Deploying to AWS

Why AWS

AWS provides a similar containerized PostHog environment to Docker deployment. Through the use of AWS Fargate, we are able to provide a "pay for what you use" platform to prevent you from overpaying!

Likewise, we maintain a CloudFormation config to deploy PostHog with Redis and Postgres on an AWS stack.

If you're new to CloudFormations and want to learn more and how to use them, check out these AWS Docs.

Jump straight in:

Launch AWS Stack

  1. After clicking "Next" you'll have the option to review the parameters. You will need to update these if you want to modify default behaviors or setup SMTP configs as described below.
  2. Review the rest of the Configuration Wizard pages
  3. (Optional) On the Review stack page you can click estimate cost to get an estimate of how much your specific config will cost per month. The default configs cost about ~$27 USD per month
  4. If you are ready, click Create Stack!
  5. Once deployment completes look under Outputs for ExternalUrl
  6. Review all parameters in the config and ensure everything is nominal

Adding TLS/SSL support

You should definitely setup TLS (Read more)!

  1. Go to 'Services' > 'EC2' > 'Load balancers'
  2. Navigate to 'Public load balancer' > 'Listeners'
  3. Add a listener for the protocol HTTPS, import or add your SSL certificate
  4. After verifying it works, you can disable insecure access by removing the listener for port 80 (HTTP).

Updating AWS Fargate

To update follow these steps:

  1. Open up your AWS console to ECS management page
  2. Make sure you have your Region set to the correct region.
  3. In the navigation pane, choose Clusters.
  4. On the Clusters page, select the name of the cluster running PostHog
  5. On the cluster page select the services tab
  6. Check the box on the left of the PostHog service and click the Update button above
  7. On the Configure Service page, PostHog's service information is already pre-populated. You MUST check Force New Deployment to instruct ECS to pull a new container from the Docker repository. From there make any relevant changes to the configuration if you want to. If all that is needed is an update proceed to Next Step
  8. Review the Configure Deployments page and then proceed to Next Step
  9. Review the Configure Networks configs and then proceed to Next Step
  10. Click Update Services to 🚢 the newest version of PostHog to your ECS cluster!

You can find more details on Amazon's Docs for Elastic Container Service.

AWS Marketplace Quick Install

PostHog can be found on the AWS Marketplace. To deploy it, you just need to access the page and follow the steps to configure your instance.

Here's a short step by step tutorial:

  1. Ensure you're logged in to AWS
  2. Visit the PostHog page on the AWS Marketplace and click 'Continue to Subscribe'
  3. You will be prompted with a page to review your subscription. The subscription to PostHog via AWS Marketplace is free, so the only thing you'll need to pay for are the AWS Resources you use with your PostHog instance.
  4. Once your subscription is ready, you should receive an email about it. You can then view all your subscriptions on the Your Software page
  5. From the 'Your Software' page, you should now see PostHog. Click 'Launch Instance' on it.
  6. This will prompt you with the configuration steps before you launch. You should fill this according to your preferences. Regarding the Instance Type, we recommend a config with about the following specs for a medium volume instance:

    • 4GB of RAM
    • 2 CPUs
    • 50GB of storage

However, this will vary based on the volume you're expecting. If you're expecting a low volume, a lighter instance may do just fine. AWS suggests EC2 by default, which has a free tier available. This might be suitable for users not expecting to do heavy load analytics yet, as well as those with little website traffic. Conversely, if you are expecting high volume, you should probably scale up from the specs above.

  1. Finish the configuration steps according to your personal preferences. Setting up security groups is probably a good idea.
  2. Launch the instance and you're all set!

AWS Deployment with Docker

If instead of using our CloudFormation config or AWS Marketplace app you would rather go through the deployment yourself, here's how to do it. We'll be using Docker for this tutorial but you could also deploy from source if you wanted to.

EC2 Setup

  1. Ensure you're logged in to AWS
  2. Access your AWS EC2 Dashboard
  3. Click the 'Launch Instance' button
  4. Select your AMI. For this tutorial, we'll be using the Ubuntu Server 18.04 LTS (HVM)
  5. You will be prompted with a page to choose your instance type. We recommend a config with about the following specs for a medium volume instance:

    • 4GB of RAM
    • 2 CPUs
    • 50GB of storage

However, this will vary based on the volume you're expecting. If you're expecting a low volume, a lighter instance may do just fine. EC2 has a free tier available and this might be suitable for users not expecting to do heavy load analytics yet, as well as those with little website traffic. Conversely, if you are expecting high volume, you should probably scale up from the specs above.

  1. Click 'Review and Launch'
  2. Once your instance is live, you should get a notification. That means you're ready to move on to the next tutorial.

Docker Installation

  1. SSH into your EC2 instance by using the IP provided on your console instead of <YOUR_IP>. On a terminal, this should look something like this:

    ssh ubuntu@<YOUR_IP>

If you downloaded a new key during the creation of the Virtual Machine, you may need to run:

ssh -i path/to/your/key.pem <username>@<YOUR_IP>
  1. After accessing the instance, install Docker Engine
  2. Then install Docker Compose
  3. Setup Docker to run without root priviledges (optional but strongly recommended)
  4. Install git:

    sudo apt-get update && sudo apt-get install git
  5. To clone the PostHog repository and enter the new directory, run:

    git clone https://github.com/posthog/posthog.git && cd posthog
  6. You'll then need to generate a SECRET_KEY that is unique to your instance.

    ⚠️ Note: Do not use our placeholder key! Read more about the importance of this key here.

    First, run: openssl rand -hex 32. This will generate a new key for you. You'll need this in the next step.

    Then, open the docker-compose.yml file with the command: nano docker-compose.yml

    Lastly, substitute "<randomly generated secret key>" for the key you got from the key generation command.

    This means the SECRET_KEY: "<randomly generated secret key>" line will end up looking something like this (with your key, of course):

    SECRET_KEY: "cd8a182315defa70d995452d9258908ef502da512f52c20eeaa7951d0bb96e75"
  7. Then, to run PostHog, do:

    docker-compose up -d
  8. You're good to go! PostHog should be accessible on the domain you set up or the IP of your instance.

Important Points

⚠️ Never, Ever, Run PostHog Without TLS/SSL

PostHog needs to run on HTTPS because:

a) It will fail
b) It is a grave security concern and potentially illegal

Check Your Firewall/Security Group if You Cannot Connect to a Port

If you are unable to connect to a certain port, this might be due to the firewall or security group settings for your EC2 Instance.

Firewal Issues

Generally, this is a matter of running:

sudo ufw allow <PORT> && sudo ufw reload

To check that the changes were applied, run:

sudo ufw status

You can read this tutorial for more information.

Security Group Issues

Here's a good AWS Tutorial about this.


Upgrading Docker on AWS

See this PostHog tutorial about upgrading your PostHog version with Docker.

Useful Tutorials


- Suggested NGINX Configuration for PostHog

- Securing PostHog

- Scaling PostHog