Connecting Smartphone to AWS CHT instance

Dear Community

I would like to get some help from you because I have reached the limits of my knowledge and can’t get any further.

When going through the AWS Hosting Guide https://docs.communityhealthtoolkit.org/apps/guides/hosting/3.x/ec2-setup-guide/
I selected the following EC2 server in point 1:

  • “Ubuntu Server 20.04 LTS (HVM), SSD Volume Type - ami-0629230e074c580f2 (64-bit x86) / ami-03b47d2d727e13114 (64-bit Arm)”, Family: t3, Type: t3.medium, vCPUs: 2, Memory (GiB): 4
  • Instance Storage (GB): EBS only, Storage Size (Gib): 8, General Purpose SSD (gp2)
  • In the Security Group I added the Types: HTTP and HTTPS

Then I created the Elastic IP and connected it to the EC2 instance. I set and successfully achieved the stated goal of connecting to an instance via SSH.

In step 2 (create or restore EBS volume) no problems occurred.

Step 3 went smoothly as well:

So I finally achieved the goal of having the EBS volume mounted on /srv.

After that, I did not continue with the instructions from AWS Hosting for the time being because we lack a domain and do not currently have an SSL certificate.

However, my instance was now online and running. The next thing I wanted to do was :

  • To “install” the CHT Project Configurer a.k.a cht-conf which is a command-line interface tool to manage and configure CHT apps.
  • Populate my running instance with test data (using the reference project “Maternal & Newborn Health Reference Application”).
  • Publish an Android app via Play-Store to be able to download it to a device and then use the URL of my running instance.

Installing cht-conf:

  • I installed Cht-conf directly on the EC2 VM (not within any container that i had through running ./prepare-system.sh script) by following the instructions on Getting started building a CHT app | Community Health Toolkit for the setup on Ubuntu.
  • Npm was not yet available on my EC2 Amazon Ubuntu instance, so I had run “apt install npm” to be able to run “npm install -g cht-conf” according to the instructions in point 2.
  • I was also able to install Pyxform

Installing Pyxform:

  • Small sidenote: there is a type on your homepage: Getting started building a CHT app | Community Health Toolkit. For Pyxform you write down that we should run the command: “sudo python -m pip install git+https://github.com/medic/pyxform.git@cht-conf-1.17#egg**=** pyxform-medic”, but it should not be @cht-conf-…, it should be @medic-conf-…)
  • In order to execute the command sudo python -m pip install git+https://github.com/medic/pyxform.git@medic-conf-1.17#egg=pyxform-medic, I first had to install python and pip, because they were not available on the EC2 Amazzon Ubuntu instance either. I installed python with “sudo apt install python” and pip with " curl https://bootstrap.pypa.io/pip/2.7/get-pip.py --output get-pip.py # Fetch get-pip.py for python 2; python2 get-pip.py"

Getting the reference app and test-data:
However, since I now had a running instance due to going through the AWS hosting guide, where the images medicmobile/medic-os:cht-3.9.0-rc.2 and medicmobile/haproxy:rc-1.17 had been loaded there, because these images were written down in the docker-compose file, I did not have the “Maternal & Newborn Health Reference Application” reference application available.

Therefore, I wanted to adapt my instance so that I could have the reference application running and thus have test data.

For this, I executed the command git clone GitHub - medic/cht-core: The CHT Core Framework makes it faster to build responsive, offline-first digital health apps that equip health workers to provide better care in their communities. It is a central resource of the Community Health Toolkit. on my EC2 server to have the folder cht-core. Then I switched to the cht-core/config/default directory, where the reference application is, according to the instructions on Getting started building a CHT app | Community Health Toolkit, and then executed the command according to the homepage: “cht --url=https://medic:password@localhost --accept-self-signed-certs csv-to-docs upload-docs”

  • Small side note here: the command is given here with an error because at the end of the command there are the characters `. which do not belong there: “cht --url=https://medic:password@localhost --accept-self-signed-certs csv-to-docs upload-docs`.”

In this way, I had now managed to install cht-conf and import the reference app with the data on my AWS EC2 instance.

Now I also wanted to test this app with an Android phone and therefore also went through the optional step 5. I ran the command ./scripts/add-local-ip-certs-to-docker.sh in the cht-core folder on my AWS EC2 instance and then also set the command: cht --url=https://medic:password@3.19.149.36.my.local-ip.co.

In order to have an Android version that I can connect to my EC2 instance, I wanted to load my first app in a “standard” version on the “Play-Store”. However, I did not understand the procedure at all.

What exactly do I have to do in order to be able to download the application to my mobile phone via the play store and connect it to my running instance on AWS?

