I created a skeleton app with jhipster and added some entitles with import-jdl. Now I'm trying to run the dev profile and it hosts it on localhost:8080, which is fine. But I want to proxy it to the public Internet through nginx and put it behind SSL.
Now if I were using Tomcat as an app server, I could set the proxyHost property on the Connector to tell the app server what its public-facing URL is so it generates URLs for the client properly.
But I don't know what app server jhipster uses for the dev profile or how to configure it.
There are a few ways you can go to solve your problem,
The most simplest one is to reverse proxy using nginx, like this:
server {
listen [::]:80;
listen 80;
server_name your-domain.com;
access_log /var/log/nginx/your-app-access.log;
error_log /var/log/nginx/your-app-error.log;
return 301 https://$host:443$request_uri;
}
server {
listen [::]:443 ssl;
listen 443 ssl;
server_name your-domain.com;
access_log /var/log/nginx/your-app-access.log;
error_log /var/log/nginx/your-app-error.log;
ssl_certificate /path/to/ssl/server.crt;
ssl_certificate_key /path/to/ssl/server.key;
keepalive_timeout 70;
add_header Alternate-Protocol 443:npn-spdy/2;
location / {
proxy_pass http://jhipster;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Port $server_port;
proxy_set_header X-Request-Start $msec;
}
}
upstream jhipster {
server 127.0.0.1:8080;
}
which should work on every nginx.
This expects your app running at port 8080 at localhost, what is the case when you start it locally. This furthermore requires you to install java and more stuff on your server.
A better way is to use the docker option to create docker images. There are a lot of ways to handle with docker images, like public repository as DockerHub as well as private solutions, like GitLab Container registry. At least you can do a trick by serving the registry docker image at some server with ssl, to use this for private registry.
Then you can at least deploy your app to the same nginx configuration as written above, directing traffic to a running docker container. With this, you only need a arbitrary linux distribution with docker and nginx running.
To gain the power of CI/CD systems, you can deploy these images to complex systems like kubernetes, but also to docker swarm (+ Docker Shipyard), or to smaller and easier to setup solutions like Deis or Dokku. You can read this article, which guides you through a setup of GitLab + GitLab CI + Registry + Dokku, where you can deploy your JHipster application using git push origin master
note: I suggest not to use the dev profile in production. To keep update with your application logs, consider specific logback configuration or solutions as JHipster Console (ELK Stack)
Related
I have a svelte kit project. I want to deploy the app in an Nginx web server after an npm run build. At the moment I have a node container and I use to start using npm run preview. It's working fine, but I want to deploy in a production environment using build.
How could I do that?
ref: https://kit.svelte.dev/docs#command-line-interface-svelte-kit-build
As #Caleb Irwin said, you can run node ./build/index.js
The NGINX configuration will look like this:
upstream sveltekit {
server 127.0.0.1:3000;
keepalive 8;
}
server {
# listen ...
# servername ...
# root ... (folder with an index.html in case of sveltekit being crashed)
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-NginX-Proxy true;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://sveltekit;
proxy_redirect off;
error_page 502 = #static;
}
location #static {
try_files $uri /index.html =502;
}
}
(I'm not a NGINX pro and welcomes feedback to improve on it)
You may also want to make the SvelteKit app listen only to localhost by adding the environment HOST=127.0.0.1 before running node build/index.js. This will prevent the port 3000 from being reached from the outside.
You can also look into using pm2 to manage the sveltekit process, including running it on each of your cores in cluster mode, automatic restart in case of server crash / reboot.
If you have a static website (ie no endpoints) you should use #sveltejs/adapter-static#next. It will put the files you should serve in /build directory. You can then serve the generated pages using NGINX. A sample NGINX config would be:
server {
listen 80;
server_name test.jasonrigden.com;
root /path/to/build/directory;
index index.html;
}
If your site is not static you should use #sveltejs/adapter-node and run that in your container. You could put NGINX in front of it to use its features (SSL, load balancing, firewall, etc). After building your site (using npm run build) you can run node ./build/index.js.
