How To

How to Open SSH, HTTP, and HTTPS Firewall Ports on AWS Lightsail

Below is a detailed, easy-to-understand user guide on how to open the firewall ports for SSH, HTTP, and HTTPS on an AWS Lightsail instance. Purpose: • Open the SSH port (22) to securely connect to the server remotely. • Open the HTTP port (80) to allow access to your website using the standard HTTP protocol. • Open the HTTPS port (443) to allow secure, encrypted access to your website. Requirements: • You have an AWS account and have already created a Lightsail instance. • You are logged into your AWS account. Step-by-Step Instructions: Step 1: Log in to AWS Lightsail 1. Open your web browser and go to the Lightsail console: https://lightsail.aws.amazon.com/ 2. Log in with your AWS credentials. Step 2: Select Your Instance 1. Once logged in, you will see a list of your Lightsail instances. 2. Click on the name or icon of the instance where you want to open the ports. Step 3: Go to the Networking Section 1. On the instance detail page, look for the top navigation tabs. 2. Click on the “Networking” tab to access the networking and firewall settings. Step 4: Add Firewall Rules 1. Scroll down to find the “Firewall” section. 2. You will see an area where you can add new rules by clicking “Add another” or a similar button. Step 5: Add the SSH Port (22) 1. Click “Add another”. 2. From the dropdown list, if available, select “SSH.” Otherwise, select “Custom” and manually enter the port number 22. 3. Click “Save” or the corresponding button to save the rule. Step 6: Add the HTTP Port (80) 1. Click “Add another” again. 2. From the dropdown list, choose “HTTP” if it’s available. If not, select “Custom” and enter 80 in the port range. 3. Click “Save” to save the rule. Step 7: Add the HTTPS Port (443) 1. Click “Add another” once more. 2. Select “HTTPS” from the list. If not listed, choose “Custom” and enter 443. 3. Click “Save” to finalize the rule. Step 8: Verify and Complete 1. After adding the three ports—22, 80, and 443—double-check that all rules appear correctly. 2. Lightsail will automatically apply the changes; no further configuration is needed. Result: You have successfully opened the SSH (22), HTTP (80), and HTTPS (443) ports on your AWS Lightsail instance. You can now: • Connect to the server via SSH on port 22. • Access your website at http://your-server-ip via port 80. • Access your website securely at https://your-server-ip via port 443. That’s it! With just a few steps, you’ve configured the firewall to allow the necessary ports for SSH, HTTP, and HTTPS on AWS Lightsail.

How to Create an AWS Lightsail Full Access Key

1. Log In to the AWS Console 1. Open your web browser and go to https://us-east-1.console.aws.amazon.com/iam/home 2. Click Sign In to the Console. 3. Enter your AWS account credentials (Root user or IAM user with admin privileges) 2. Create the “LightsailFullAccess” Policy 1. In the AWS Management Console, go to the IAM service (type IAM into the search bar if you don’t see it right away). 2. In the left-hand menu, click Policies. 3. Click the Create policy button at the top. 4. Select a creation method: You can create your policy using either the Visual editor or JSON. Using the Visual Editor (Optional) 1. Under Service, search for Lightsail and select it. 2. Under Actions, choose All Lightsail actions (or select the specific actions you need). 3. Under Resources, select All resources (or specify resources if you want to limit access). 4. Click Next to proceed. Using JSON (Optional) { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "lightsail:*" ], "Resource": "*" } ] } 1. Click Next to review the policy. 2. Enter a Name for your policy. In this case, LightsailFullAccess. 3. Enter an optional Description if you’d like. 4. Click Create policy. 3. Create an IAM user 1. Go to the IAM dashboard again. 2. In the left-hand menu, select Users. 3. Click Add users. 4. In the User name field, type: lightsail_flashpanel. 5. Click Next 4. Attach the “LightsailFullAccess” Policy to the User 1. On the Set permissions page, select Attach existing policies directly. 2. In the search bar, type: LightsailFullAccess (the policy you just created). 3. Check the box next to the policy. 4. Click Next: Tags. (Optionally, add tags if needed.) 5. Click Next: Review. 6. Review the details, then click Create user. 5. Generate an Access Key After creating the user, you’ll need to manually generate an access key: 1. Return to the Users list in IAM. 2. Click on the lightsail_flashpanel user you just created. 3. Go to the Security credentials tab. 4. Scroll down to the Access keys section. 5. Click Create access key. 6. Copy or download the Access key ID and Secret access key and store them securely. Important: You won’t be able to view the secret key again once you close the window.

