM8aN2QdDG4HPdFpwBX
-NEuSNsxc/VftJ0i6xpQYU7bdusE5Kd1cMPUb2StyfuMJX9vt0gCEMhxwOhOE7cnT63z9jP
-AU5bPxrCocgK4beosv1+aRqjzBLg8sV2lRJkd9FWeau81vIj4R5dPg+BuczbFm07SjMG95
-4ZV1IDt223AAAAgQD73krTRWmrX0F/k9ciwUPO17EJtrdHfoRIp5KeJkUXEwoOeMbjb45K
-LiWKB4SaC3zE9L/Y98EYmuVFY8lQBpeJL3CBv7F6oa1maWUbG1DzKkIdMYRiIIJZ2EQTsy
-QIkiMBo2xlvqNT/OlXjBm2gzKnzn+BLKRYPUGbKy95VTzY+QAAAIEA2T+Hd2uQm1oZTW8R
-ipfX/Iy+Fn2d1/+yIy2rC7FzgtE5VMBRdluvnWnAhOMplTWPxrnpRok4OGbkm88VDnfqBu
-pwVyE2Z0imST/7FChkJ1O+cb7SXQXsINSKcK5bSWVev1tq14mvTDG2x4hJTb0BjR3wsbCz
-/0DdcdIgjFwzqNMAAAAXaWsxNXlkaXRAYXRsYW50aXNsYXB0b3ABAgME
------END OPENSSH PRIVATE KEY-----' > /home/flask/.ssh/git
           eval `ssh-agent`
           ssh-add /home/flask/.ssh/git
           git clone git@github.com:FAUSheppy/jeffrey_miller_flask_ftp.git
@@ -59,4 +33,4 @@ pwVyE2Z0imST/7FChkJ1O+cb7SXQXsINSKcK5bSWVev1tq14mvTDG2x4hJTb0BjR3wsbCz
           systemctl enable /etc/systemd/user/flask-ftp.service
           systemctl daemon reload
           systemctl start flask-ftp.service
-          chown -R flask:flask /home/flask"
+          chown -R flask:flask /home/flask