Alternatively, you could use Netlify, Vercel, or Cloudflare Pages to host you site.
To see how to change your adapter see the docs.
Good luck!
I've managed to deploy a Svelte Kit app to my Google Cloud Engine virtual machine and serve it using Nginx. I've still got some outstanding questions myself, but so far these are my steps:
Run the build locally as per the docs referenced by OP. Local directory: $ npm run build
Local directory:$ gcloud compute scp --recurse build/ user#gcpinstance:~/Desktop
Local directory:$ gcloud compute scp package*.* user#gcpinstance:~/Desktop
On the remote vm, from the directory to which I uploaded my build folder and the package files, (e.g.~/Desktop$), I run npm install. That re-created the node-modules folder (otherwise it takes forever to upload the node-modules folder from the local machine).
~/Desktop$ mkdir SvelteKitProd/
~/Desktop$ mv package*.* build/ node-modules/ SvelteKitProd/
~/Desktop$ sudo chown -R root:root SvelteKitProd/
~/Desktop$ mv SvelteKitProd/ /var/www/domainname/
9 ~/Desktop$ cd /var/www/domainname/
/var/www/domainname:$ sudo vi /etc/nginx/sites-available/domainname (this is my nginx configuration for this domain and this app).
upstream hijacked-media {
server 127.0.0.1:3000;
keepalive 64;
}
server {
server_name hijacked.media www.hijacked.media;
#root /var/www/hijacked.media/sveltekittest/sveltekitprod/PROD-GCP;
# index index.html index.htm;
access_log /var/log/nginx/hijacked.media.access.log;
error_log /var/log/nginx/hijacked.media.error.log;
location / {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_pass http://hijacked-media;
proxy_redirect off;
proxy_read_timeout 240s;
#proxy_cache_bypass $http_upgrade;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/hijacked.media/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/hijacked.media/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = www.hijacked.media) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = hijacked.media) {
return 301 https://$host$request_uri;
} # managed by Certbot
server_name hijacked.media www.hijacked.media;
listen 80;
return 404; # managed by Certbot
}
/var/www/domainname$ pm2 start SvelteKitProd/build/index.js
I'm still trying to figure out what all I need to do in order to serve multiple apps each from its own top-level domain. I was hoping that I could change the PORT once built and uploaded (see the build/index.js file), but so far that isn't working for me. So I'll try specifying a unique port number while building it locally or messing with it once uploaded to the remote server; or perhaps use PM2 and Nginx to make multiple apps work on the same port, e.g. 3000.
i have simple nodejs app running on ec2 instance with nginx configs
when tried to access the app from browser it give me "ec2-18-223-0-201.us-east-2.compute.amazonaws.com refused to connect."
when trying to curl it from VM
using curl http://localhost:3000 it works correctly, however when trying curl http://127.0.0.1:3000 it give me this output
Found. Redirecting to https://127.0.0.1:3000/
here's my nginx configs
upstream test{
server 127.0.0.1:3000;
}
server {
listen 80;
server_name ec2-18-223-0-201.us-east-2.compute.amazonaws.com www.ec2-18-223-0-201.us-east-2.compute.amazonaws.com;
location / {
client_max_body_size 20M;
client_body_buffer_size 128k;
proxy_pass http://test;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}
One thing that should be clear before the actual problem. Is there in redirect policy in node app that returns below output?
curl http://127.0.0.1:3000 it gives me this output
Found. Redirecting to https://127.0.0.1:3000/ because redirection is
expected from Nginx, not from node app.
But I am sure the problem is with Nginx not with Node app as it is able to respond on a local port 3000.
refused to connect to connect mean that the server not running at all or the port may disable from the firewall.
Two possible reasons:
The Port 80 is not allowed in Security Group of the instance so allow 80 in the security group of AWS instance.
The Nginx is not running. Check the log under tail -f /var/log/nginx/error.log and the reason might be the log name of the DNS in the sever section.
