Server Deployment NODE Project

1. premise

1.1 The NODE environment has been built on the server, if not, you can refer to me. The previous blog Build. Because this blog is in The previous blog If there is any obscurity, you can read the previous blog first.
1.2 A NODE project has been written.

2. deployment

2.1 Because I use PM2 for process management, I first write the PM2 execution file of the corresponding server under my project root directory:

//process.json file
{
     "apps": [
         {
             "name": "xxxx", //Self-defined process identification
             "script": "./bin/www", //pm2 Startup Program Directory, Write Project Startup File Location
             "log_date_format": "YYYY-MM-DD HH:mm Z", //Log Output Time Format
             "log_file"   : "./logs/log_file.log", //Background logs output by nodejs
             "error_file" : "./logs/error_file.log", //Log output when background error occurs
             "out_file"   : "./logs/out_file.log"  //log_file and error_file combined output logs
         }
     ]
 }

2.2 Create a new logs folder under the project root directory
2.3 Pull down your project in the server root directory:

cd ~
git clone git@The server ip:/srv/git/entry name.git
//Enter the project root directory and install dependencies
npm install
//Execute under the project root directory
pm2 start process.json
//View startup status
//If an error occurs, go to the logs directory and cat error_file.log to check the error log; otherwise, the deployment is successful. If you have already configured nginx, you can go to the website to see your project.
pm2 list

2.4 Open Server Access Security Group
Assuming that the port of the project you open is 3001, when you open the web page, you will find that you can not open the port to access the web site, so you need to open the server to access the security group.
2.4.1 Open the Security Group to the Server

Authorization strategy Protocol type Port range Authorization type Authorized object describe priority
allow Custom TCP 3001/3001 Address segment access 0.0.0.0/0 - 1

2.4.2 Server should also be opened and set up firewall
CentOS 7.0 defaults to firewall as a firewall, which is changed to iptables firewall.

1,Close firewall: 
systemctl stop firewalld.service
systemctl disable firewalld.service
systemctl mask firewalld.service

2,install iptables firewall
yum install iptables-services -y

3.Start Setting Firewall
# systemctl enable iptables
# systemctl start iptables

4.View firewall status
systemctl status iptables

5 Edit firewall, add port
vi /etc/sysconfig/iptables #Editing Firewall Profile
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT  //Open port 80
-A INPUT -m state --state NEW -m tcp -p tcp --dport 3001 -j ACCEPT //Open access port
:wq! #Save exit

6.Restart configuration, restart system
systemctl restart iptables.service #Restart the firewall to make the configuration effective
systemctl enable iptables.service #Setting Firewall Boot-up

3. Create node reverse proxy

1. way of thinking
Now if your node project runs on port 3001, then the address of the page you open should be http://ip:3000/ But such domain names are not very attractive, if they can be directly online http://ip/ In this way, access is much better and more secure. By default, 80 ports are opened for external access.
2. configuration
If nginx is already matched, create a node reverse proxy under / etc/nginx/conf.d/:

// www.yourwebsite.com.conf file
upstream node {
  server 127.0.0.1:3000;
}
server {
  listen       80 default_server;
  server_name www.yourwebsite.com  yourwebsite.com;
  include /etc/nginx/default.d/*.conf;
  location / {
      proxy_pass  http://node;
      client_max_body_size 10M;//Resolve 413 Request Entity Too Large error when implementing upload function because request entity is too long. In general, when a Post request is made, the data of the Body Content Post is too large, such as uploading large files, and the POST data is too large.
}
  access_log /var/log/nginx/access.log main;
}

Then go back to / etc/nginx / and find the nginx.conf file:

//Comment out the original 80 port listener and find:
listen 80 default_server;     -->   # listen 80 default_server;
listen [::]:80 default_server;-->   # listen [::]:80 default_server;

Then enter nginx-t-c/etc/nginx/nginx.conf
Check to see if there are any configuration errors. If there are no errors, restart nginx: service nginx restart.
Great success, go to the web page to see, through http://ip/ Visits were made.

Keywords: Nginx firewall iptables git

Added by dannyone on Thu, 16 May 2019 23:27:20 +0300