- The Debian wiki contains the Debian EC2 landing page
- The available Debian AMIs are listed on the Debian wiki
- Find the corresponding AMI name (eg
debian-11-amd64-20230124-1270
) for the Debian AMI for amd64 (eg Debian Bullseye)
- Log in to AWS using 2FA
- Navigate to S3
- Find the bucket containing the
*.zstd
backup images
- Find the bucket containing the
- Navigate to IAM
- Confirm that the Offsite Mirror Updater role permits access to the bucket
- Navigate to EC2
- Select the
Images/AMI
tab - Search by
AMI Name
to find the corresponding AMI ID - Select the found AMI ID, and choose
Launch Instance from AMI
- Choose
T2 Micro - Free Tier
- Choose
Create New Keypair
, and save the keypair locally - In
Advanced Details
, choose the Offsite Mirror Updater role as theIAM instance profile
- Select the
- Launch the EC2 instance
- Log in to the EC2 instance
ssh -i id_ed25519.pem admin@ec2-3-96-57-182.ca-central-1.compute.amazonaws.com
- Update distribution and install zstd
sudo apt update
sudo apt install zstd
- Record the name of the bucket in a shell variable
BUCKET
- Install the application from the backup images
sudo mkdir /opt/vaultwarden /opt/passkey
sudo chown admin:admin /opt/vaultwarden /opt/passkey
aws s3 cp s3://$BUCKET/vaultwarden.tar.zstd - | unzstd | tar -C /opt -xf -
aws s3 cp s3://$BUCKET/passkey.tar.zstd - | unzstd | tar -C /opt -xf -
- Select a TCP port used by the client host to forward to the application host (eg 5555)
- Select a TCP port used by the application to listen for connections (eg 6666)
- Run the application:
DOMAIN=http://127.0.0.1:5555 ROCKET_PORT=6666 /opt/passkey/home/bin/vaultwarden
- Run a local port forwarder on the client host
ssh -i id_ed25519.pem admin@ec2-3-96-57-182.ca-central-1.compute.amazonaws.com -L 5555:127.0.0.1:6666
- Connect the client browser to the application
http://127.0.0.1:5555