So therefor two Suggestion for Nginx config
update your Nginx config to support long DNS name
vim /etc/nginx/nginx.conf and add value under http section in the config
http {
server_names_hash_bucket_size 512;
....
}
2. Remove redundent name from the config, its not be the reason but you should remove server_name ec2-18-223-0-201.us-east-2.compute.amazonaws.com www.ec2-18-223-0-201.us-east-2.compute.amazonaws.com;
I wrote some nodejs services in my ubuntu local.Now I want to deploy my nodejs services into nginx server in my seperate VM.I set up the nginx in my virtual machine.How can I pull my nodejs services to nginx server and how to connect these api's through postman. I getting confusion at nginx config file.
You should setup a reverse proxy with nginx to redirect the traffic to you node application. Install node on your VM, copy your application and install all the dependencies using npm install. Afterwards, you should start the node application using node index.js where index.js is the entry point of your application. You could also use a process manager such as pm2 to start the application. Then, you have to setup the reverse proxy with nginx which is redirecting the traffic to the port of your application. (In your sample code 3000). The application should now be available on the IP of your VM. Below you find a minimal example configuration for nginx.
server {
listen 80;
server_name domain.com;
location / {
proxy_pass http://127.0.0.1:3000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}
I have developed Rest API using Node JS, Express and MongoDb.
I have istalled MongoDB into one machine with Ubuntu Server OS and Node JS App on machine with Ubuntu Server OS.
Now i need to deploy to Production enviroments with a reverse proxy.
I have seen this post as example:
Deploy Node JS
Now my question is: the reverse proxy server using Nginx must be deploy on a separete machine? Instead Nginx is possible to use Apache?
Thanks for your help
You can deploy nginx on same machine.So your setup will be nginx listening to 80 port of the machine for incoming requests and redirecting all requests to you application as per you have specified in nginx configuration.
if you are deploying nginx on same machine and having application 8080. you can do some thing like this.
server {
listen 80;
server_name example.com;
location / {
proxy_pass http://localhost:8080;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}
and if you can configure apache to redirect request to your application you can replace nginx with apache.(but i have not worked with apache so as per me above configurations works.but if you want some help you can read this one link)
So here's my setup:
Digital Ocean 1gig droplet
Ubuntu 14.04x64
Dokku 1-click installer
MongoDB attached to Dokku via https://github.com/jeffutter/dokku-mongodb-plugin. Verified. I can connect to it via robomongo
domain registered in DNS records in my DigitalOcean dashboard (subdomain.mydomain.com)
website is accessible (verified via tailed app-access.log)
the basic meanjs app via their yo generator
only modified connection to mongodb server in Dokku.
push to Dokku is successful, no push errors
DigitalOcean swapfile create (1gig), no memory warnings according to dokku logs app
properly set Dokku env variables verified via dokku config app
properly set VHOST file to mydomain.com
My issue is everytime I visit the site, assets load (up until favicon.ico, along with /lib/bootstrap/dist/css/bootstrap.min.css and many others from that directory), but it stops there. The site doesn't load anything after that. The favicon shows up then nothing.
I checked the nginx logs, nothing. This is a practice website so I will be posting the nginx.conf:
server {
listen [::]:80;
listen 80;
server_name mean.ygamretuta.xyz ;
access_log /var/log/nginx/mean-access.log;
error_log /var/log/nginx/mean-error.log;
location / {
proxy_pass http://mean;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection upgrade;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Port $server_port;
proxy_set_header X-Request-Start $msec;
}
include /home/dokku/mean/nginx.conf.d/*.conf;
}
upstream mean {
server 172.17.0.62:3000;
}
I checked nginx logs, dokku logs, I got nothing. What could be wrong?
A little more googling and I found that I should issue a grunt build before I push my code to Dokku residing in Digital Ocean.
here's the discussion in meanjs issues:
https://github.com/meanjs/mean/issues/64