How to apply Node.js secuirty updates? - node.js

How to apply node.js security patches?
Is there a specific process to apply security patches when using meteor js on ubuntu 16.04?

When you're running meteor in production mode, it is run as a (pure) node.js app. So the short answer to your question is to just update node (depending on how you installed it; probably sudo apt-get update -y && sudo apt-get install nodejs -y).
There are a variety of tools you can use to deploy a meteor app (e.g. meteor-up), but all of them have essentially the same two steps, which are easy enough to do yourself:
Bundle your meteor app into a node.js app
meteor build ../my-build-output-folder --server https://my.production.site.url --architecture os.linux.x86_64
This will create a meteor-server.tar.gz file in the folder you specified, containing the node.js app. The process is then (as per the README file that is included in the bundle):
Transfer the meteor-server.tar.gz file to your server
tar -zxvf meteor-server.tar.gz to extract the node application
The included README file tells you the rest :
README:
This is a Meteor application bundle. It has only one external dependency:
Node.js v8.11.4. To run the application:
$ (cd programs/server && npm install)
$ export MONGO_URL='mongodb://user:password#host:port/databasename'
$ export ROOT_URL='http://example.com'
$ export MAIL_URL='smtp://user:password#mailhost:port/'
$ node main.js
Use the PORT environment variable to set the port where the
application will listen. The default is 80, but that will require
root on most systems.
Set up a system to survive restarts e.g. upstart , pm2, supervisord , or docker

Related

how to deploy node server on CPANEL?

I want to deploy node server over CPANEL how do i start?, I have searched but not relevant answer entertained me tell me solution if anyone did this.
How to install Node.js and NPM on cPanel Hosting Server
Node.js currently only works on servers running CentOS 6 or CentOS 7. To determine the CentOS version on your server, run this command:
uname -r
If the output from this command contains el6 (for example, 2.6.32-531.17.1.lve1.2.60.el6.x86_64) or el7 (for example, 3.10.0-714.10.2.lve1.5.12.el7.x86_64) , then your server is running CentOS 6 or CentOS 7. However, if you see el5h (for example, 2.6.32-531.23.3.lve1.2.66.el5h.x86_64), then your server is running CentOS 5 and does not support Node.js.
Download NodeJS. To make sure you’re in the root directory, run this command:
cd ~
wget https://nodejs.org/dist/latest/node-v10.15.0-linux-arm64.tar.gz
Extract the NodeJS Files:
tar xvf node-v10.15.0-linux-arm64.tar.gz
Now rename the folder to nodejs name, to do this type the following command:
mv node-v10.15.0-linux-x64 nodejs
Now install node and npm binaries, type the next commands:
mkdir ~/bin
cp nodejs/bin/node ~/bin
cd ~/bin 
ln -s ../nodejs/lib/node_modules/npm/bin/npm-cli.js npm
Node.js and npm are installed on your account. To verify, type the following commands:
node --version
npm --version
STOPPING A NODE.JS APPLICATION
To stop a currently running Node.js application, type the following command:
pkill node
This command immediately stops all running Node.js applications.

React: How to publish page on server using React-starter-kit

So, I created a page using repo from:
https://github.com/kriasoft/react-starter-kit
I have my own global ftp server. And now I would like to publish my project on server.
What is the best way to do it. Should I copy all files to ftp server and just exec command 'npm start'? Or maybe I should deploy it?
I'm new in web deployment and not sure how it works.
Thanks for any tips.
It may be a little more complicated than just ftping your project up. Here are the instructions I use to setup a server at digitalocean.
sudo apt-get update
sudo apt-get install npm
sudo apt-get install git
sudo apt-get install ufw
sudo apt-get install build-essential libssl-dev
curl https://raw.githubusercontent.com/creationix/nvm/v0.20.0/install.sh | bash
nvm install stable //may require new ssh session before this
ufw default deny incoming
ufw default allow outgoing
ufw allow ssh
ufw allow 80/tcp
ufw allow out to any port 53
ufw enable
sudo npm install -g forever
sudo npm install -g node-gyp
cd /var
mkdir www
cd www
git clone https://github.com/calitek/palminfo --recursive
npm install
npm ls -depth 0
export PORT=80
node js/server.js
test using ip / when good exit then
forever start js/server.js
set dns
The server will need to support you adding node.js. Then you need to preferably use github to clone the project. You will want to do the npm install on the server to be sure you are using the correct modules. Its a little complicated the first time out, just keep good notes for the next time.
This is a big topic to cover, whatever your linux distribution is, you probably will always need 2 servers - a proxy server, and an app server.
I'd recommend you wrap your compiled sites with a simple Node.js server like Express or Hapi. Then configure nginx to properly route all the requests to the application. Checkout some detailed guides from DigitalOcean
CentOS: https://www.digitalocean.com/community/tutorials/how-to-set-up-a-node-js-application-for-production-on-centos-7
Ubuntu: https://www.digitalocean.com/community/tutorials/how-to-set-up-a-node-js-application-for-production-on-ubuntu-14-04
Minor steps might be slightly different but you get the idea
One approach is to build the app on the server, but you will need something like Heroku which you already decided to go with.
But an alternative to that is to do a paradigm shift. You're app is basicaly just some html, css and javascript, which is compiled and servered to the public. You could compile that yourself with npm run build and then just copy the compiled files to your hosting server which can use what ever server it wants: apache httpd, nginx, etc. This is also cheaper cause you only need basic hosting, not some complex nodejs compiling server.
I created a starter kit http://redux-minimal.js.org/ which helps you create rich real-world apps with the minimum amount of packages and very light configuration setup. If you look at the folder structure you can see that the app uses the index.html from the public folder, and then the css and js file are compiled directly in the public folder. Which makes it easier to just copy the public folder to what ever server you want.

