DEV Community

Cover image for Self-Hosting Forem on AWS
Tonic
Tonic

Posted on

Self-Hosting Forem on AWS

These instructions will guide you through deploying a production-ready Forem instance on Amazon Web Services (AWS).

Prerequisites

  • An AWS account
  • AWS CLI installed and configured
  • Basic knowledge of AWS services
  • Domain name registered and configured in Route 53

1. Set up VPC and Networking

# Create VPC
aws ec2 create-vpc --cidr-block 10.0.0.0/16 --tag-specifications 'ResourceType=vpc,Tags=[{Key=Name,Value=forem-vpc}]'

# Create public subnet
aws ec2 create-subnet --vpc-id <vpc-id> --cidr-block 10.0.1.0/24 --availability-zone us-east-1a

# Create internet gateway
aws ec2 create-internet-gateway --tag-specifications 'ResourceType=internet-gateway,Tags=[{Key=Name,Value=forem-igw}]'

# Attach internet gateway to VPC
aws ec2 attach-internet-gateway --vpc-id <vpc-id> --internet-gateway-id <igw-id>

# Create route table and add route to internet
aws ec2 create-route-table --vpc-id <vpc-id>
aws ec2 create-route --route-table-id <rtb-id> --destination-cidr-block 0.0.0.0/0 --gateway-id <igw-id>

# Associate route table with subnet
aws ec2 associate-route-table --subnet-id <subnet-id> --route-table-id <rtb-id>
Enter fullscreen mode Exit fullscreen mode

2. Create Security Group

aws ec2 create-security-group --group-name forem-sg --description "Security group for Forem" --vpc-id <vpc-id>

# Allow inbound traffic
aws ec2 authorize-security-group-ingress --group-id <sg-id> --protocol tcp --port 22 --cidr 0.0.0.0/0
aws ec2 authorize-security-group-ingress --group-id <sg-id> --protocol tcp --port 80 --cidr 0.0.0.0/0
aws ec2 authorize-security-group-ingress --group-id <sg-id> --protocol tcp --port 443 --cidr 0.0.0.0/0
Enter fullscreen mode Exit fullscreen mode

3. Launch EC2 Instance

aws ec2 run-instances --image-id ami-0261755bbcb8c4a84 --count 1 --instance-type t3.large --key-name <your-key-pair> --security-group-ids <sg-id> --subnet-id <subnet-id> --associate-public-ip-address --tag-specifications 'ResourceType=instance,Tags=[{Key=Name,Value=forem-instance}]'
Enter fullscreen mode Exit fullscreen mode

4. Allocate Elastic IP

aws ec2 allocate-address
aws ec2 associate-address --instance-id <instance-id> --allocation-id <eipalloc-id>
Enter fullscreen mode Exit fullscreen mode

5. Configure DNS

Add an A record in Route 53 pointing your domain to the Elastic IP address.

6. SSH into the Instance

ssh -i <your-key-pair.pem> ubuntu@<public-ip>
Enter fullscreen mode Exit fullscreen mode

7. Install Dependencies

sudo apt update && sudo apt upgrade -y
sudo apt install -y git curl build-essential pkg-config libssl-dev libz-dev libreadline-dev libcurl4-openssl-dev uuid-dev icu-devtools imagemagick nginx postgresql redis-server
Enter fullscreen mode Exit fullscreen mode

8. Install mise

Follow the mise installation instructions from their official documentation.

9. Clone Forem Repository

git clone https://github.com/forem/forem.git
cd forem
Enter fullscreen mode Exit fullscreen mode

10. Install Tool Dependencies

mise install
Enter fullscreen mode Exit fullscreen mode

11. Set Up Database

sudo -u postgres psql
CREATE DATABASE forem_production;
CREATE USER forem WITH PASSWORD 'your_secure_password';
GRANT ALL PRIVILEGES ON DATABASE forem_production TO forem;
\q
Enter fullscreen mode Exit fullscreen mode

12. Set Up Environment Variables

Create a .env.production file in the Forem directory and add necessary environment variables:

