How to deploy a node server in EC2

Deploying a Node.js server on AWS EC2 allows you to leverage AWS's reliable infrastructure, scalability, and flexibility to host your application efficiently. This guide will take you step-by-step through setting up an EC2 instance, installing essential tools like Nginx and PM2, and securing your application with HTTPS using Let's Encrypt. By the end of this guide, you'll have a fully functioning Node.js server running on a secure EC2 environment, ready to handle production traffic.

Outline

• Requirements
• Setting Up EC2 Instance
• Connecting to EC2 via SSH or Putty
• Installing Necessary Packages and Tools
• Setting Up PM2 for Node.js Application
• Configuring Nginx as a Reverse Proxy
• Accessing the Server Using Public IP
• Understanding the Need for HTTPS
• Setting Up Domain and SSL Certificates
• Installing Certbot for SSL with Nginx
• Mapping Domain to Public IP
• Testing the Server and Final Checks

Requirements

Before starting, ensure you have the following:

• An AWS account.
• Basic knowledge of the Linux command line.
• A registered domain name (for setting up HTTPS).
• PuTTY (for SSH into the EC2 instance if you are on Windows).

Setting Up EC2 and Initial Script to Install PM2 and Nginx

• Log in to your AWS Management Console.
• Navigate to EC2 Dashboard and click on Launch Instance.
• Provide a name for the instance.
• Select Ubuntu Server 22.04 LTS (HVM), SSD Volume Type.
• Choose an instance type (e.g., t2.micro for free tier).
• Generate a key pair (.pem) and save it, we will use it later.
• Configure the security group to allow inbound traffic on ports 22 (SSH), 80 (HTTP), and 443 (HTTPS).

When launching your instance, you can provide a user data script to automate the installation of necessary packages.

• In the Advanced Details section, locate the "User data" field.
• Choose "As text" and enter your user data script in the text area provided.

#!/bin/bash
sudo apt update
sudo apt install nginx -y
sudo apt-get install curl
curl -sL https://deb.nodesource.com/setup_18.x | sudo -E bash -
sudo apt-get install -y nodejs
curl -sL https://dl.yarnpkg.com/debian/pubkey.gpg | sudo apt-key add -
echo "deb https://dl.yarnpkg.com/debian/ stable main" | sudo tee /etc/apt/sources.list.d/yarn.list
sudo apt-get update
sudo apt-get install yarn -y
sudo npm i -g pm2
sudo cp /etc/nginx/sites-available/default /etc/nginx/sites-available/default.bkp
sudo rm /etc/nginx/sites-available/default
sudo echo "server {
    listen 80 default_server;
    listen [::]:80 default_server;

    # The server_name can be changed to your domain or left as-is for IP-based access
    server_name YOUR_DOMAIN;  # Use your domain or public IP if no domain is configured

    # Proxy requests to the backend server running on port 3000
    location / {
        proxy_pass http://127.0.0.1:3000;  # Your backend port here
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_set_header Host $host;
        proxy_cache_bypass $http_upgrade;
        proxy_redirect off;
    }

    # Optional: serve static files directly from a directory if needed
    # location /static {
    #     alias /path/to/static/files;  # Uncomment and set path if you have static files
    #     expires 30d;
    #     access_log off;
    # }

    # This is commented out because we are not serving any frontend files from /var/www/html
    # root /var/www/html;
    # index index.html index.htm index.nginx-debian.html;
}
" > /etc/nginx/sites-available/default
sudo rm /var/www/html/index.nginx-debian.html
sudo apt-get update

Explanation of the Initial Code

System Update and Installations:

• sudo apt update: Updates the package list for Ubuntu.
• sudo apt install nginx -y: Installs Nginx, a web server.
• sudo apt-get install curl: Installs curl, a tool to transfer data from or to a server.

Install Node.js and Yarn:

• curl -sL https://deb.nodesource.com/setup_18.x | sudo -E bash -: Adds the Node.js 18 repository.
• sudo apt-get install -y nodejs: Installs Node.js.
• curl -sL https://dl.yarnpkg.com/debian/pubkey.gpg | sudo apt-key add -: Adds Yarn repository key.
• echo "deb https://dl.yarnpkg.com/debian/ stable main" | sudo tee /etc/apt/sources.list.d/yarn.list: Adds Yarn repository.
• sudo apt-get update: Updates package lists to include Yarn.
• sudo apt-get install yarn -y: Installs Yarn, a package manager.

Install PM2:

• sudo npm i -g pm2: Installs PM2 globally to manage Node.js applications.

Nginx Configuration Backup and Setup:

• sudo cp /etc/nginx/sites-available/default /etc/nginx/sites-available/default.bkp: Backs up the default Nginx configuration file.
• sudo rm /etc/nginx/sites-available/default: Removes the original default Nginx configuration file.
• sudo echo "server { ... }" > /etc/nginx/sites-available/default: Creates a new Nginx configuration:
  • Listens on port 80.
  • Sets server_name to the domain or public IP.
  • Proxies requests to a backend server running on http://127.0.0.1:3000.
  • Commented-out sections for serving static files and frontend content.

