Infrastructure Setup
Step-by-step guide to create cloud infrastructure for Relvy self-hosting
Infrastructure Foundation - Create the AWS infrastructure components that will host your self-hosted Relvy with proper security and networking.
Overview
This section guides you through creating the cloud infrastructure for Relvy self-hosting using AWS as an example. The core self-hosting setup requires an application server and database.
Routing Options
If you have a way to route a subdomain to your Relvy server (e.g., through your existing load balancer, reverse proxy, or direct DNS), you can skip the load balancer and SSL certificate setup. Otherwise, you’ll need to deploy an Application Load Balancer and obtain an SSL certificate for secure access.
Core Components (Required)
EC2 Instance
Self-hosted application with Docker containers
RDS Database
PostgreSQL database for application data
Optional Components (Production)
Application Load Balancer
Traffic distribution and SSL termination
SSL Certificate
Secure HTTPS communication
Step 1: Create Security Groups
Security groups act as virtual firewalls to control network access. We’ll create security groups for the required components, with optional groups for the load balancer setup.
1.1 ALB Security Group (Optional)
Navigate to EC2 Console → Security Groups → Create Security Group
Field | Value |
---|---|
Name | relvy-alb-sg |
Description | Load balancer security group for Relvy App |
VPC | [Your VPC] |
Inbound Rules
Type | Protocol | Port | Source | Description |
---|---|---|---|---|
HTTP | TCP | 80 | 0.0.0.0/0 | HTTP redirect |
HTTPS | TCP | 443 | 0.0.0.0/0 | HTTPS from internet |
Outbound Rules
Type | Protocol | Port | Destination | Description |
---|---|---|---|---|
HTTP | TCP | 80 | [Will add app SG after creating] | To app instances |
Note - We’ll update the outbound rule destination after creating the app security group.
1.2 App Security Group
Navigate to EC2 Console → Security Groups → Create Security Group
Field | Value |
---|---|
Name | relvy-app-sg |
Description | Application server security group for Relvy App |
VPC | [Your VPC] |
Inbound Rules
Type | Protocol | Port | Source | Description |
---|---|---|---|---|
HTTP | TCP | 80 | relvy-alb-sg | From load balancer |
SSH | TCP | 22 | [Your IP]/32 | SSH access |
Outbound Rules
Type | Protocol | Port | Destination | Description |
---|---|---|---|---|
HTTPS | TCP | 443 | 0.0.0.0/0 | HTTPS outbound |
HTTP | TCP | 80 | 0.0.0.0/0 | Package downloads |
DNS | UDP | 53 | 0.0.0.0/0 | DNS resolution |
1.3 Database Security Group
Navigate to EC2 Console → Security Groups → Create Security Group
Field | Value |
---|---|
Name | relvy-db-sg |
Description | Database security group for Relvy |
VPC | [Your VPC] |
Inbound Rules
Type | Protocol | Port | Source | Description |
---|---|---|---|---|
PostgreSQL | TCP | 5432 | relvy-app-sg | Database access from application only |
Outbound Rules
- None (databases don’t need outbound access)
1.4 Update ALB Security Group
Now update the ALB security group’s outbound rule:
- Navigate to EC2 Console → Security Groups
- Select
relvy-alb-sg
- Click Edit outbound rules
- Update the HTTP rule destination to
relvy-app-sg
Step 2: Create Application Load Balancer (Optional)
If you have a way to route a subdomain to your Relvy server (as mentioned in the Routing Options above), you can skip this step. Otherwise, create a load balancer for production use.
Navigate to EC2 Console → Load Balancers → Create Load Balancer
2.1 Basic Configuration
Field | Value |
---|---|
Name | relvy-alb |
Scheme | Internet-facing |
IP address type | IPv4 |
2.2 Network Configuration
Field | Value |
---|---|
VPC | [Your VPC] |
Mappings | Select 2 public subnets in different AZs |
Security Groups | Remove default, Add relvy-alb-sg |
2.3 Create Target Group
- Click “Create target group” (opens in new tab)
- Configure as follows:
Field | Value |
---|---|
Target type | Instances |
Target group name | relvy-app-tg |
Protocol | HTTP, Port: 80 |
VPC | [Your VPC] |
Health check path | /health |
Important - Don’t register targets yet. We’ll do this after creating the EC2 instance.
2.4 Configure Listener
Field | Value |
---|---|
Listener | HTTP:80 |
Default action | Forward to relvy-app-tg |
2.5 Review and Create
Review the configuration and create the ALB. Note down the ALB DNS name: relvy-app-alb-xxxxxxxxx.us-west-2.elb.amazonaws.com
Save This - You’ll need the ALB DNS name for domain configuration in the next step.
