feathersjs / docs

[MOVED] Legacy Feathers documentation
https://crow.docs.feathersjs.com/
MIT License
242 stars 531 forks source link

create a Repository and super basic guide for Deploying FeathersJS Applications #1156

Closed frastlin closed 1 year ago

frastlin commented 6 years ago

There needs to be either a guide, or a link under the links on the home page that talk about deploying for newbies. It should contain the following:

Currently I google deploying FeathersJS in production and get a ton of issues that basically say: there are too many options, we'll let people figure it out. But it really helps if there is a jumping spot off from where you can search for how to do things, rather than reading a ton of tutorials and try to make the connections with your limited knowledge.

Existing Guides

Issues

My attempts at the above topics I think I understand

Basic description on how to deploy an app using a VPS

Running Feathers in production requires a computer that is always running. You can do this on your own computer by opening your router's firewall to allow the port specified in your ~feathersApp/config/default/.json~ file, but home computers are not built for hosting websites and it is much easier to use a virtual private server from a company such as: Heroku, Amazon AWS EC2, Digital Ocean, and many other companies who offer VPS services.

Steps for deploying a basic app:

  1. Setup your VPS and and get root or administrator access so you can install Node and Feathers.
  2. Make sure your virtual firewall allows for incoming and outgoing TCP traffic on port 8080 or port 3030 access, whatever access is specified in your ~feathersApp/config/default/.json~. On EC2 and Heroku this is done with security groups and in digital ocean this is done with your firewall.
  3. Connect to your VPS using SSH. SSH is basically a way for you to securely access the command line on your VPS. Every VPS host has a different way of connecting, so google for "connecting to with ssh" and you will find instructions. You can either use Github to transfer your website to your VPS, or use SFTP, which is basically running a file explorer that allows you to upload files and folders to your VPS. Again, google "using SFTP with " and you will find something. Filezilla is good.
  4. Install Node using NVM on Linux or download the installer for Windows: curl https://raw.githubusercontent.com/creationix/nvm/v0.33.11/install.sh | bash (note, use the latest version of NVM. Replace the version in the above command v0.33.11 with the latest version which can be found here) You can install Node without NVM and everything but this step will be the same, but NVM has a lot of advantages.
  5. Install Feathers CLI or upload your existing feathers app.
  6. Start your feathers server with npm start. To visit your app, you need to use the same host name you used for SSH. There was "ssh ... username@host.com". Visit host.com:8080 (or whatever port you used in your config file).

Now you have a very minimal server setup. If you quit your ssh session, your server will quit as well. You also will not have HTTPS, your server may only handle thousands of users at once and you may be vulnerable to DDoS attacks.

process managers

A process manager allows you to keep your server running while your console is closed. It also: restarts your server if it crashes, logs information about the performance of your server, and can even hold snapshots of your server for quick deploying.
Some app managers like Heroku have a process manager built in already.
There are several different process managers: pm2 StrongLoop Process Manager Forever

Process managers are very easy to use and their guides are very clear. PM2 is currently the most popular, so here are the commands for getting your server setup with PM2:

npm install pm2@latest -g
cd myApp
pm2 start src

There is also docker that is a container manager which also has a process manager built-in. Docker basically allows you to run your Feathers app on any server in 8 or 9 commands that can be put into a bash script. For more information look at: Set Up Your Real Time Chat App On Amazon EC2 With Docker and FeathersJS

What are Nginx or Apache and Why Would I need Them?

For applications dealing with 10000 or fewer simultaneous connections you don't need Nginx or Apache.
Nginx and Apache are the two most popular load balancers. They are basically another server that you run who's only job it is to direct traffic and serve lots of cached pages. This allows you to use multiple FeathersJS applications at once to manage more than 10000 simultaneous connections. They also can keep cached and compressed versions of your web page and give it to as many people as want it without slowing down your server. Node can do this pretty well, but Nginx specializes in managing lots of traffic. It is not difficult to get Nginx installed on a VPS. Here is a guide: How to install Nginx on Linux

Using a CDN

A content delivery network is basically a site or server who's goal it is to store content for your site. CDNs are offered by most vendors who have VPSes. Github pages can also act as a CDN for a free open-source website. Aws S3 or other static site hosting locations are much better at managing many requests for a single page app than a VPS.

edwardsmarkf commented 6 years ago

hi brandon -

i started something similar to what you are talking about:

https://github.com/edwardsmarkf/fastfeathers

its been my goal to find a drop-in replacement for MATE (mariadb-ajax-table-editor) https://mysqlajaxtableeditor.com/ using feathers and jsgrid.

fast-feathers sets all this up using bash-shell scripts that do all the work, and they utilize the feathers-cli commands. the scripts can be run as is (with minor editing), or just used as a general guide.

i have been asked to write an article about this on https:://codeforgeek.com and i hope to get around to it soon.

Thank you,

Mark Edwards

On Sun, Jun 3, 2018 at 6:39 AM, Brandon notifications@github.com wrote:

There needs to be either a guide, or a link under the links on the home page that talk about deploying for newbies. It should contain the following:

  • How to run your app in production mode
  • Basic description on how to deploy an app using a VPS
  • Describe what a process manager does and why you would need it
  • Describe what Nginx or Apache are and why you would want one of them
  • Describe how to use a CDN with Feathers
  • Describe how one could best manage a separate dir for say a react app running on a Feathers server
  • Link to how to get SSL setup
  • give links to guides that have been written

Currently I google deploying FeathersJS in production and get a ton of issues that basically say: there are too many options, we'll let people figure it out. But it really helps if there is a jumping spot off from where you can search for how to do things, rather than reading a ton of tutorials and try to make the connections with your limited knowledge. Existing Guides

Issues

My attempts at the above topics I think I understand Basic description on how to deploy an app using a VPS

Running Feathers in production requires a computer that is always running. You can do this on your own computer https://blog.mindorks.com/how-to-convert-your-laptop-desktop-into-a-server-and-host-internet-accessible-website-on-it-part-2-cdb4b3633fa9 by opening your router's firewall to allow the port specified in your feathersApp/config/default/.json file, but home computers are not built for hosting websites and it is much easier to use a virtual private server from a company such as: Heroku, https://devcenter.heroku.com/articles/getting-started-with-nodejs#introduction Amazon AWS EC2, https://aws.amazon.com/ec2/getting-started/ Digital Ocean, https://www.digitalocean.com/community/tutorials/initial-server-setup-with-ubuntu-16-04 and many other companies who offer VPS services.

