From: dbucklin@sdf.org

From: [email protected]
Date: 2017-11-02
Subject: Shoving off with Lightsail

[Lightsail][1] is basically a stripped-down version of Amazon's EC2
cloud computing service. I've wanted to have a cloud-based instance
for a while, but it seemed that the complexity of setting up EC2
just barely overcame my willingness to commit to such an endeavor.
With Lightsail, I had a cloud-based Debian instance up and running
in just a few clicks. As you might expect, there are a few more
steps to make it *really* fun, so I'll go through my initial steps.

Immediately after setting up my Lightsail Debian instance, I was
able to use the web-based ssh client to connect to it. But I really
wanted to be able to ssh to it from my machine at home, my phone,
and my Raspberry Pi. As with a native machine, [the first thing you
want to do][4] is update the software.

The next thing you want to do is [set up a user account for your-
self][3]. Lightsail sets up an `admin` account for you, but I don't
recommend using that everyday.

`sudo useradd <user>`

Also, add this user to the sudoers group so that you can do things
like install sofware and manage the instance. As I write this, the
procedure is to add the following line to `/etc/sudoers.d/<user>`:

`<user> ALL=(ALL:ALL) ALL`

**Note:** The first time I did this, I messed up the format and
this somehow prevented *anyone* from using sudo. Not having the
root password for the instance, this basically meant that I could
no longer manage the instance. While it's possible to fix this
without trashing the instance, I chose to start over.

Now that I've created my user, I want to be able to use ssh to con-
nect to my Lightsail instance. To do this, Lightsail requires that
you use a keypair stored in a .pem file. Lightsail sets up a de-
fault keypair for you and you can download it from your Account
page. This works out of the box with your default user account
(e.g. `admin`), but you'll need to set it up for use with the user
account you created for yourself.

1. Set a static IP for your instance. *(optional, but recommend-
ed)*
2. Download your pem file from AWS.
3. Run `ssh-keygen -y` locally and give it the path to your pem
file.
4. Back on your Lightsail instance, paste the key into `.ssh/au-
thorized_keys` for your new user.

Now you should be able to ssh to your new user account from your
local machine (or any machine with the pem file) with the follow-
ing:

`ssh -i <pemfile.pem> <user@host>`

If you have a domain sitting around, you can [set up DNS][7]. This
opens up some fun possibilities, but mainly makes it easier to re-
member your hostname.

1. Create a DNS zone in Lightsail
2. Update your registrar with the AWS DNS servers
3. Add an A record to the DNS zone (I took the subdomain off and
it seems to work fine)
4. Wait for the DNS settings to propogate

Now you can log in and install and configure software ([of-
flineimap, msmtp, mutt][5], [weechat][6], pastebins, a gopher serv-
er, bookmark manager, [the list goes on][8]).

*But why wouldn't you set up dynamic DNS and just connect to your
machine at home?*

Well, yeah, I suppose I *could* do that, but it probably wouldn't
be as complicated or expensive, now, would it? Seriously, though,
my home network isn't the most reliable and, frankly, it might ac-
tually be easier to set up a Lightsail instance. Plus, having a box
in the cloud seems so badass and the network speed/latency is mar-
velous.

[1]: https://lightsail.aws.amazon.com
[2]: https://stackoverflow.com/questions/46937957/unable-to-ssh-to-remote-server
[3]: https://aws.amazon.com/premiumsupport/knowledge-center/new-user-accounts-linux-instance/
[4]: https://www.doomd.net/2017/06/a-few-things-to-do-when-first-setting-up-a-lightsail-instance-running-wordpress.html
[5]: https://pbrisbin.com/posts/mutt_gmail_offlineimap/
[6]: https://weechat.org/files/doc/devel/weechat_user.en.html
[7]: https://lightsail.aws.amazon.com/ls/docs/how-to/article/lightsail-how-to-create-dns-entry
[8]: https://github.com/Kickball/awesome-selfhosted