Enterprise solution

On-prem offering that include advanced security, monitoring, performance features and more.

Enterprise solution

On-prem offering that include advanced security, monitoring, performance features and more.

Enterprise solution

On-prem offering that include advanced security, monitoring, performance features and more.

Welcome to the on-premise installation instructions for P0 on AWS. Follow this guide to get set up with your own version of P0.

Depending on your use case, please click on the below to navigate to the relevant instructions:

  1. If you have previously setup P0, but have shut down your infrastructure, follow these steps.

  1. If you have not previously setup P0, or have destroyed your old installation, follow these steps.

Case #1: Old setup but box restarted

Case #1: Old setup but box restarted

Step 1: Start the box previously shutdown with p0 setup done

Once the box is up and initialised completely, Follow below steps to verify the Route 53 records:

  1. Verify the private hosted zone on Route 53

  • Select the top level domain on which the P0 Platform is configured (ex. rupeek.com). Make sure the the type column of the table for the domain is set to “Private

  • Once you click in the domain in previous step, you will see a list of records in that top level domain. Select/Search the domain on which the P0 platform was installed previously (ex: p0-poc.rupeek.com)

  • Select the record identified in the previous step, and then verify the value mentioned in the right side panel. It should match the private IP of the instance that you just restarted.. If it’s not matching, Click on “Edit Record” to update the entry. Set the TTL as 30 and click Save.

  1. Verify the private hosted zone on Route 53

  1. Verify the public hosted zone on Route 53

  • Select the top level domain on which P0 Platform is configured (ex. rupeek.com). Make sure the Type is set to “Public” for the domain.

  • Once you click on the domain in the previous step, you will see a list of records in that top level domain. Select/Search the domain on which the P0 platform was installed previously (ex: p0-poc.rupeek.co)

  • Select the record identified in previous step, and then verify the value mentioned in the right side panel. It should match the public IP of the instance just started. If it’s not matching, Click on “Edit Record” to update the entry. Set the TTL as 30 and click Save.

  1. Verify the private hosted zone on Route 53

If you updated the record, please wait for the time mentioned in the TTL (in this case, 30 seconds) before proceeding to the next step

Step 2: Once the box is restarted and above verification is done

You can now login with the previously configured domain through the browser through the option “Continue with Github”. (Ex: http://p0-poc.rupeek.co/login)

Step 3: Updating the P0 platform

Once you have logged in, You will see an update banner on top of the page. Simply click the button “Update” to start the update process.

Clicking "Update" will start the update process and will take you to the update page temporarily.

This may take up to 5 mins to complete, after which you will automatically get redirected to the onboarding page. You can now run your scans again.

Case #2: Fresh setup with AWS

Case #2: Fresh setup with AWS

Before you get started with this setup, make sure you have access to the following:

Depending on your use case, please click on the below to navigate to the relevant instructions:

  1. Infrastructure

    • You need permissions to start your own EC2 instance. We recommend t2.medium with 40GB storage

  2. Route 53 / DNS Provider

    • You need to be able to add a sub-domain to your current domain.

  3. Github Application (admin access)

    • You need to be able to create a Github application within your organization or account

    • This is so that we can check out your code onto your own premises.

  4. InBound Traffic on the infrastructure set up in 1

    • This is so that the Github application can authenticate.

Step 1: Set up a computer
  1. Go to AWS Console: https://console.aws.amazon.com/console/home

  2. Login

  3. Select the Region where your database and API server are

  4. Go to EC2 —> Instances —> Launch New Instance

  5. Select “Browse more AMIs”

  6. Click on “Community AMIs”

  7. Search for p0.Inc-OnPremise

  1. Select p0.Inc-OnPremise

  2. Select t2.medium as Instance type

  3. Take note of the key pair (or create a new one). You will need this to SSH into the box later.

  4. In Network settings select

    1. Allow SSH traffic from Anywhere

    2. Allow https traffic from the internet

    3. Allow http traffic from the internet

  5. Go to Configure Storage

    1. Insert 40 Gib

  6. Then press Launch Instance

  7. Once the instance has launched, take a note of the Public IPv4 Address. You will need this for the final step.

Step 2.a: Connect your domain

This will be where your version of p0 will be hosted. Pick something clear like - p0.<YOUR_DOMAIN>.com

  1. Take the IP address of the computer you just created

  2. Go to your DNS provider (GoDaddy, NameCheap, Route53 etc)

  3. You should typically see a table like the below, where you will add an A Record and the Value is the IP address of the computer you just created.

