LogoLogo
  • NoPorts Documentation
  • Getting Started
  • Installation
    • Quick Start from macOS or Windows
    • Connecting from macOS
      • macOS to macOS
      • macOS to Linux
      • macOS to Windows
    • Connecting from Linux
      • Linux to macOS
      • Linux to Linux
      • Linux to Windows
    • Connecting from Windows
      • Windows to macOS
      • Windows to Linux
      • Windows to Windows
    • Cloud Installation Guides
      • Automated Installation on Amazon Web Services (AWS)
      • Automated Installation on Google Cloud Platform (GCP)
      • Automated Installation on Microsoft Azure
      • Automated Installation on Oracle Cloud Infrastructure (OCI)
    • OpenWrt Installation Guide
    • Manual Installation Guides
      • Device Installation
        • Tmux session
        • Standalone Binaries
        • Systemd Unit
        • Headless
      • Client Installation
    • Custom OS/Device Installs
      • IPFire
    • Installs at Scale
    • Upgrading NoPorts Software
      • NoPorts Client Upgrade
      • NoPorts Daemon Upgrade
    • Available Releases
  • Use Cases
    • SSH
    • SFTP
    • RDP
    • Web Server
    • SMB
    • Be your own VPN
  • Usage
    • npt Usage
    • sshnp Usage
      • Client Additional Configuration
    • sshnpd configuration
      • Daemon Additional Configuration
  • Integrations
    • OpenSSH Config
    • PuTTY config
  • Resources
    • How to activate an atSign
    • Reuse your client atSign on another machine
      • Generate a new set of cryptographic keys
    • How to name a device
    • How to generate SSH keys
    • Why activate the device atSign on the client?
  • Product Information
    • The NoPorts Philosophy
    • NoPorts Desktop Application
    • NoPorts Policy Service
    • Frequently Asked Questions
    • How It Works
    • Under The Hood
    • Sequence Diagram
  • Related Pages
    • Main Site
    • GitHub
Powered by GitBook
On this page
Edit on GitHub
Export as PDF
  1. Installation
  2. Cloud Installation Guides

Automated Installation on Amazon Web Services (AWS)

How to deploy NoPorts on Amazon Web Services using a cloud-init script

PreviousCloud Installation GuidesNextAutomated Installation on Google Cloud Platform (GCP)

Last updated 7 months ago

When launching an instance on EC2 choose settings as usual for the instance type etc.

A security group with no external ports open can be created or reused.

Expand the Advanced details section at the bottom of the Launch an Instance page:

Scroll down to the User data - optional box and paste in your customised YAML e.g.:

#cloud-config
runcmd:
  - # Modify these lines to set the installation specific variables
  - ATCLIENT="@democlient"
  - ATDEVICE="@demodevice"
  - DEVNAME="cloudvm1"
  - OTP="739128"
  - USER="ec2-user"
  - # The rest of the script shouldn't be changed
  - export HOME="/home/${USER}"
  - export SUDO_USER="${USER}"
  - mkdir -p /run/atsign
  - cd /run/atsign
  - VERSION=$(wget -q -O- "https://api.github.com/repos/atsign-foundation/noports/releases/latest" | jq -r .tag_name)
  - wget https://github.com/atsign-foundation/noports/releases/download/${VERSION}/universal.sh
  - sh universal.sh -t device -c ${ATCLIENT} -d ${ATDEVICE} -n ${DEVNAME}
  - /usr/local/bin/at_activate enroll -a ${ATDEVICE} -s ${OTP} -p noports -k /home/${USER}/.atsign/keys/${ATDEVICE}_key.atKeys -d ${DEVNAME} -n "sshnp:rw,sshrvd:rw"
  - chown -R ${USER}:${USER} /home/${USER}/.atsign

Which will end up looking something like this:

The VM config should now be ready for Launch instance

After a few minutes the APKAM key can be approved:

at_activate approve -a @demodevice --arx noports --drx cloudvm1

If the VM isn't quite ready you'll see:

Found 0 matching enrollment records
No matching enrollment(s) found

Waiting a little longer and retrying should produce a successful approval:

Found 1 matching enrollment records
Approving enrollmentId 0bd3613d-d3e2-45b3-b175-8cab06c9bad0
Server response: AtEnrollmentResponse{enrollmentId: 0bd3613d-d3e2-45b3-b175-8cab06c9bad0, enrollStatus: EnrollmentStatus.approved}

The VM is now ready for connection with the NoPorts client.