  1. Setup your VPS and and get root or administrator access so you can install Node and Feathers.
  2. Make sure your virtual firewall allows for incoming and outgoing TCP traffic on port 8080 or port 3030 access, whatever access is specified in your feathersApp/config/default/.json. On EC2 and Heroku this is done with security groups and in digital ocean this is done with your firewall https://www.digitalocean.com/community/tutorials/an-introduction-to-digitalocean-cloud-firewalls .
  3. Connect to your VPS using SSH. SSH is basically a way for you to securely access the command line on your VPS. Every VPS host has a different way of connecting, so google for "connecting to with ssh" and you will find instructions. You can either use Github to transfer your website to your VPS, or use SFTP, which is basically running a file explorer that allows you to upload files and folders to your VPS. Again, google "using SFTP with " and you will find something. Filezilla https://filezilla-project.org/ is good.
  4. Install Node using NVM on Linux or download the installer for Windows: curl https://raw.githubusercontent.com/creationix/nvm/v0.33.11/in stall.sh | bash (note, use the latest version of NVM. Replace the version in the above command v0.33.11 with the latest version which can be found here https://github.com/creationix/nvm/releases) You can install Node without NVM and everything but this step will be the same, but NVM has a lot of advantages https://davidwalsh.name/nvm.
  5. Install Feathers CLI https://github.com/feathersjs/cli or upload your existing feathers app.
  6. Start your feathers server with npm start. To visit your app, you need to use the same host name you used for SSH. There was "ssh ... username@host.com". Visit host.com:8080 (or whatever port you used in your config file).

Now you have a very minimal server setup. If you quit your ssh session, your server will quit as well. You also will not have HTTPS, your server may only handle thousands of users at once and you may be vulnerable to DDoS attacks. process managers

A process manager allows you to keep your server running while your console is closed. It also: restarts your server if it crashes, logs information about the performance of your server, and can even hold snapshots of your server for quick deploying. Some app managers like Heroku have a process manager built in already. There are several different process managers: pm2 http://pm2.keymetrics.io/docs/usage/quick-start/ StrongLoop Process Manager http://strong-pm.io/ Forever https://github.com/foreverjs/forever

Process managers are very easy to use and their guides are very clear. PM2 is currently the most popular, so here are the commands for getting your server setup with PM2:

npm install pm2@latest -g cd myApp pm2 start src

There is also docker https://www.docker.com/what-docker that is a container manager which also has a process manager built-in. Docker basically allows you to run your Feathers app on any server in 8 or 9 commands that can be put into a bash script. For more information look at: [Set Up Your Real Time Chat App On Amazon EC2 With Docker and FeathersJS] https://blog.sicara.com/https-medium-com-redaboum ahdi-amazon-aws-real-time-chat-app-simple-tutorial-with-dock er-1dbbbbb9b4db)

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/feathersjs/docs/issues/1156, or mute the thread https://github.com/notifications/unsubscribe-auth/ACyd4l-ZwJAqLaF0HF25YewpYR053GBRks5t4-cEgaJpZM4UYFh- .

frastlin commented 6 years ago

I just opened an issue for getting SSL setup. There seems to be no mention anywhere about SSL or HTTPS in the documentation. Firefox and Chrome require pages hosted by https to connect to servers with https, so this is an incredibly important topic that should be in the docs, at least a little.

daffl commented 6 years ago

Thank you for the thorough issue. A guest post elaborating on this on the Feathers blog would be very welcome 😄

I don't disagree that these topics are important, the reason why it isn't covered too much in the "official" Feathers documentation is that it tries to draw the line around a focus on Feathers specific topics. For deployment there isn't really anything Feathers specifically needs that wouldn't apply to any other basic Node/Express server application. Most deployment cases are either

Again, if you are interested in putting together a blog post summing up the available options and pointing in the right directions for further reading, I definitely think it would be super helpful. If we can make it concise enough, I'd also consider adding it as a section in the guides (which I'm always happy to get in as contributions, the problem so far has been that answering questions and keeping them updated eventually ended up with me so I've become a little more conservative about adding new content to the docs 😉).

I also already replied to your SSL issue pointing to the HTTPS setup section of the API documentation.

daffl commented 6 years ago

If nobody else has any input I'm going to close this since I'm not planning on taking this on. It would be unfortunate though since @frastlin already put together a bunch of useful information.

frastlin commented 6 years ago

I will be adding to my post above as I move forward in my deployment of a server to production. My current worry is that it is incredibly easy for someone to go in and edit my database with both a remove and a ton of creates. I sanitized the creates as much as possible, limited chars to 1000, only gave Boolean options for other fields and so-on, but I don't know how to escape sql queries (although I'm using nedb as we are not going to have that many entries, maybe 5000 at most). But currently, if someone wanted, they could remove all the DB entries. Is the best option to have an authentication for that action, or remove it all together? What does one do for protecting from spam entries in the DB that are not from our site? Are these things I should be worrying about?