How to host CxReports on AWS EC2

In this tutorial, we will guide you through all necessary steps in order to host a CxReports on an AWS EC2 instance.

Warning

This tutorial is explicitly made for creating instances for testing purposes and excludes any sort of custom domain setup. Any sort of production environment require abiding to standard security practices.

Launching an Amazon Linux EC2 instance with User Data

1. Log into the AWS console, select the region where you want to spawn the instance and navigate to EC2 service
2. Select Launch instance
3. Enter the name of the instance - for example: CxReports - Test
4. Under Application and OS Images (Amazon Machine Image) select Amazon Linux 2023 AMI - this one is free-tier eligible
5. Under Instance type select type of instance that you want to launch - for example t3.micro
6. Under Key pair (login) select Proceed without a key pair if you don't want to use one. Otherwise, you'll have to create a key pair. Refer to this document for instructions on how to do it.
7. In Network settings navigate to Firewall (security groups) and select Create security group and make sure to select:
   • Allow SSH traffic from and in the drop down Anywhere
   • Allow HTTPS traffic from the internet
   • Allow HTTP traffic from the internet
8. Navigate to Advanced details (skip Configure storage section) and scroll all the way to the bottom until you encounter User data - optional
9. In the User Data window paste the following block of code:

User password requirements

User password must have a minimum of 8 characters, out of those 8 characters, at least 1 special character, number and letter need to be present.

#!/bin/bash

# Install docker and compose
sudo sudo yum update -y
sudo yum install docker -y
sudo curl -sL https://github.com/docker/compose/releases/latest/download/docker-compose-$(uname -s)-$(uname -m) -o /usr/local/bin/docker-compose
sudo chmod +x /usr/local/bin/docker-compose


# Enable and start Docker
sudo systemctl enable docker
sudo systemctl start docker
sudo systemctl enable docker.service
sudo systemctl enable containerd.service

# Create the "cxreports" directory and subdirectories
mkdir -p /home/ec2-user/cxreports/logs

# Create the appsettings.Production.json file with initial content
cat <<EOT > /home/ec2-user/cxreports/appsettings.Production.json
{
  "ConnectionStrings": {
    "Database": "Host=db;Database=cxreports;Username=postgres;Password=password"
  },
  "Encryption": {
    "Key": "6F761C152A69C34B655BFF6226116AD4",
    "Vector": "A9B2BC02C2FDDE88"
  },
  "RootUser": {
    "Email": "[email protected]",
    "Password": "P@ssw0rd",
    "DisplayName": "First User"
  }
}
EOT

# Generate new encryption key and vector using OpenSSL
ENCRYPTION_OUTPUT=$(openssl enc -aes-128-cbc -k secret -P -md sha1)
NEW_KEY=$(echo "$ENCRYPTION_OUTPUT" | grep 'key=' | cut -d'=' -f2)
NEW_VECTOR=$(echo "$ENCRYPTION_OUTPUT" | grep 'iv ' | cut -d'=' -f2 | tr -d '\r\n' | cut -c1-16)

# Update the appsettings.Production.json file with the new key and vector

sed -i "s/\"Key\": \".*\"/\"Key\": \"$NEW_KEY\"/" /home/ec2-user/cxreports/appsettings.Production.json
sed -i "s/\"Vector\": \".*\"/\"Vector\": \"$NEW_VECTOR\"/" /home/ec2-user/cxreports/appsettings.Production.json

# Create the docker-compose.yml file

cat <<EOT > /home/ec2-user/cxreports/docker-compose.yml
services:

  app:
    image: codaxy/cx-reports:latest
    depends_on:
      - db
    volumes:
      - ./logs:/app/Logs
    ports:
      - "80:8080"
    restart: always
    secrets:
      - source: appsett_app
        target: /app/appsettings.Production.json

  db:
    image: postgres
    volumes:
      - postgres_data:/var/lib/postgresql/data
    environment:
      POSTGRES_DB: cxreports
      POSTGRES_USER: postgres
      POSTGRES_PASSWORD: password
    restart: always

secrets:
  appsett_app:
    file: ./appsettings.Production.json

volumes:
  postgres_data:
EOT

# Navigate to the "cxreports" directory and start the application

cd /home/ec2-user/cxreports
sudo docker-compose up -d

1. Click Launch instance on the right side of the screen.

   Note: It takes some time for instance to spawn, it should be ready in about 10 minutes, but that depends on the instance itself.

2. Navigate again to EC2 > Instances

3. Select the instance that you spawned in the dashboard and navigate to Network tab
4. Under Networking details you will have Public IPv4 Address and Public IPv4 DNS, access them via HTTP

5. Enter the login information:

   • Email: [email protected]
   • Password: P@ssw0rd

   Note: If you changed the root user password in User Data, use that one.

6. Select Enter license key and add your license

   Note: Depending on the tier and quality of instance, actions can be delayed and slow.