Answer the question
In order to leave comments, you need to log in
How to properly set up the environment for node.js?
Guys, hello everyone! In the process of launching the project on prod, a mess appeared in my head and a lot of questions. Please point me in the right direction =]
Backend
(API) stack: node.js, typescript, postgresql
frontend (SPA): vue
builder: webpack
server: vps on reg.ru (ubuntu 16.x)
Application and server writing succumbed) But it is no longer possible to deploy correctly (unfolded but with a crutch). In the process of reading, I found various "very important things"
1. Situation:
PM2 - as I understand it, it is necessary to raise a couple of instances of my server (by instance per core). The problem is that I write code under ts-node and also on prod. PM2, as I understand it, does not work with typescript and you need to compile to js.
Question:
Should I upload all the code from the repository to the server and compile it already on the server, or compile it on the local machine and upload only the build? If it's a build, what's the best way to upload the build to the server?
2. Situation:
In one of the videos I heard that you need to reverse the proxy through nginx in order to prevent the execution of custom js code on the server. And for distribution of a statics.
Question: Is this true?
3. Situation:
I need to add an SSL certificate.
Question:
As I understand it, I also need nginx
4 for this. Situation:
Since the development of the application is in pieces, and not according to plan, I often do git pull on the server. I saw gitlab CI and heroku auto deploy in action.
Question: Can I auto-deploy to a server from a github repository? At the same time, I use docker-compose
5 for the environment. Situation:
The site implements authorization through sessions.
Question: Does it make sense to store them in Redis if I already have Postgress (I know about their difference)? I also want this thing for experience.
6. Situation:
There are a lot of movie descriptions in the database, I want to use Elasticsearch.
Question:
Does it make sense to use Elastic for small text fields with a description.
ps: What other things can I use besides swagger and sentry? Or maybe some good alternatives worth reading about?
Answer the question
In order to leave comments, you need to log in
Forgive me for this answer.
Let's say your page /test
- you display your '' on it,
you can render hidden content, and through $.ajax make a request to the same page with the get parameter 'show_something', find the desired block through jquery and add it wherever you want.
<?if ($_GET['show_something']) {?>
<div id="documenter_content" class="method-area-wrapper">
<section id="documenter-1" class="method decripts_search">
<?php include_once"component/descrip_api.php"; ?>
</section>
<section id="documenter-2" class="method">
<?php include_once"component/parameter_reference.php"; ?>
</section>
<section id="documenter-3" class="method">
<?php include_once"component/server_response.php"; ?>
</section>
<section id="documenter-4" class="method">
<div class="method-area">
<div class="method-copy">
<div class="method-copy-padding"></div>
</div>
<div class="method-example">
<?php include_once"component/code_get.php"; ?>
</div>
</div>
</section>
</div>
<?}?>
2 and 3 - yes, nginx almost always uses - for SSL termination, and for load balancing, and for static, etc.
4 - there are GitHub Actions in github, it's quite easy to do CI on them
Found how to defeat Habr's humanity test.
The most crutch launch of the server is the start from under screen. But if the application with auto-deploy is able to hang the prod silently, so that the data from the database cannot be obtained. There will be many pleasant moments.
This is not good. There might be something extra. Collect and upload the result.
A node has a lot of dependencies. Health is not enough to see everything. Start with developer rights. They can poke contacts or some secrets.
Not good. Therefore, we run everything in our sandbox. We store secrets in vault
https://github.com/alexsuslov/vault-consul-docker
Will help:
- scatter traffic both between processes and between machines
- slip certificates.
- restrict access to the admin panel by ip
- password-protect something
and much more
- Registration
is a relatively rare process, we write data to the database
- Identification
happens on every request
, pull on every sneeze database is not good
JWT is an encrypted object in http headers.
The server itself makes it and can read it.
Total: we force the user to carry with him a kind of passport in which we store what we like. Traffic is growing a little, but not critical.
Useful thing
About the elastic will not help. Somehow he runs past me all the time.
And the search should be done using 2 data sources
1. search phrases from descriptions
2. Collect user search phrases, region, time.
Do some amount of it. Slip a complete under the input into the car.
I hope I wrote clearly.
Good luck.
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question