Connect to the previously created EC2 using SSH once it is running
Mount EBS volume and fetch RoostInstaller (this step is taken care by the below command, provided you mention the DISK like DISK=nvme1n1)
curl -s https://roost-stable.s3.us-west-2.amazonaws.com/enterprise/roost.sh | SETUP=1 DISK=<> CUSTOMER=Lacework bash -
This instance will be facing the team members for any Roost activity.
5.1 Configure Roost JSON
vi /var/tmp/Roost/config.json
Sample Config looks like the below
Replace the values to reflect for your organisation, especially DNS, admin_email
Provide at least one set of oAuth client_id/secrets for the 3rd party provider
Update ENV_DATABASE detail to reflect RDS Host, User and Password
Sample config.json
{
"enterprise_name": "MyCompany",
"enterprise_logo": "https://roost.ai/hubfs/logos/LOGO-roost.png",
"enterprise_email_domain": "mycompany.io",
"enterprise_dns": "mycompany.io",
"remote_console_proxy": "mycompany.io",
"admin_email": "admin@mycompany.io",
"email_sender": "noreply@mycompany.io",
"email_sender_pass": "",
"email_smtp_host": "",
"email_smtp_port" : 465,
"load_balancer": "true",
"enterprise_ssl_certificate_path": "/var/tmp/Roost/certs/server.cer",
"enterprise_ssl_certificate_key_path": "/var/tmp/Roost/certs/server.key",
"ENV_SERVER": {
"DEFAULT_PORT": 3000,
"JWT_SECRET": "32-character-secure-long-secret",
"GOOGLE_CLIENT_ID": "",
"GOOGLE_CLIENT_SECRET": "",
"AZURE_CLIENT_ID": "",
"AZURE_CLIENT_SECRET": "",
"GITHUB_CLIENT_ID": "",
"GITHUB_CLIENT_SECRET": "",
"LINKEDIN_CLIENT_ID": "",
"LINKEDIN_CLIENT_SECRET": "",
"OKTA_CLIENT_ISSUER": "",
"OKTA_CLIENT_ID": "",
"OKTA_CLIENT_SECRET": ""
},
"is_own_sql": "true",
"ENV_DATABASE": {
"MYSQL_HOST": "mysqldb_host_url",
"MYSQL_PORT": 3306,
"MYSQL_USERNAME": "Roost",
"MYSQL_PASSWORD": "Roost#123",
"MYSQL_ROOT_PASSWORD": "Admin#123",
"MYSQL_DB_NAME": "roostio"
}
}
Next step is to Start the Roost Control Plane
7. Start Roost Control Plane Server
<< AWS Route 53, ALB, ACM Setup Start Control Plane >>