4.2 KiB
4.2 KiB
AWS CLI, Session Manager & Database Access Guide
1. Setup
- Download AWS CLI
- Download AWS Session Manager Plugin
- Generate Key for KCCB
Production: (Run in systemctl)
- cd /etc/systemd/system
- vi IB.service
[Unit]
Description= Internet Banking Frontened Application in Node
After=network.target
[Service]
# Use absolute path for node or npm
User=ib_new
Group=ib_new
WorkingDirectory=/home/ib_new/IB
Environment=PATH=/home/ib_new/.local/bin:/home/ib_new/bin:/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/opt/node-v20.19.5-linux-x64/bin
ExecStart=/opt/node-v20.19.5-linux-x64/bin/npm start
Restart=on-failure
RestartSec=5
Environment=NODE_ENV=production
Environment=PORT=3000
SuccessExitStatus=143
[Install]
WantedBy=multi-user.target
<All value are changed as per domain>
- sudo systemctl status IB
- sudo systemctl start IB
- sudo journalctl -u IB
- sudo systemctl stop IB
- sudo systemctl restart IB
Machine
UAT (IB- frontend Test) : i-0b55435e15425f1c3
Linux : i-0c850dcf8b85b1447 (Test)
# Prod : i-088e64c3435cb5078 (For IB & MB) --old
Prod : i-070a81f88a984f7c6 (For IB and MB)
Mobile banking Prod DB: i-086d4cb13afc2cd83 //IB user: ib_new psw: ib_new
2. list of Port :
- 8686 (fetch the customer details)
- 5432 (postgres)
- 8080 (IB- backend port)
- 8688 (fetch the account statement)
- 8687 (for customer name fetch in CBS -- when add beneficiary)
- 8689 (payment port)
- 6379( redis port)
3. Port Forwarding
API (localhost → EC2:8080)
aws ssm start-session --target i-0c850dcf8b85b1447 --document-name --profile kccb AWS-StartPortForwardingSession --parameters "portNumber"=["8080"],"localPortNumber"=["8080"]
PostgreSQL (localhost:5431 → EC2:5432)
aws ssm start-session --target i-0c850dcf8b85b1447 --document-name --profile kccb AWS-StartPortForwardingSession --parameters "portNumber"=["5432"],"localPortNumber"=["5431"]
CBS (localhost → EC2:8686)
aws ssm start-session --target i-0c850dcf8b85b1447 --document-name --profile kccb AWS-StartPortForwardingSession --parameters "portNumber"=["8686"],"localPortNumber"=["8686"]
Database Access
aws ssm start-session --target i-0c850dcf8b85b1447 --profile kccb
4.PostgreSQL Commands
# Connect as postgres
psql -U postgres
# List all databases
\l
# Connect to kmobile
psql -U admin -d kmobile
# Password: kmobile
# Query data
SELECT * FROM users;
# Expanded display
\x
# See all tables
\d
# Table details
\d users;
# Switch database with specific user
\c kmobile_banking kmobile_app_rw
# Grant permissions
grant select, insert, update, delete on table admin to kmobile_app_rw;
5. Linux Machine Access
# Run the .bat file first
ssh username@localhost
# Enter your password
6.Copy File from Local → Linux
scp -P 9022 Smsservice/smsserviceapplication.jar <username>@localhost:/home/<username>
# ssh nabanita@localhost -p 9022
7.About Backend
- If user "is_first_login" = true means Users did not login in IB.
- ib_access_level or mb_access_level
- 0 → Disabled
- 1 → Transaction
- 2 → Read Only -null → not configured consider as disabled
8. NGINX setup:
-
sudo vi /etc/nginx/conf.d/ib.conf
-
sudo cat /etc/nginx/conf.d/ib.conf
server {
listen 80;
server_name _;
return 301 https://$host$request_uri; # redirect all HTTP to HTTPS
}
server {
listen 443 ssl;
server_name _;
ssl_certificate /etc/nginx/ssl/IB.crt;
ssl_certificate_key /etc/nginx/ssl/IB.key;
# Your chosen log files
error_log /var/log/nginx/ib_error.log warn;
access_log /var/log/nginx/ib_access.log;
location / {
proxy_pass http://localhost:3000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}
- sudo nginx -t
- sudo systemctl reload nginx