Forge and Amazon EC2

Hey,

I just did a full setup following this tutorial: http://mattstauffer.co/blog/laravel-forge-hosting-on-aws

It's very straightforward.

You create a new server on Forge using custom VPS and setting the info. Save the command he gives you. Then you login to your AWS console and make sure your security group allows connections from 0.0.0.0 o HTTP, HTTPS, MYSQL, SSH.

Then you login into your VPS as root and run the command for gave you and the server will start provisioning. After that, just use forge. =D

Actually it's not working. I just add a custom VPS, adding was smooth, and forge sent me the server provisioning details. Everything looks normal, it shows ACTIVE in forge until i notice why the default landing site shows blank page.

Then i check the PHP-FPM config file in forge, it is BLANK. Then i check the NGINX config file in forge, it is BLANK. Then to make sure i am not wrong, i SSH to the custom vps via terminal using the credentials gave by forge, i enter php -v and nginx -v, the results show both PHP and nginx are not installed at all on the custom VPS!

I am now just waiting for the solution from Forge, just submit help ticket. This is really not expected.

Any luck on that?

Hi guys, I found the error while running through the installation from Forge.

Apparently a key cannot be added because the name has unrecognized characters or something:

gpg: key E5267A6C: public key "Launchpad PPA for Ond\xc5\x99ej Sur�" imported
gpg: Total number processed: 1
gpg:               imported: 1  (RSA: 1)
Exception in thread Thread-1:
Traceback (most recent call last):
......

The solution is to add the key manually before you run the provisioning script from Forge:

sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-key E5267A6C

Hope this helps

@johnldz You can also set the locale to UTF8 (the issue there is that the default doesn't have character set needed for Ondrej's PPA simply bc of the characters used in that name! Sorta dumb, but that's the state of character encoding in the computer world!)

I do this in Vaprobash base.sh script like so:

sudo locale-gen C.UTF-8
export LANG=C.UTF-8

# Note that I"m referencing user `vagrant` here, you would likely do this for user `ubuntu`
echo "export LANG=C.UTF-8" >> /home/vagrant/.bashrc

@fideloper I've added the settings for locale but I still get the error.

UnicodeDecodeError: 'ascii' codec can't decode byte 0xc5 in position 92: ordinal not in range(128)

Googling the error shows this might be helpful: http://askubuntu.com/questions/393638/unicodedecodeerror-ascii-codec-cant-decode-byte-0x-in-position-ordinal-n - try en_US.utf9 instead of "c.utf-8" (although still read that SO question, might have other useful things to check in your specific server).

Based on that error, I'm not sure it's actually exporting the LANG variable -- it might depend on the content in which you receive that error. If it starts up a new session of BASH and the LANG variable isn't re-exported just before the bash script, then it might just be defaulting back to ascii.

I've had the same issue several times and thought I'd give it one more try on AWS, I noticed the following warning when I SSH in

WARNING! Your environment specifies an invalid locale.
 This can affect your user experience significantly, including the
 ability to manage packages. You may install the locales by running:

   sudo apt-get install language-pack-en
     or
   sudo locale-gen en_AU.UTF-8

To see all available language packs, run:
   apt-cache search "^language-pack-[a-z][a-z]$"
To disable this message for all users, run:
   sudo touch /var/lib/cloud/instance/locale-check.skip

I'm based in Australia and generated the locale based on the instruction given and the build ran fine and is now successfully managed by Forge

sudo locale-gen en_AU.UTF-8

Just got this to work as my "Custom VPS" on forge...as a networking Newbie, I tried to follow Matt's instructions https://mattstauffer.co/blog/laravel-forge-hosting-on-aws exactly, but AWS (and Laravel) have changed, so a few things were different for me now (June 2015). I updated to a base64 (openssl) key pairs and the new cipher AES-256-CBC installed automatically from Laravel 5.1 core framework. I followed the instructions here: https://rietta.com/blog/2012/01/27/openssl-generating-rsa-key-from-command to generate an updated (openssl) key pair since the AWS .pem file technique repeatedly failed. After resetting the env variable APP_KEY to correct (32 bit) length through Forge and installing the ssh certificates via Forge as covered in other places, I configured my Sequel Pro (1.0.2) on Mac Yosemite (X.X.3) OS to tunnel in similarly to how Matt did it in 2014--now working great.

When configuring the Sequel Pro connection, I had to use my EC2 instance's public ip (he used the private IP--that one did not work for me). I have no domain DNS'd onto that IP yet, but I use the newly created private half of the Forge-loaded ssh cert on sequel pro with local path configured on interface panel created with openssl to the public IP as mentioned above, and it works well. (The AWS .pem key pair did not work). The identity file is the standard private part of the openssl key pair file you can generate and extract thru your local terminal. Like Matt in 2014, I use forge (not ubuntu) as both users. Other credentials stayed default (Port 3306) and the database password is the one emailed by Forge (not the Sudo User Password in same email). I removed the mysql port from the AWS security group and my database GUI. I speculate that Sequel Pro continues to connect with the security group lock down since it's tunneling in via ssh as forge vs a true remote mysql connection.

No new relic interface, but other things work mostly as expected now: Cyberduck 4.7 and iTerm (2.1.1) also working as expected with this approach. PHPStorm (9-EAP) works 95%--even PHPStorm's VCS (git) and ssh loads with passphrase unlock parts are functioning through it's embedded terminal module--only nut not cracked is the remote host connection (thru forge provisioned AWS-EC2 instance). Thanks all! This community is always very helpful for us beginners!

For anyone coming here, Forge now handles Amazon provider. Just create a User in IAM (AWS) with proper credentials and provide them to Forge. Forge will take care of the rest.

@rflipo-dev which permissions did you grant the user that you created in AWS? I've currently attached AdministratorAccess, but that's making me feel a little uneasy.

@DMA I know that feeling... I gave him "AmazonEC2FullAccess" permission. I didn't find more restrictive access.

Just did all from last 3 posts and got "Invalid API credentials." Is something broken on Forge - Amazon communication, or am I doing something wrong?

EDIT: Just found out that Amazon account wasn't activated via phone. When that was done, everything works well

I get the same "Invalid API credentials." when I create a new AWS user in https://console.aws.amazon.com/iam/home. My account was activated long ago

I get the following error, but only when using the Virginia region:

The server provider was unable to create your server. Either try contacting your server provider for more details or add a new server provider credential in your account profile.

It works fine in the Oregon region. I can't tell if it's an issue with Forge or somehow the IAM credentials I'm using has an issue in Virginia. I don't think IAM credentials are region-specific, though.

This is an old post that keeps getting resurrected, but seeing this concerns me..

You create a new server on Forge using custom VPS and setting the info. Save the command he gives you. Then you login to your AWS console and make sure your security group allows connections from 0.0.0.0 o HTTP, HTTPS, MYSQL, SSH.

@jrehm I'm having your same problem: it provide server just on Oregon and Virginia

@jrehm @codeclimber The problem for me was max VPC connections in my region. There could be others like max Elastic IPs.

http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Appendix_Limits.html

The problem I am having is, if I use Forge to provision my EC2 instance on AWS, I don't get the .pem file. So I am unable to ssh into the server. I tried everything and all I get is the dreaded public key error.

@pelachile You can just generate ssh key from your personal machine and add the public key on the server through forge. then you can ssh:

 ssh forge@server-ip

Follow this to generate ssh key.

When provisioning via Forge, make sure your Forge 'Region' matches your AWS user 'Region'.

eg. Forge defaults to Virginia. Buton AWS your user might be Ohio. Select Ohio in Forge.

For IAM permissions, EC2FullAccess group/policy will work.