Step 3: Create EC2 Instance (Core Component)
This is the main application server. You can access Relvy directly through this instance if you don’t need a load balancer.
Navigate to AWS Console → EC2 → Instances → Launch Instance
3.1 Basic Configuration
Field | Value |
---|---|
Name and tags | Name: relvy-app-ec2 |
Application and OS Images (AMI) | Amazon Linux 2023 AMI (64-bit x86) |
3.2 Instance Type
Field | Value |
---|---|
Instance family | General purpose |
Instance type | t3.xlarge |
3.3 Key Pair
Option A: Create new key pair
- Click Create new key pair
- Name:
relvy-app-key
- Key pair type: RSA
- Private key format: .pem
- Click Create key pair and download
Option B: Use existing key pair
- Select from dropdown if you already have one
Security - Keep your private key secure. You’ll need it to SSH into the instance.
3.4 Network Settings
Field | Value |
---|---|
VPC | [Your VPC] |
Subnet | [Select a subnet in the same AZ as target group] |
Auto-assign public IP | Enable (for ssh) |
Firewall (Security groups) | Select existing security group relvy-app-sg |
3.5 Storage Configuration
Field | Value |
---|---|
Root volume (gp3) | Size: 100 GiB |
3.6 Launch Instance
Review and launch the instance. Wait for it to reach the “Running” state.
3.7 Register with Load Balancer (Optional)
If you created a load balancer in Step 2:
- Navigate to EC2 → Target Groups
- Select your target group (
relvy-app-tg
) - Click Register targets
- Select your new instance
- Port: 80
- Click Include as pending below → Register pending targets
If you’re not using a load balancer, you can access Relvy directly via the EC2 instance’s public IP address.
Step 4: Create RDS Instance
4.1 Create Database Instance
Navigate to RDS Console → Databases → Create database
4.1.1 Database Creation Method
- Standard create (not Easy create)
4.1.2 Engine Options
Field | Value |
---|---|
Engine type | PostgreSQL |
Version | PostgreSQL 17.4-R2 (or latest) |
4.1.3 Templates
- Production (for best practices)
4.1.4 Settings
Field | Value |
---|---|
DB instance identifier | relvy-app-db |
Master username | postgres |
Master password | [Generate strong password - save this securely] |
Important - Save the database password securely. You’ll need it for application deployment configuration.
4.1.5 Instance Configuration
Field | Value |
---|---|
DB instance class | db.t3.medium (2 vCPU, 4 GB RAM) |
Storage type | General Purpose SSD (gp3) |
Allocated storage | 50 GB |
Storage autoscaling | Enable |
Maximum storage threshold | 200 GB |
4.1.6 Connectivity
Field | Value |
---|---|
Connect to EC2 Compute Resource | Select the EC2 instance we created (relvy-app-ec2) |
DB subnet group | Automatic setup |
Public access | No |
VPC security groups | Choose existing → relvy-db-sg |
Certificate authority | default |
4.1.7 Database Authentication
- Database authentication: Password authentication
4.1.8 Additional Configuration
Field | Value |
---|---|
Initial database name | relvydb |
Enable Performance Insights | Yes (optional) |
Deletion protection | Enable |
Database Name - The initial database name must be set to relvydb
for the Relvy application to work correctly.
Wait for DB creation and note the endpoint.
4.2 Update App Security Group
Navigate to EC2 Console → Security Groups → relvy-app-sg
Add outbound rule:
- Type: PostgreSQL, Port: 5432, Destination: relvy-db-sg, Description: Database access
Step 5: Verify Infrastructure
5.1 Check All Components
Verify all components are created and running:
Component | Status Check |
---|---|
Security Groups | App and DB groups created with proper rules |
EC2 Instance | Instance running (and registered with target group if using ALB) |
RDS Database | Database available and accessible |
Load Balancer | ALB running with target group (if created) |
5.2 Test Connectivity
Important Notes
Save These Details - Keep track of the following for the next steps:
- RDS endpoint
- Database username and password
- EC2 IP for ssh
- ALB DNS name (if created)
Next Steps
Your cloud infrastructure is now ready! The next steps are:
- Configure Domain - Set up DNS records and SSL certificate in Domain Configuration
- Setup Slack Integration - Create Slack app (optional) in Slack Setup
- Deploy Application - Install Docker and deploy Relvy in Application Deployment
Cost Alert - Your AWS resources are now running and incurring charges. Complete the deployment to start using Relvy.