    1. Name the A Record something like p0. The full form will then be p0.<YOUR_DOMAIN>.com

    2. Note down the domain name. You will need this for the final step.

Step 2.b: Configure in bound access for Github

Once the box is up and initialised completely, Follow below steps to verify the Route 53 records:

  1. Configuring Security Group to allow access from Github for callback URL.

  • Once the Security Group configuration is loaded, Click on “Edit Inbound Rules”

  • Add a new inbound rule to allow 80 or 443 from all IP addresses. If this rule already exists, You can ignore this step. Click “Save Rule” to reflect the changes.

  1. Configure the private hosted zone on Route 53

  • Select the top level domain on which the P0 Platform is configured (ex. rupeek.com). Make sure the the type column of the table for the domain is set to “Private

  • Once you click in the domain in previous step, you will see a list of records in that top level domain. Select/Search the domain on which the P0 platform was installed previously (ex: p0-poc.rupeek.com)

  • Click on the “Create Record” button

  • Fill in the details like which sub-domain you want to host p0 platform on. (Ex. p0-poc), add the private IP of the instance in the value. Adjust the TTL to 30 Seconds for easier / fast future updates. Finally, click on “Create Record” to save the configuration.

  1. Verify the private hosted zone on Route 53

  1. Configure the public hosted zone on Route 53

  • Select the top level domain on which P0 Platform is configured (ex. rupeek.com). Make sure the Type is set to “Public” for the domain.

  • Once you click on the domain in the previous step, you will see a list of records in that top level domain. Select/Search the domain on which the P0 platform was installed previously (ex: p0-poc.rupeek.com)

  • Select the record identified in previous step, and then verify the value mentioned in the right side panel. It should match the public IP of the instance just started. If it’s not matching, Click on “Edit Record” to update the entry. Set the TTL as 30 and click Save.

  • Click on the “Create Record” button

  • Fill in the details like which sub-domain you want to host p0 platform on. (Ex. p0-poc), add the public IP of the instance in the value. Adjust the TTL to 30 Seconds for easier / fast future updates. Finally, click on “Create Record” to save the configuration.

  1. Verify the private hosted zone on Route 53

If you updated the record, please wait for the time mentioned in the TTL (in this case, 30 seconds) before proceeding to the next step

Step 3.a: Create your own Github application

You need to create a Github application that allows access to your repositories. This will be an application *you* control to ensure code does not leave your cloud.

Note: You need to be an Owner of the organization

Note: Select the protocol for your application. If you are using it for internal purposes, select HTTP, else select HTTPS.

This will take you to your Github organization to finish the process of creating the Github application

Step 3.b: Generate private key for Github application

You need to create a Github application that allows access to your repositories. This will be an application *you* control to ensure code does not leave your cloud. Please take not of your Github application ID

Step 4: Download & run scripts
  1. You will have to SCP the github .pem file which you downloaded onto the computer you set up in step 2 using the SSH key you created in step 1 (these are two different .pem files)

    • scp -i /path/to/private-key.pem /path/to/local/github.pem ubuntu@public_ip_from_step_1:/home/ubuntu/

  2. SSH into your computer, using the key pair from Step 3

    • ssh -i "/path/to/private-key.pem" ubuntu@public_ip_from_step_1

    • You might need to run this with sudo - sudo ssh -i "/path/to/private-key.pem" ubuntu@public_ip_from_step_1

  3. cd p0Setup

  4. Run the install script, and fill in all of the information when prompted

    • ./install.sh

  5. You will be prompted for your

    • Protocol (http or https)

    • Domain (from Step-2)

    • Github Application ID - from the Github Application you created

    • Github Application Name - from the Github Application you created

    • Github Private Key, which you can enter like this /home/ubuntu/your_github_key.pem

  6. Wait for the script to run (should take 30 seconds)

  7. This is what it should look like once the installation has succeeded

  1. If there is an error, it is likely because of your domain - simply run the install script again, it should work.

  2. Then visit your domain and login!

Contact us

Contact us

If you are facing any trouble setting up your on-prem application, reach out to us at contact@p0.inc

© 2024 p

0

. All rights reserved.

/

© 2024 p

0

. All rights reserved.

/

© 2024 p

0

. All rights reserved.