Skip to content

Steps to setup an EC2 instance on AWS with an Nginx proxy server in front.

Notifications You must be signed in to change notification settings


Folders and files

Last commit message
Last commit date

Latest commit



8 Commits

Repository files navigation

Overview of crucial steps to perform to setup a server on a EC2 instance on AWS

Steps to setup an EC2 instance on AWS with an Nginx proxy server in front.

This is a brief guide to be used as reference. More detailed info about creating an instance is provided by Amazon at

Intial Setup

  1. Create and launch your EC2 instance on AWS (Need AWS account - free 1 year trial)

    • Swift servers work well with Ubuntu 18.04
  2. Create a security group if you do not have one.

  3. Open up port 80 for HTTP requests to and ::/0

  4. Open up port 443 for HTTPS requests to and ::/0

  5. Open up your server port (8080 is typlical for an api server) to

  6. Attach your security group to your instance(s)

  7. Optional - add database if needed

  8. create a ssh key on your computer for your aws ssh

    • I like to make seperate ones for different things in case I need to destroy a key later
  9. Mark your ssh private key as read-only otherwise AWS will refuse the connection

    • chmod 600 ~/.ssh/key or chmod 600 /path/to/your/ssh/key
  10. ssh into instance -i /location/to/your/ssh/key ubuntu@your-aws-ip

    • (Optional) create a shortcut in ~/ssh/config Host nameForShortcut HostName User ubuntu IdentityFile /location/to/your/ssh/key.pem
    • now you can do ssh nameForShortcut in terminal (makes it easier since you will ssh into it a lot)
  11. Got to root access and update system

    • sudo su -
    • apt-get update
    • apt-get upgrade

Vapor Server Setup

  1. ssh into instance if not already in

  2. Switch to root user sudo su - (needed for updating and installing)

  3. Add the signing key from the Vapor APT repository. This allows apt-get to verify the packages it downloads from the repository.

    • wget -q -O- | apt-key add -
  4. Add the correct APT repository for your Ubuntu version.

    • echo "deb $(lsb_release -sc) main" | tee /etc/apt/sources.list.d/vapor.list
  5. Update apt apt-get update

  6. Install Swift and the SSL C bindings. apt-get install swift ctls

  7. Verify setup and view Swift version swift --version

  8. Add your instance ssh to your github if not there already

  9. Exit from root user exit

  10. Clone your project and cd to project directory

  11. Create a build swift build -c release

  12. Test the build runs ./.build/release/Run

Setup Supervisor

This will keep the server running when you exit ssh and will restart it when it crashes

  1. Switch to root user sudo su -

  2. Should already be installed, but if not install apt-get install supervisor

  3. Create a new supervisor config with your server name vim /etc/supervisor/conf.d/configName.conf

    [program: ProjectName]
    command=/home/ubuntu/projectDirectory/.build/release/Run serve
  4. Reread supervisor configs supervisorctl reread

  5. Updated supervisor with new/updated config supervisorctl update

Setup Nginx

Simple proxy server that will sit in front of your server to handle routing traffic to the correct places before touching your core server. This will also be the place where you will enable SSL for HTTPS traffic and handle load balancing

  1. Switch to root user sudo su - if not a root user

  2. Install Nginx apt-get install nginx

  3. Create new Nginx configuration file vim /etc/nginx/conf.d/projectName.conf

    server { 
       ## Server name is iP or domain name(s)
       root /home/ubuntu/ProjectDirectory/Public; 
       try_files $uri @proxy;
       location @proxy {
          proxy_set_header Host $host;
          proxy_set_header X-Real-IP $remote_addr;
          proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 
          proxy_connect_timeout 3s;
          proxy_read_timeout 10s;
  4. Start nginx systemctl start nginx

    • can also restart and stop systemctl restart nginx or systemctl stop nginx

Add HTTPS to your nginx server

Documentation found at but I will be adding it via Let's Encrypt SSL/TLS

  1. Switch to root user sudo su -

  2. Create the certbot repository add-apt-repository ppa:certbot/certbot

  3. Update and install certbot

    • apt-get update
    • apt-get install python-certbot-nginx
  4. Generate certs with certbot with your domain sudo certbot --nginx -d -d

    • Follow the instrutions, but it should show something like this if successful
    Congratulations! You have successfully enabled and 
    Congratulations! Your certificate and chain have been saved at: 
    Your key file has been saved at: 
    Your cert will expire on 2017-12-12.
  5. It should have updated your nginx config file /etc/nginx/conf.d/projectName.conf

  6. These certbot certificates expire after 90 days so we need to add a cron job to renew and reload within 30 days. So open crontab file

    • crontab -e
  7. Add the command to run daily. This will run it every day at noon. The command checks to see if the certificate on the server will expire within the next 30 days, and renews it if so. The --quiet directive tells certbot not to generate output.

    • 0 12 * * * /usr/bin/certbot renew --quiet


Steps to setup an EC2 instance on AWS with an Nginx proxy server in front.







No releases published


No packages published