These instructions will guide you through deploying a production-ready Forem instance on Amazon Web Services (AWS).
Prerequisites
- An AWS account
- AWS CLI installed and configured
- Basic knowledge of AWS services
- Domain name registered and configured in Route 53
1. Set up VPC and Networking
# Create VPC
aws ec2 create-vpc --cidr-block 10.0.0.0/16 --tag-specifications 'ResourceType=vpc,Tags=[{Key=Name,Value=forem-vpc}]'
# Create public subnet
aws ec2 create-subnet --vpc-id <vpc-id> --cidr-block 10.0.1.0/24 --availability-zone us-east-1a
# Create internet gateway
aws ec2 create-internet-gateway --tag-specifications 'ResourceType=internet-gateway,Tags=[{Key=Name,Value=forem-igw}]'
# Attach internet gateway to VPC
aws ec2 attach-internet-gateway --vpc-id <vpc-id> --internet-gateway-id <igw-id>
# Create route table and add route to internet
aws ec2 create-route-table --vpc-id <vpc-id>
aws ec2 create-route --route-table-id <rtb-id> --destination-cidr-block 0.0.0.0/0 --gateway-id <igw-id>
# Associate route table with subnet
aws ec2 associate-route-table --subnet-id <subnet-id> --route-table-id <rtb-id>
2. Create Security Group
aws ec2 create-security-group --group-name forem-sg --description "Security group for Forem" --vpc-id <vpc-id>
# Allow inbound traffic
aws ec2 authorize-security-group-ingress --group-id <sg-id> --protocol tcp --port 22 --cidr 0.0.0.0/0
aws ec2 authorize-security-group-ingress --group-id <sg-id> --protocol tcp --port 80 --cidr 0.0.0.0/0
aws ec2 authorize-security-group-ingress --group-id <sg-id> --protocol tcp --port 443 --cidr 0.0.0.0/0
3. Launch EC2 Instance
aws ec2 run-instances --image-id ami-0261755bbcb8c4a84 --count 1 --instance-type t3.large --key-name <your-key-pair> --security-group-ids <sg-id> --subnet-id <subnet-id> --associate-public-ip-address --tag-specifications 'ResourceType=instance,Tags=[{Key=Name,Value=forem-instance}]'
4. Allocate Elastic IP
aws ec2 allocate-address
aws ec2 associate-address --instance-id <instance-id> --allocation-id <eipalloc-id>
5. Configure DNS
Add an A record in Route 53 pointing your domain to the Elastic IP address.
6. SSH into the Instance
ssh -i <your-key-pair.pem> ubuntu@<public-ip>
7. Install Dependencies
sudo apt update && sudo apt upgrade -y
sudo apt install -y git curl build-essential pkg-config libssl-dev libz-dev libreadline-dev libcurl4-openssl-dev uuid-dev icu-devtools imagemagick nginx postgresql redis-server
8. Install mise
Follow the mise installation instructions from their official documentation.
9. Clone Forem Repository
git clone https://github.com/forem/forem.git
cd forem
10. Install Tool Dependencies
mise install
11. Set Up Database
sudo -u postgres psql
CREATE DATABASE forem_production;
CREATE USER forem WITH PASSWORD 'your_secure_password';
GRANT ALL PRIVILEGES ON DATABASE forem_production TO forem;
\q
12. Set Up Environment Variables
Create a .env.production
file in the Forem directory and add necessary environment variables:
RAILS_ENV=production
DATABASE_URL=postgresql://forem:your_secure_password@localhost/forem_production
REDIS_URL=redis://localhost:6379
SECRET_KEY_BASE=<generate_a_secure_key>
FOREM_DOMAIN=your_domain.com
13. Set Up Application
bundle install --deployment --without development test
yarn install
RAILS_ENV=production bundle exec rails assets:precompile
RAILS_ENV=production bundle exec rails db:setup
14. Set Up Nginx as Reverse Proxy
Create an Nginx configuration file:
sudo nano /etc/nginx/sites-available/forem
Add the following configuration:
server {
listen 80;
server_name your_domain.com;
location / {
proxy_pass http://localhost:3000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
}
}
Enable the site:
sudo ln -s /etc/nginx/sites-available/forem /etc/nginx/sites-enabled/
sudo nginx -t
sudo systemctl restart nginx
15. Set Up SSL with Let's Encrypt
sudo apt install certbot python3-certbot-nginx -y
sudo certbot --nginx -d your_domain.com
16. Set Up Forem as a Service
Create a systemd service file:
sudo nano /etc/systemd/system/forem.service
Add the following content:
[Unit]
Description=Forem
After=network.target
[Service]
Type=simple
User=ubuntu
WorkingDirectory=/home/ubuntu/forem
ExecStart=/home/ubuntu/forem/bin/rails server -e production
Restart=on-failure
[Install]
WantedBy=multi-user.target
Enable and start the service:
sudo systemctl daemon-reload
sudo systemctl enable forem
sudo systemctl start forem
17. Set Up Sidekiq as a Service
Create a systemd service file for Sidekiq:
sudo nano /etc/systemd/system/sidekiq.service
Add the following content:
[Unit]
Description=Sidekiq
After=network.target
[Service]
Type=simple
User=ubuntu
WorkingDirectory=/home/ubuntu/forem
ExecStart=/home/ubuntu/.mise/shims/bundle exec sidekiq -e production
Restart=on-failure
[Install]
WantedBy=multi-user.target
Enable and start the service:
sudo systemctl daemon-reload
sudo systemctl enable sidekiq
sudo systemctl start sidekiq
18. Configure Fastly (Optional)
If you want to use Fastly for caching:
- Sign up for a Fastly account
- Create a new service in Fastly
- Configure your domain in Fastly
- Update your DNS to point to Fastly's CDN
- Add the Fastly API key to your
.env.production
file:
FASTLY_API_KEY=your_fastly_api_key
FASTLY_SERVICE_ID=your_fastly_service_id
19. Set Up Email (Optional)
To enable transactional emails, add the following to your .env.production
file:
SMTP_ADDRESS=smtp.your_email_provider.com
SMTP_PORT=587
SMTP_DOMAIN=your_domain.com
SMTP_USER_NAME=your_username
SMTP_PASSWORD=your_password
SMTP_AUTHENTICATION=plain
20. Final Steps
- Restart your Forem instance:
sudo systemctl restart forem
sudo systemctl restart sidekiq
Visit your domain in a web browser to complete the setup process.
Set up an admin account and configure your Forem instance.
Remember to regularly update your Forem instance, monitor your AWS resources, and implement proper backup strategies for your database and user-generated content.
Top comments (0)