I copied git clone --recurse-submodules GitHub - medic/cht-android: A native Android container for Community Health Toolkit (CHT) applications with the repository locally to my personal PC. Then I went to the directory “cht-android” and ran make bundle.

Then I went there and created a new tag (just increased the number by one: “git tag v.0.10.2-alpha.1” and then with “git push --tags” I got a “Permission to medic/cht-android.git denied” → it makes sense for me that I am not allowed to push to the master branch (since i am not a developer of this project), but i understood the manual that way, that i should do it like that.

So to find another solution, I tried to simply upload my own .aab files (which I had created with “make assemble”). But before that I went to the page https://docs.communityhealthtoolkit.org/apps/guides/android/publishing/ and found the subcategory “New App in the Play Store”. There I followed the instructions and tried to create my own brand.
On https://docs.communityhealthtoolkit.org/apps/guides/android/branding/ step 2 says at the end: “The variables in the env sections point to a keystore and the passwords to unlock the keystore that will be generated in the following steps, but it’s important to follow the name convention, in the example all the variables that are configured in Github Actions end with the suffix _NEW_BRAND, these variables need to be added in the cht-android repo settings by a manager of Medic.”
So would a manager of medic on the cht-android repo please record “COMBACAL” as “_NEW_BRAND” for me?

I think i will end my long text here and then continue with my diffuculties and questions, as soon as I have an answer to my two questions above:

  • What exactly do I have to do in order to be able to download the application to my mobile phone via the play store and connect it to my running instance on AWS?
  • Would a manager of medic on the cht-android repo please record “COMBACAL” as “_NEW_BRAND” for me?

Thank you very much in advance and best regards,
Ünsal

2 Likes

Hi Ünsal

The easiest way to get the mobile app installed on your phone is to install this app: https://play.google.com/store/apps/details?id=org.medicmobile.webapp.mobile and then configure it to use your instance’s host.

An alternative is to build the app locally and push it to a device that you have connected via USB or wireless network, detailed instructions: Run apps on a hardware device  |  Android Studio  |  Android Developers .

Please let us know if this works.

2 Likes

Hi Diana

Thank you very much for your response. I downloaded the app and tried to connect it to our AWS address with the IP-Address https://18.221.15.177 and the domain address cht.combacal.org, but it does not work. I assume that this is, because i somehow still got no valid ssl certificate.
What do I have to do?

On your website https://docs.communityhealthtoolkit.org/apps/guides/hosting/3.x/ssl-cert-install/ you mention for requirements, that we need to have CHT-Core 3.x installed. I fulfil this requirement.
Then you also mention, that we need an own SSL certificate like Let’s Encrypt, but there I can not get any further. Would you please help me and provide me with a guide that tells me what I have to do to get to my own certificate?

What i tried to do:

  • I ssh’d to my AWS EC2 instance
  • On letyencrypt, I selected that my http website is running nginx on ubuntu 20
  • When I run “sudo certbot certonly --nginx” and then enter for the domain: cht.combacal.org, i get the error: ERROR:certbot._internal.error_handler:Encountered exception during recovery: certbot.errors.MisconfigurationError: nginx restart failed:
    nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
    nginx: [emerg] bind() to [::]:80 failed (98: Address already in use)
  • When I connect to my docker container first with: sudo docker exec -it medic-os /bin/bash and then run the command “sudo snap install core; sudo snap refresh core” i get the error: error: cannot communicate with server: Post http://localhost/v2/snaps/core: dial unix /run/snapd.socket: connect: no such file or directory

Thank you very much in adanve for your help

Hi @uensal ,

I think you should use certbot, as you’re already doing. Please check out their instructions: Certbot Instructions | Certbot

On step 7, they specifically address the case where you already have a webserver that runs on port 80.
You already have one, cht-core, which is why you were getting the port conflict nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use) .
You can either:

  • stop cht-core container while generating your certificate
  • follow the instructions on the certbot website to run certbot without starting nginx on port 80.

Please let us know if this works.

Hi @diana

Thank you very much for your support.
We managed now to have a valid SSL certificate and are now also enabled to connect to our instance via our url http://cht.combacal.org

Our next step will now be have our own brand (customized app) and to start adding features like a map implementation.
How do we have to proceed here with that endeavour?

Bests,
ünsal

1 Like

Hi @uensal

Please refer to our tutorials about how to configure the CHT: Step-by-Step Tutorials | Community Health Toolkit to get ideas about customization.

Good luck!

A post was split to a new topic: Can not upload app to local dev instance

@uensal - I wanted to follow up on this: if you’re using Let’s Encrypt certificates, they inherently expire after 90 days. This means that well before that you’ll need to release port 80 and allow the Let’s Encrypt renewal process to proceed and then reclaim port 80 for the CHT.