How to Use ncdu to Analyze Disk Usage

This guide explains how to use ncdu (NCurses Disk Usage) on Ubuntu to browse, analyze, and manage disk space. With ncdu, you can easily identify large files and directories, navigate through your filesystem, delete unnecessary files, and free up disk space. Step 1: Launch ncdu 1. Open your terminal. 2. Run the following command to start ncdu in the current directory: ncdu ncdu will scan the directory and its subdirectories, displaying a list of files and folders sorted by size. 3. If you want to scan a specific directory, use: ncdu /path/to/directory Replace /path/to/directory with the directory you want to analyze. Step 2: Understanding the Interface After ncdu finishes scanning, you will see: - A list of files and directories, sorted by size (largest at the top). - The total size of the scanned directory displayed at the top of the interface. - File and directory sizes are displayed on the left. Step 3: Navigating in ncdu Use the following keys to navigate within ncdu: - Up/Down Arrow Keys: Move up or down through the list. - Enter: Open (navigate into) a directory or view the contents of a file. - Left Arrow: Go back to the parent directory. - Right Arrow: Open a directory (same as Enter). Step 4: Deleting Files or Directories To delete unwanted files or directories: 1. Navigate to the file or directory you want to delete using the arrow keys. 2. Press d (delete) on your keyboard. 3. Confirm the deletion when prompted. Warning: Be careful when deleting files, as this action is irreversible. Step 5: Quit ncdu To exit ncdu, press q on your keyboard. Example Commands - Scan the root directory (requires sudo): sudo ncdu / - Analyze a specific directory (e.g., /var): ncdu /var Conclusion ncdu is a powerful and user-friendly tool for managing disk space on Ubuntu. By navigating through directories and identifying large files, you can efficiently free up space. Always double-check files before deletion to avoid accidentally removing important data.

Deploying Laravel Reverb with Nginx as Proxy

Laravel Reverb is a real-time broadcasting solution using WebSockets. This guide explains how to set up and deploy Laravel Reverb in a production environment using Nginx as a reverse proxy. There are two deployment options: using a subdomain (e.g., ws.domain.com) or using a subpath (domain.com/ws). Option 1: Using a Subdomain (ws.domain.com) 1. Create a WebSocket Subdomain - In FlashPanel, create a new website for ws.domain.com. - Set the proxy port to 8080. 2. Configure .env File Add the following environment variables in your Laravel project: REVERB_APP_ID=123456 REVERB_APP_KEY=this_is_app_key REVERB_APP_SECRET=this_is_app_secret REVERB_HOST="ws.domain.com" REVERB_PORT=443 REVERB_SCHEME=https 3. Configure Nginx for WebSocket - In FlashPanel, go to ws.domain.com** > Nginx tab**. - Click "Add Custom Config (server)" and add the following configuration: location /app { proxy_http_version 1.1; proxy_set_header Host $http_host; proxy_set_header Scheme $scheme; proxy_set_header SERVER_PORT $server_port; proxy_set_header REMOTE_ADDR $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "Upgrade"; proxy_pass http://0.0.0.0:8080; } Option 2: Using a Subpath (domain.com/ws) 1. Configure .env File REVERB_APP_ID=123456 REVERB_APP_KEY=this_is_app_key REVERB_APP_SECRET=this_is_app_secret REVERB_HOST="localhost" REVERB_PORT=8080 REVERB_SERVER_HOST="127.0.0.1" REVERB_SERVER_PORT=8080 REVERB_SCHEME=http VITE_REVERB_APP_KEY="${REVERB_APP_KEY}" VITE_REVERB_HOST="domain.com" VITE_REVERB_PORT="443" VITE_REVERB_SCHEME="${REVERB_SCHEME}" 2. Configure Laravel Echo (JS) Modify your JavaScript Echo configuration: window.Echo = new Echo({ broadcaster: "reverb", key: import.meta.env.VITE_REVERB_APP_KEY, wsHost: import.meta.env.VITE_REVERB_HOST, wsPort: import.meta.env.VITE_REVERB_PORT ?? 80, wssPort: import.meta.env.VITE_REVERB_PORT ?? 443, wsPath: "/ws", // <==== add this line forceTLS: (import.meta.env.VITE_REVERB_SCHEME ?? "https") === "https", enabledTransports: ["ws", "wss"], }); 3. Configure Nginx for WebSocket - In FlashPanel, go to domain.com** > Nginx tab**. - Click "Add Custom Config (server)" and add the following configuration: location /ws { proxy_http_version 1.1; proxy_set_header Host $http_host; proxy_set_header Scheme $scheme; proxy_set_header SERVER_PORT $server_port; proxy_set_header REMOTE_ADDR $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "Upgrade"; proxy_pass http://0.0.0.0:8080; } location /ws/app { proxy_http_version 1.1; proxy_set_header Host $http_host; proxy_set_header Scheme $scheme; proxy_set_header SERVER_PORT $server_port; proxy_set_header REMOTE_ADDR $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "Upgrade"; proxy_pass http://0.0.0.0:8080/app; } Final Steps - Restart Nginx to apply the changes. - Ensure Laravel Reverb is running with the correct .env settings. - Test WebSocket connectivity using a WebSocket client or browser console. This guide ensures a proper setup for deploying Laravel Reverb using either a subdomain or a subpath with Nginx as a reverse proxy.