> ## Documentation Index
> Fetch the complete documentation index at: https://docs.ale.run/llms.txt
> Use this file to discover all available pages before exploring further.

# Ingress Setup & Login

## Create DNS Record for preview URL

<Frame>
  <img className="block rounded-md" src="https://files.cloudtype.io/ale-docs/setup/ec2/images/04_21.png" />
</Frame>

> Click `Create record` on the target domain page in the Route53 dashboard and create a record with the following values:

* **Record name**: \*
* **Record type**: A
* **Value**: Public IP address of EC2 instance

<Info>
  Through this process, the root domain with the registered record is assigned as a preview URL for the service deployed on the dashboard.
</Info>

<Note>
  You can verify if the record has been propagated to the nameserver using the following command:
</Note>

```bash theme={null}
dig "<registered domain>"
```

## Install Cert Manager

> Run the following commands to install **Cert Manager**:

```bash theme={null}
helm repo add jetstack https://charts.jetstack.io
helm repo update
```

```bash theme={null}
helm install \
     cert-manager jetstack/cert-manager \
     --namespace cert-manager \
     --create-namespace \
     --version v1.15.3 \
     --set crds.enabled=true
```

## ClusterIssuer & TLS Certificates

> Use the following command to create the ClusterIssuer and TLS certificate:

```bash theme={null}
cat <<EOF | kubectl apply -f -
apiVersion: v1
kind: Secret
metadata:
  name: aws-secret-access-key
  namespace: cert-manager
type: Opaque
stringData:
  aws-secret-access-key: $AWS_SECRET_ACCESS_KEY
---
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
  name: ale-issuer
  namespace: cert-manager
spec:
  acme:
    email: $ACME_EMAIL
    server: https://acme-v02.api.letsencrypt.org/directory
    privateKeySecretRef:
      name: ale-issuer
    solvers:
      - http01:
          ingress:
            class: nginx
      - dns01:
          route53:
            region: $AWS_REGION
            hostedZoneID: $AWS_HOSTED_ZONE_ID
            accessKeyID: $AWS_ACCESS_KEY_ID
            secretAccessKeySecretRef:
              name: aws-secret-access-key
              key: aws-secret-access-key
        selector:
          dnsZones:
            - $AWS_DOMAIN
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
  name: ale-app-tls
  namespace: cert-manager
spec:
  dnsNames:
    - "*.$AWS_DOMAIN"
  issuerRef:
    kind: ClusterIssuer
    name: ale-issuer
  secretName: ale-app-tls
EOF
```

## Setup Ingress in ale

<Frame>
  <img className="block rounded-md" src="https://files.cloudtype.io/ale-docs/setup/ec2/images/en/04_22.png" />
</Frame>

> Access `ale` at `https://app.[domain]`, create an administrator, and complete the installation.

<Note>
  Enter the root domain in the preview domain field.
</Note>

<Frame>
  <img className="block rounded-md" src="https://files.cloudtype.io/ale-docs/setup/ec2/images/en/04_23.png" />
</Frame>

> Enter the following values in the network section of the settings tab in the cluster page and click `Apply`.

* **Preview domain**: Connected root domain
* **Use HTTPS**
  * **Activate**: Internet environment
  * **Inactivate**: Intranet/closed network environment
* **Certificate secret name**: ale-app-tls
* **Certificate secret namespace**: cert-manager
* **Certificate issuer**: ale-issuer
* **Ingress class**: nginx
* **Load balancer type**: NodePort

<Info>
  You can access the operations system by clicking the space name in the dashboard.

  <Frame>
    <img className="block rounded-md" src="https://files.cloudtype.io/ale-docs/setup/ec2/images/en/04_24.png" />
  </Frame>
</Info>

<Note>
  The operations system menu is only displayed for accounts with access permissions to the operations system.
</Note>

## Access ale Dashboard

<Frame>
  <img className="block rounded-md" src="https://files.cloudtype.io/ale-docs/setup/ec2/images/en/04_25.png" />
</Frame>

> Click `Back` in the top left of the operations system or access `ale` at `https://app.[domain]` and complete the signup process to use the developer dashboard.

<Tip>
  [You can use managed container registries, such as AWS ECR, as the repository for built images.](/en/registry/aws-ecr) If no container registry is connected, images are managed using the Docker Engine running in the local environment.
</Tip>

<Info>
  Refer to the cards below for instructions on using the operations system and developer dashboard.
</Info>

<CardGroup cols={2}>
  <Card title="operations system Guide" icon="gear" href="/en/operations/user-management" horizontal />

  <Card title="Developer Guide" icon="code" href="/en/developers/deploy" horizontal />
</CardGroup>
