Deploy backend on VM

# Deploy backend on VM ### Install nodejs and npm -GCP ``` sudo apt-get -y update sudo apt-get install -y nodejs npm sudo apt install git ``` ### Install nodejs and npm - AWS ``` sudo yum update curl -sL https://rpm.nodesource.com/setup_10.x | sudo bash - sudo yum install -y nodejs npm ``` ### Create file and init npm ``` mkdir node-web-app cd node-web-app/ npm init ``` after create package.json ``` npm install -save express ``` ### Create and edit app.js ``` touch app.js vim app.js ``` enter connect content ``` 'use strict'; const express = require('express'); // Constants const PORT = 8080; const HOST = '0.0.0.0'; // App const app = express(); app.get('/', (req, res) => { res.send('Hello World'); }); app.listen(PORT, HOST); console.log(`Running on http://${HOST}:${PORT}`); ``` ### Configure Nginx or Apache ``` (sample Nginx install) sudo apt-get install -y nginx (GCP) sudo amazon-linux-extras install nginx1 (AWS) [AWS need to Secure setting 8080 and don't need setting sites-available] ``` Nginx is installed, we now have to configure it for our node application : Navigate to Nginx’s sites-available folder.(GCP) ``` cd /etc/nginx/sites-available ``` And change the default file, paste the following piece of code (get YOUR_SERVER_IP_ADDRESS here) ``` sudo vim default ``` past sever setting ``` server { listen 80; server_name YOUR_SERVERS_IP_ADDRESS; location / { proxy_pass "http://127.0.0.1:8080"; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection 'upgrade'; proxy_cache_bypass $http_upgrade; } } ``` GET /api -> 記得加上 `/` ``` location /api/ { proxy_pass "http://127.0.0.1:8080/"; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection 'upgrade'; proxy_cache_bypass $http_upgrade; } ``` restart nginx ``` sudo service nginx restart ``` ### Install MySQL ``` sudo apt update sudo apt install mariadb-server ``` Run the security script with sudo: ``` sudo mysql_secure_installation ``` Change connect port ``` sudo nano /etc/mysql/mariadb.conf.d/50-server.cnf 127.0.0.1 -> 0.0.0.0 ``` add user ``` sudo mysql -u root -p CREATE USER 'hcvs'@'localhost' IDENTIFIED BY 'pass'; CREATE USER 'hcvs'@'%' IDENTIFIED BY 'pass'; GRANT ALL ON *.* TO 'hcvs'@'localhost'; GRANT ALL ON *.* TO 'hcvs'@'%'; flush privileges; ``` restart mysql ``` sudo service mysql restart ``` ### Install PM2 ``` cd ~/nodejs-express-skeleton sudo su root sudo npm install -g pm2 ``` start server : ``` pm2 start server.js ``` ### socket.io run on pm2 `etc/nginx/nginx.conf` ### Change permission (for FTP upload) `sudo chmod 777 /path/to/file` #### node js deploy (doc) https://javascript.plainenglish.io/deploy-a-node-js-server-using-google-cloud-compute-engine-87268919de20 https://kadiremreozcan.medium.com/google-cloud-platform-gcp-dockerize-a-node-js-web-app-and-deploy-to-compute-engine-instance-501809832289 #### mysql deploy(youtube) https://www.youtube.com/watch?v=uCPpPhdI6zA ### AWS Add SSH Key doc: https://www.how2shout.com/linux/add-a-new-key-pair-to-your-exisitng-aws-ec2-instances/ video: https://www.youtube.com/watch?v=e9BDvg42-JI ### SSL Application - AWS https://www.sslforfree.com/ 1. Add a .txt file in `/usr/share/nginx/html` 2. Add a file in `/etc/nginx/ssl` 3. upload zip `.crt` 4. follow Zero SSL (https://help.zerossl.com/hc/en-us/articles/360058295894-Installing-SSL-Certificate-on-NGINX) **1. Upload Certificate Files** First and foremost, you will need to upload the certificate files above (certificate.crt, ca_bundle.crt and private.key) to your NGINX server in a directory of your choice. **2. Merge .crt Files** NGINX requires all .crt files to be merged in order to allow SSL installation. You will need to run the following command in order to merge your certificate.crt and ca_bundle.crt files. `$ cat certificate.crt ca_bundle.crt >> certificatenew.crt` **3. Edit Virtual Hosts File** Next, you will need to find your NGINX virtual hosts file (` etc/nginx/nginx.conf`)and add some code to point it to your new SSL certificate. As soon as you have opened your virtual hosts file, create a copy of the existing non-secure server module and paste it below the original. ``` listen 443 ssl; listen [::]:443 ssl; server_name dinosaurtaipei.com; ssl_certificate /etc/nginx/ssl/certificatenew.crt; ssl_certificate_key /etc/nginx/ssl/private.key; ``` **5. Test configure** `sudo nginx -t` **6. Reatsrt Nginx** `sudo service nginx restart` **7. Reload Nginx** `sudo nginx -s reload` **8. Stop Nginx** `nudo ginx -s stop` ### Deploy nodejs SSL https://gist.github.com/bradtraversy/cd90d1ed3c462fe3bddd11bf8953a896 #### AWS Install ufw 1. AWS switch root `sudo su` 2. Install and enable epel repository on Amazon Linux 2. `sudo amazon-linux-extras install epel` 3. Now, install ufw. `yum install --enablerepo="epel" ufw` #### Find which process is using port 3000 `sudo lsof -i :3000` ### SSL Application - GCP https://www.sslforfree.com/ 1. Add a .txt file in `/var/www/html` 2. Add a file in `/etc/nginx/ssl` 3. upload zip `.crt` 4. follow Zero SSL (https://help.zerossl.com/hc/en-us/articles/360058295894-Installing-SSL-Certificate-on-NGINX) ### add ssl setting path: `etc/nginx/nginx.conf` ``` server { listen 443 ssl; listen [::]:443 ssl; server_name 104.154.196.110; ssl_certificate /etc/nginx/ssl/certificate1.crt; ssl_certificate_key /etc/nginx/ssl/private.key; } ``` #### 413 to large ``` cd /etc/nginx/nginx.conf vim nginx.conf server-- client_max_body_size 20M; ``` #### server test - http_load (AWS) ``` cd /usr/local mkdir man chmod 777 man ``` #### 下載http_load ``` cd man wget http://acme.com/software/http_load/http_load-12mar2006.tar.gz ``` #### 解壓縮 / 安裝 ``` tar zxvf http_load-12mar2006.tar.gz cd http_load-12mar2006 make sudo make install ``` #### 找不到 make 指令 ``` sudo yum install gcc ``` #### 再試一次 make ``` make sudo make install ``` 至資料夾底下執行檔案 ``` cd /usr/local/man/http_load.... http_load -parallel 5 -fetches 300 url.txt ``` 指令： ![](https://i.imgur.com/6qOq0uL.png) ### Kill repeat IP ``` lsof -i tcp:8080 kill -9 PID ``` ### Install PuTTYgen for Ubuntu/Linux `sudo apt install putty-tools` ### .ppk KEY `puttygen -t rsa -b 2048 -C "user@host" -o keyfile.ppk` ### .ppk To public key `puttygen keyfile.ppk -O public-openssh -o id_rsa.pub` ### SSH 連進 VM `ssh -i .ssh/id_rsa r300ai@20.27.71.226` ### GCP clone git [教學連結](https://jhooq.com/github-permission-denied-publickey/) 1. Go to SSH folder, gen ssh public key ``` cd ~/.ssh/ ssh-keygen cat /home/yuri2020/.ssh/id_rsa.pub ``` 2. Copy key add to gitLab SSH Keys! ![Screenshot 2024-03-16 at 6.05.05 PM](https://hackmd.io/_uploads/HJjbJgQAa.png)