RAILS_ENV=production
DATABASE_URL=postgresql://forem:your_secure_password@localhost/forem_production
REDIS_URL=redis://localhost:6379
SECRET_KEY_BASE=<generate_a_secure_key>
FOREM_DOMAIN=your_domain.com
Enter fullscreen mode Exit fullscreen mode

13. Set Up Application

bundle install --deployment --without development test
yarn install
RAILS_ENV=production bundle exec rails assets:precompile
RAILS_ENV=production bundle exec rails db:setup
Enter fullscreen mode Exit fullscreen mode

14. Set Up Nginx as Reverse Proxy

Create an Nginx configuration file:

sudo nano /etc/nginx/sites-available/forem
Enter fullscreen mode Exit fullscreen mode

Add the following configuration:

server {
    listen 80;
    server_name your_domain.com;

    location / {
        proxy_pass http://localhost:3000;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
    }
}
Enter fullscreen mode Exit fullscreen mode

Enable the site:

sudo ln -s /etc/nginx/sites-available/forem /etc/nginx/sites-enabled/
sudo nginx -t
sudo systemctl restart nginx
Enter fullscreen mode Exit fullscreen mode

15. Set Up SSL with Let's Encrypt

sudo apt install certbot python3-certbot-nginx -y
sudo certbot --nginx -d your_domain.com
Enter fullscreen mode Exit fullscreen mode

16. Set Up Forem as a Service

Create a systemd service file:

sudo nano /etc/systemd/system/forem.service
Enter fullscreen mode Exit fullscreen mode

Add the following content:

[Unit]
Description=Forem
After=network.target

[Service]
Type=simple
User=ubuntu
WorkingDirectory=/home/ubuntu/forem
ExecStart=/home/ubuntu/forem/bin/rails server -e production
Restart=on-failure

[Install]
WantedBy=multi-user.target
Enter fullscreen mode Exit fullscreen mode

Enable and start the service:

sudo systemctl daemon-reload
sudo systemctl enable forem
sudo systemctl start forem
Enter fullscreen mode Exit fullscreen mode

17. Set Up Sidekiq as a Service

Create a systemd service file for Sidekiq:

sudo nano /etc/systemd/system/sidekiq.service
Enter fullscreen mode Exit fullscreen mode

Add the following content:

[Unit]
Description=Sidekiq
After=network.target

[Service]
Type=simple
User=ubuntu
WorkingDirectory=/home/ubuntu/forem
ExecStart=/home/ubuntu/.mise/shims/bundle exec sidekiq -e production
Restart=on-failure

[Install]
WantedBy=multi-user.target
Enter fullscreen mode Exit fullscreen mode

Enable and start the service:

sudo systemctl daemon-reload
sudo systemctl enable sidekiq
sudo systemctl start sidekiq
Enter fullscreen mode Exit fullscreen mode

18. Configure Fastly (Optional)

If you want to use Fastly for caching:

  1. Sign up for a Fastly account
  2. Create a new service in Fastly
  3. Configure your domain in Fastly
  4. Update your DNS to point to Fastly's CDN
  5. Add the Fastly API key to your .env.production file:
FASTLY_API_KEY=your_fastly_api_key
FASTLY_SERVICE_ID=your_fastly_service_id
Enter fullscreen mode Exit fullscreen mode

19. Set Up Email (Optional)

To enable transactional emails, add the following to your .env.production file:

SMTP_ADDRESS=smtp.your_email_provider.com
SMTP_PORT=587
SMTP_DOMAIN=your_domain.com
SMTP_USER_NAME=your_username
SMTP_PASSWORD=your_password
SMTP_AUTHENTICATION=plain
Enter fullscreen mode Exit fullscreen mode

20. Final Steps

  1. Restart your Forem instance:
   sudo systemctl restart forem
   sudo systemctl restart sidekiq
Enter fullscreen mode Exit fullscreen mode
  1. Visit your domain in a web browser to complete the setup process.

  2. Set up an admin account and configure your Forem instance.

Remember to regularly update your Forem instance, monitor your AWS resources, and implement proper backup strategies for your database and user-generated content.

Top comments (0)