This the multi-page printable view of this section. Click here to print.

Return to the regular view of this page.

Setup dess on AWS (Amazon Web Services) Platform

Step-by-Step setup of dess on AWS (Amazon Web Services)

    Step-by-Step setup of dess in AWS

    In this step-by-step guide I will walk you through all steps required to setup your own private dess using AWS. Please use the index to skip some steps in case you have already completed them.

    Table of contents

    Pre-requisites

    • Registered @sign(s) to setup
    • An AWS account
    • A Fully Qualified Domain Name (FQDN)

    1. Registering your @sign

    This topic is already well documented. Please follow the guidance of Our FAQs and register via the registrar site.

    2. Sign-up for AWS account

    If you are new to AWS, signing up for an account is free! The cost of running dess is about 10$/month. You can create your account at https://aws.amazon.com/ and as of June 6th, 2021 there is a “free tier” available which was used during the making of this guide.

    aws-free-trial

    Follow the instructions on screen.

    aws-sign-up

    Once you are done with registration, you will be able to login to your aws console.

    Make sure that you select the correct region in the top right corner.

    aws-region

    Select the region that is geographically closest to your location for best performance.

    You are now setup on AWS and ready to prepare dess.

    3. Register your own fully qualified domain name (FQDN)

    This step can be performed at a variety of sites, all with different pricing models. You can use sites like Go Daddy, Namecheap, and many others. However, since we have AWS account, we can use it to register our domain through the Route 53 service.

    In your AWS console navigate to services in top left corner and select Route 53.

    a) Register domain name with AWS.

    In your AWS console search for Route 53.

    aws-route53

    You can start looking for your domain directly from here:

    image-20210726083635919

    Based on the domain name you search, AWS will give you similar options, and their pricing. As I am looking for the best deal, the .link domain seems like a good option at a cost of 5$ / year.

    In my case 4atsign.link is free and I will register it by clicking “Add to cart” and continue.

    img

    Fill out DNS registration form:

    img

    Continue review details and order. At this point if all is fine you should see your domain request pending:

    img

    This can take some time so why don’t we move on to next step!

    4. Preparing AWS instance

    Now since I am new to AWS, the easiest way to get started is by using the LightSail service from service catalog. This will enable you to deploy small system which is more then capable of handling dess at pre-set price.

    img

    Welcome to LightSail:

    img

    First step is to create new instance. Fortunately, we have big orange button that can do just that!

    There are several options we are presented at this moment. Since I am living in Europe I select “Frankfurt, Zone A (eu-central-1a)” as my instance location. Instance region will dictate how well will your instance response based on your geographical location. People located in India should selects APAC region where as people in US should select North America region. You can leave availability zone set as default.

    img

    Next up will be selection of operating system we want to deploy. We know that dess works well with Ubuntu 20.04 LTS so lets select just that.

    img

    You are presented with couple more options, but unless you know what you are doing leave these as is.

    img

    Now let’s select instance plan. dess is relatively light weight so for testing purposes I will select first instance plan for 3.5$/Month. This will provide us with 512 MB of RAM, 1vCPU, 20GB of storage and 1TB of data transfer. This is more then enough to run our dess.

    img

    Lastly we have to name our instance. This is the name you will be presented with in your dashboard.

    img

    Last but not least is to press “Create instance”

    img

    After a couple of seconds you should be re-routed to your dashboard and see your instance up and running:

    img

    5. Preparing your instance for network access

    a) Assignment of Static IP

    Next up, is to provide our instance with a static IP and linking our domain to it.

    When you click on your instance name, it will take you to the management console, which should look like this:

    img

    This is where you control hardware, connectivity and if needed can delete your instance.

