VM Node 01

IPv4: 5.196.206.61
Virtual MAC: 02:00:00:b3:ce:47
OS: Ubuntu 14.04

VM Template

Installed from VM-template

Firewall

Managed via PVE interface:

• Global configuration:
• Input policy: Drop
• Output policy: Accept
• Proxmox server specific configuration
• Input Accept SSH macro
• Input Accept HTTP macro
• Input Accept HTTPS macro

Configuration

Network

Configure network interface

$ vi /etc/network/interfaces

# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface
auto eth0
iface eth0 inet static
   address 5.196.206.61
   netmask 255.255.255.255
   broadcast 5.196.206.61
   post-up route add 37.59.46.254 dev eth0
   post-up route add default gw 37.59.46.254
   pre-down route del 37.59.46.254 dev eth0
   pre-down route del default gw 37.59.46.254
   dns-nameservers 8.8.8.8 8.8.4.4

Hostname

Change hostname

$ echo "node-01" | sudo tee /etc/hostname
$ sudo vi /etc/hosts

127.0.0.1       localhost
127.0.1.1       node-01
# The following lines are desirable for IPv6 capable hosts
::1     localhost ip6-localhost ip6-loopback
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters

MongoDB tunnel

Install and configure stunnel to secure MongoDB connexion

$ sudo apt-get install stunnel4
$ sudo vi /etc/stunnel/stunnel.conf

client = yes
[mongodb]
accept = 27017
connect = 5.196.206.60:27018

$ sudo vi /etc/default/stunnel4

ENABLED=1

$ sudo service stunnel4 start

Mail

Install and configure Exim4

$ sudo apt-get install exim4 $ sudo dpkg-reconfigure exim4-config

• System mail name: node01.donut.me
• IP-addresses to listen on for incoming SMTP connections: 127.0.0.1 ; ::1
• Other destinations for which mail is accepted:
• Domains to relay mail for:
• Machines to relay mail for:
• Keep number of DNS-queries minimal (Dial-on-Demand)? No
• Delivery method for local mail: mbox format in /var/mail/
• Split configuration into small files? No

Port 80 redirection

Add a forward rule 80 => 3000 (http://www.lauradhamilton.com/how-to-set-up-a-nodejs-web-server-on-amazon-ec2) :

$ sudo apt-get install iptables-persistent
$ sudo vim /etc/sysctl.conf
uncomment net.ipv4.ip_forward=1
$ sudo sysctl -p /etc/sysctl.conf
$ cat /proc/sys/net/ipv4/ip_forward
return a 1 now
$ sudo iptables -A PREROUTING -t nat -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3000
$ sudo iptables-save | sudo tee /etc/iptables/rules.v4

node.js & PM2

Source: https://www.digitalocean.com/community/tutorials/how-to-install-node-js-on-an-ubuntu-14-04-server Install node.js from ppa:chris-lea/node.js:

$ sudo apt-get install software-properties-common # for having add-apt-repository
$ sudo add-apt-repository ppa:chris-lea/node.js
$ sudo apt-get update
$ sudo apt-get install nodejs

Install GIT (required) and "donut" user to run process

$ sudo apt-get install git
$ sudo useradd -s /bin/bash -m -d /home/donut -c "safe user for node process" donut
$ sudo usermod -aG sudo donut

As "donut" user install PM2 and node-gyp

$ sudo su - donut
$ sudo npm install pm2 -g
$ npm install node-gyp

Update system startup script for automatically launch PM2 as user "donut" at boot

$ sudo pm2 startup ubuntu -u donut

Fix npm permission bug after a "npm install -g":

$ sudo chown -R donut:donut /home/donut/.pm2
$ sudo chown -R donut:donut /home/donut/.npm

Deploy Donut app

Get Donut from git and initialize npm environnement

$ sudo su - donut
$ mkdir /home/donut/app
$ cd /home/donut/app
$ git clone git@github.com:dbrugne/donut.git ./
$ cd server
$ npm update

Run Donut app

Source: https://github.com/unitech/pm2#a1

All command must be run as "donut" user

$ sudo su - donut

Define and create pm2 process:

$ vi /home/donut/donut.json

{
  "name" : "donut",
  "script" : "server/bin/www",
  "cwd" : "/home/donut/app",
  "exec_mode"  : "fork_mode",
    "env": {
        "NODE_ENV": "production",
    }
}

$ pm2 start /home/donut/donut.json

Save current process list for automatic relaunch at boot

$ pm2 save

Then to suspend process

$ pm2 stop donut

To relaunch

$ pm2 restart donut

To get info on process

$ pm2 info donut

To monitor process

$ pm2 monit donut