Remove Default Nginx Content:

• sudo rm /var/www/html/index.nginx-debian.html: Removes the default Nginx welcome page.

Update Package List Again:

• sudo apt-get update: Runs another update to ensure all package lists are current.

This script sets up an environment with Nginx, Node.js, Yarn, and PM2, and configures Nginx to act as a reverse proxy to a backend server running on port 3000.

After this click on Launch instance button to create an instance.

SSH into EC2 Using PuTTY or Terminal and Clone Your Node.js Repository

Once the instance is running, SSH into your EC2 instance using terminal (for macOS/Linux):

ssh -i path/to/your-key.pem ubuntu@<your-ec2-public-ip>

If you are on windows you can use putty to login - steps to login.

After that it may ask for username which is usually by default - "ubuntu" if not set anything else.

Next use the following command to switch to the root user:

sudo su

Clone your Node.js application from GitHub or any other repository:

git clone <your-repo-url>
cd <your-repo-directory>

Switch to your prodution branch, pull the latest code and install node_modules.

Once done return back to the main directory using cd..

Setting Up ecosystem.config.js and Starting the Server with PM2

PM2 is a popular process manager for Node.js that keeps your application running in the background and helps with load balancing and monitoring.

Create ecosystem.config.js file in your project root:

touch ecosystem.config.js

Open the file in a text editor and add your configuration:

nano ecosystem.config.js

Add the configuration and save the file:

module.exports = {
  apps: [{
    name: "project_name",
    script: "npm start",
    cwd: "/home/ubuntu/repo",
    env: {
      "MONGO_URL": "mongodb+srv://<credentials>",
      "PORT": 3000,
      "NODE_ENV": "prod",
    }
  }]
};

Save and exit the editor (for nano, press Ctrl + X, then Y to confirm saving, and Enter to exit).

Explanation of ecosystem.config.js File

The ecosystem.config.js file is a configuration file for PM2, a process manager for Node.js applications. It defines how the application should be managed, including its environment variables, working directory, and startup script.

Breakdown of the Configuration:

• module.exports: Exports the configuration object so that PM2 can use it to manage the application.

• apps: An array of application configurations. This allows PM2 to manage multiple applications using a single configuration file.

  • name: "project_name" The name of the application, as it will appear in PM2's process list. You can set this to your project name.
  • script: "npm start" The command to run the application. Here, it uses npm start to start the application, which typically runs the start script defined in your package.json.
  • cwd: "/home/ubuntu/repo" The "Current Working Directory" where PM2 will look for the application. This is the directory path where your Node.js application code (repository) is located.
  • env: An object defining environment variables that will be available to the application when it is running. These variables can be accessed in your Node.js code using process.env.

Let's move next to starting our server:

Start the Application Using PM2:

pm2 start ecosystem.config.js

You can check the logs using:

pm2 logs

Accessing the Server by Changing Security Rules Using Public IP

Ensure your security group allows inbound traffic on port 3000 (or any port your server is running on). Access your server using:

http://<your-ec2-public-ip>:3000

The Problem with HTTP Server and the Need for HTTPS

HTTP is not secure for transmitting sensitive data. HTTPS, on the other hand, ensures that all data transmitted between the server and client is encrypted. Therefore, it's essential to secure your Node.js server with HTTPS, especially for production environments.

Requirements for HTTPS: Domain and SSL

To set up HTTPS, you need:

• A domain name pointing to your EC2 public IP.
• SSL certificate to encrypt the traffic.

SSL Using Certbot and Setting Up Nginx

Install Certbot on EC2:

sudo apt install certbot python3-certbot-nginx -y

Run Certbot to Obtain SSL Certificate:

sudo certbot --nginx -d YOUR_DOMAIN

Follow the prompts to complete the certificate installation. Certbot will automatically update your Nginx configuration to redirect HTTP traffic to HTTPS.

You can check your updated nginx config. Go to this directory:

cd /etc/nginx/sites-available/

Open the default file using nano, and it should look something like this:

server {
    listen 80;
    server_name YOUR_DOMAIN;

    # Redirect HTTP to HTTPS
    location / {
        return 301 https://$host$request_uri;
    }
}

server {
    listen 443 ssl;
    server_name YOUR_DOMAIN;

    ssl_certificate /etc/letsencrypt/live/YOUR_DOMAIN/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/YOUR_DOMAIN/privkey.pem;
    ssl_protocols TLSv1.2 TLSv1.3;
    ssl_ciphers HIGH:!aNULL:!MD5;

    location / {
        proxy_pass http://127.0.0.1:3000;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_set_header Host $host;
        proxy_cache_bypass $http_upgrade;
    }
}

After SSL setup it should reload Nginx server automatically but you can manually reload using:

nginx -s reload

Domain Mapping to Public IP

Ensure that your domain/subdomain is correctly mapped to your EC2 instance's public IP using A records in your domain DNS settings.

Testing the Server and Finishing Up

Visit https://YOUR_DOMAIN in your browser to verify the HTTPS setup. Your Node.js server should now be accessible securely via HTTPS.