    Lets configure a static IP address for your new instance. Navigate to Networking and click on Create static IP:

    img

    Our region and instance is selected, so the only thing left is to name our static IP. I selected the name atsign-static, but it can be any name you like.

    img

    Lets hit create:

    img

    And voila, we now have a static IP address on the internet and it will not change. Now we can link our domain name with it.

    img

    When you click on your instance name and navigate to Networking, the static IP is now assigned.

    img

    b) Assignment of Domain name to your static IP

    We can now move on to linking our static IP address to our domain. This is done via the AWS console which can be accessed in the top right of Lightsail.

    img

    Verify your email used for registering domain:

    By now you should receive verification email that will confirm registration of your domain. Click this link before moving on.

    Linking domain with your static address:

    Lets navigate to “Route 53” from Services menu.

    img

    From your dashboard click on “Domain” which will take you to the “Registered Domains” tab.

    img

    Here you can click on your registered domain which will take you to overview page with domain status and contacts.

    img

    Click on “Manage DNS”

    img

    And click on your domain name.

    This will show you your DNS records for your domain. We now need to link A type record to your domain linking it to IP address of your instance.

    This is done simply by typing your static IP address from previous step into field “Value” and clicking Create record:

    img

    If everything goes well you should see following in your domain dashboard:

    img

    To test if you are successful open command line and ping your domain. You should see your instance static IP address. It will not respond which is normal due to IPv4 firewall. It is actually good thing!

    img

    At this point we have created DNS record we will use to link our dess, we created instance name which will be running our dess and we have opened port range which is exposed to the internet and we can communicate with @sign root server and our apps with.

    c) Setting up Firewall

    Next up we need to make sure we have ports open for our dess to communicate with root server and our apps. In Section networking go to section “IPv4 Firewall” and click “+ Add rule” Our rule will be “Custom” on TCP protocol with Port range in number higher then 1024. In my case I have selected port range 8000-8010. This will enable me to run up to 10 @signs in parallel.

    img

    Click create and verify that your new rule is in list:

    img

    6. Instance setup and dess deployment

    Open your LightSail console

    By now you should see your instance in “Running state”

    img

    Open it and on tab Connect click on “Connect using SSH”

    img

    You should be presented by a new window with command line:

    img

    Before we do anything else, we should update the system:

    sudo apt update && sudo apt upgrade
    

    This might take some time, but it will make sure we have latest repository information and the system is up to date.

    Next make sure curl is installed, we will use curl to pull the dess installation file:

    sudo apt install curl
    

    Finally, run the dess installer:

    curl -fsSL https://getdess.atsign.com | sudo bash
    

    Once the installer is finished you should be prompted like so:

    Dess installed, please move on to the sudo dess-create command.
    

    7. Registration of @sign in your private dess

    At this step you should already have your @sign registered at http://atsign.com. If not go do it!

    I have registered my own free @sign (@44likelycanary) which I will link to my dess.

    In your instance console, navigate to dess folder. If you were following this guide it will be located in:

    We now need to create the service that will host our @sign by executing the dess-create command:

    $ sudo dess-create @44likelycanary 4atsign.link 8000 <email address> likelycanary
    

    To make it more understandable:

    I will be registering my @sign @44likelycanary.

    I will be using my domain 4atsign.link which I have registered through AWS.

    I am using port 8000 which I have opened in my instance firewall.

    My registration email address is <email address> (this email is used to sign the SSL certificates).

    The last likelycanary is the name that docker will use to track the service.

    If everything is successful you should see output like this:

    img

    At this moment your @sign is registered on your dess.

    8. Activation of @sign

    Next up we need to activate it

    Login to your dashboard at https://my.atsign.com/dashboard

    Open “my @signs”

    img

    Open “managed” of @sign you are registering”

    img

    Navigate to Advance settings:

    img

    If you have already activated your @sign you will be prompted to erase all your data first

    img

    Once done you are able to link your @sign with your private dess. Use your domain and port number with which you have created service on your cloude instance and press Activate.

    img

    You should see that your @sign is being activated in your dashboard:

    img

    This can take several minutes so go get cup of coffee, some tea maybe, stretch your body and pray you haven’t made any mistakes!

    Once the activation process completes you are welcomed by green Activated.

    img

    You can now open @buzz or @wavi and register your @sign via QR code and generate your keys!

    CONGRATULATIONS