How can I ssh into my meteor app?

I am working on a meteor project, and I deployed it at meteor.com, I used ffmpeg library for some audio option, so I need to install ffmpeg on meteor server.
I successfully executed following command to install ffmpeg on meteor server.
1]. git clone https://github.com/FFmpeg/FFmpeg.git
2]. cd FFmpeg && ./configure --disable-yasm
3]. cd FFmpeg && make
but in 4th command I am facing an issue
4]. cd FFmpeg && make install
then I am getting errror like:-
cannot create directory /usr/local/man/man1 :permission denied
and when I used cd FFmpeg && sudo make install then getting error:-
sudo: no tty present and no askpass program specified
so what should I do to solve this error or can install ffmpeg library
thanks..
It is not possible to get access via ssh to apps on meteor.com & I don't think allow you to use custom binaries on their infrastructure.
Each instance is in a sort of vm which doesn't give you root access so you can't make any binaries.
If you want to use ffmpeg/custom binaries with your app you would have to use your own infrastructure like on heroku (which is also free), AWS or digitalocean.
The Dev-Ops that meteor deploy affords is a deployment of the bundled meteor app only. There is no other access (ftp, ssh, or otherwise) given besides the mongo database (via meteor mongo <siteurl>

Deploy MEAN.JS on Google Cloud Platform

I tried to deploy MEAN.JS on Google Cloud Platform (also the KeystoneJS CMS), but it doesn't work. I use the command-line tool online.
In the order, i installed Node.js, MongoDB, bower and grunt, then I try to deploy MEAN.JS :
Install Node.js :
sudo apt-get install curl
curl -sL https://deb.nodesource.com/setup | sudo bash -
sudo apt-get install -y nodejs nodejs-legacy
Install MongoDB :
sudo apt-key adv --keyserver keyserver.ubuntu.com --recv 7F0CEB10
echo 'deb http://downloads-distro.mongodb.org/repo/debian-sysvinit dist 10gen' | sudo tee /etc/apt/sources.list.d/mongodb.list
sudo apt-get update
sudo apt-get install -y mongodb-org
Install bower et Grunt :
sudo npm install -g bower
sudo npm install -g grunt-cli
Install MEAN.js :
sudo npm install -g generator-meanjs
mkdir mean
cd mean
yo meanjs
grunt
Here is the result on the command-line board :
Running "jshint:all" (jshint) task
53 files lint free.
Running "csslint:all" (csslint) task
2 files lint free.
Running "concurrent:default" (concurrent) task
Running "watch" task
Running "nodemon:dev" (nodemon) task
Waiting...
[nodemon] v1.2.1
[nodemon] to restart at any time, enter rs
[nodemon] watching: app/views//. gruntfile.js server.js config//.js app/*/*.j
s
[nodemon] starting node --debug server.js
debugger listening on port 5858
NODE_ENV is not defined! Using default development environment
js-bson: Failed to load c++ bson extension, using pure JS version
Failed to load c++ bson extension, using pure JS version
MEAN.JS application started on port 3000
I can define the NODE_ENV variable (test, development, all...) but it's the same problem.
The problem is :
It should work but whan i try to access to my IP:port (in this case 146.148.113.68:3000) : "This webpage is not available".
Is it a problem with the VM, the packages, MEAN.JS ? I have the same problem with the KeystoneJS CMS.
Thanks !
Are you sure ports to your machine are open for access? When you deploy an app on Compute Engine, you have to edit network settings to allow custom ports. There's easy checkmark options for allowing HTTP and HTTPs traffic, but for custom ports, you will have to add port in settings.
This documentation might be helpful but you can always find these things in the Cloud Console.
Also, now Google Cloud Launcher also supports MEAN stack deployment with both MEAN.io and MEAN.js flavors which simplifies the whole process.
Everything looks fine Only thing to change is the firewall settings which is blocking your web application ,there is no problem with VM or KeystoneJS CMS. You Need to just change the firewall settings for incoming and Outing Traffic:
You need to specify the ip and port number , i have given access to all ports temporarily for testing purpose.
Try other services to host your MEANJS Web Application.
Heroku : https://www.heroku.com/
Nodejitsu : https://www.nodejitsu.com/
If it works in these platoforms,then the problem is not with your cloud.

Deploying meteor.js app using `meteor`

I was thinking whether we can deploy Meteor.js app doing this:
curl https://install.meteor.com | /bin/sh
meteor create myApp
cd myApp
FTP app files into myApp directory
meteor
I assume you are trying to deploy to your own server. Therefore your need to create the bundle which you can them FTP and expand in your server/directory as follows:
create the bundle: meteor bundle myApp.tgz
FTP myApp.tgz into your server/directory.
Locate the uploaded tar file and extract it with the following command:
tar -zxvf nameofyourapp.tgz
Note: If the machine you developed the application is different than the machine you are deploying to, you will need to rebuild the native package. To do this, enter the bundle/programs/server/node_modules directory.
cd bundle/programs/server/node_modules
Once there remove the fibers directory
rm -r fibers
Rebuild fibers using npm:
npm install fibers
This will install the latest fibers version, specific to the platform you are deploying to.
Best regards,
Vince

Resources