expose-localhost 0.5

Expose an app/api running on local host to public internet using AWS EC2

Expose localhost using EC2

Expose an app/api running on local host to public internet using AWS EC2

Requirements

• Access to an AWS account and AWS CLI configured.
• A service/app/api running on a specific port that has to be exposed to public internet.
• [Optional] A domain example.com hosted on route53.

Setup

Environment Variables:

Environment variables can be loaded from a .env file.

Mandatory Arg:

• PORT: Port number that has to be exposed (on which a localhost service/app/api is running)

Optional Args:

• IMAGE_ID: ID of any public AMI with an Ubuntu OS. Defaults to a region specific image ID.
• AWS_ACCESS_KEY: Access key to access AWS resources. Defaults to ~/.aws/config
• AWS_SECRET_KEY: Secret key to access AWS resources. Defaults to ~/.aws/config
• AWS_REGION_NAME: Region name where the instance should live. Defaults to US-WEST-2

Optionally .env files can also be scanned for:

import expose

expose.load_env(scan=True)

Setup a custom endpoint

The public DNS names for EC2 instances are long and messy. To avoid that, an A record can be added to the route53 hosted zone.

:warning:   Requires an active hosted zone on route53.

• DOMAIN: If the domain name is registered using route53. Example: mywebsite.com
• SUBDOMAIN: Sub-domain that has to be added for the domain name. Example: tunnel.mywebsite.com

        :bulb:   This will be the endpoint to access the localhost.

Certificate:

• Securing the tunnel requires the certificate chain and the key file.
• These two files should be saved as cert.pem and key.pem in either ~.ssh/*.pem or within expose repository.
• No certs? No problem. expose will generate a self-signed certificate and a private key automatically.

Generate private SSL certificate

Unfortunately not many SSL certificate providers give the liberty to download key files. But expose, can use private certificates.

:warning:   Some web browsers might throw a warning and some might even block a self-signed certificate/private CA.

To manually generate a self-signed cert:

openssl req -newkey rsa:2048 -new -nodes -x509 -days 3650 -keyout ~/.ssh/key.pem -out ~/.ssh/cert.pem

[OR]

Simply let expose create a self-signed SSL certificate and a private key.

• EMAIL_ADDRESS: Email address to create the self-signed SSL and private key. Defaults to USER@expose-localhost.com
• ORGANIZATION: Organization name for the certificate. Defaults to the AWS endpoint.

Usage

Installation

python3 -m pip install expose-localhost

Start tunneling:

import expose

tunnel = expose.Tunnel()
tunnel.start()

Stop tunneling:

import expose

tunnel = expose.Tunnel()
tunnel.stop()

Troubleshooting

If E: Could not get lock /var/lib/dpkg/lock-frontend occurs during startup, simply rerun the script with start command. This occurs when apt hasn't released the resources yet. Re-running tunnel.start() will simply re-configure the instance.

Coding Standards

Docstring format: Google
Styling conventions: PEP 8
Clean code with pre-commit hooks: flake8 and isort

Release Notes

Requirement

python -m pip install changelog-generator

Usage

changelog reverse -f release_notes.rst -t 'Release Notes'

Linting

PreCommit will ensure linting, and the doc creation are run on every commit.

Requirement

pip install sphinx==5.1.1 pre-commit recommonmark

Usage

pre-commit run --all-files

Pypi Package

https://pypi.org/project/expose-localhost/

Runbook

https://thevickypedia.github.io/expose/

License & copyright

© Vignesh Sivanandha Rao

Licensed under the MIT License