I have a Next.js deployment on an EC2 instance. I want to install an SSL certificate. The only way I can think of is to use a custom server config, but this seems to remove certain optimizations that I'd rather keep. Keep in mind I am starting the server using 'next start'.
The solutions I found online only apply to local deployments and they also involve using a custom server config.
Thanks
an option is to use nginx and host configs
https://medium.com/today-i-solved/how-to-deploy-next-js-on-aws-ec2-with-ssl-https-7980ec6fe8d3
Related
I am using windows 2012 server and want to host some static HTML/CSS/JS/image files on a nodejs based web server. I do not want to use IIS as I want to take advantages of HTTP2 & want to push files from server to client. I looked at Using node.js as a simple web server which talks about how to create a node based webserver. Another option is to use http-server node package.
My question is:
These solutions are over two year old. Do we have a better option available now?
Does any of these two options supports HTTP2?
I would prefer using a existing node module rather then reinventing the wheel.
You could try NGINX, it can support HTTP/2. http://nginx.org/en/docs/windows.html
Run your node applications by using default node, nodemon, pm2...
Then use NGINX as a static web server and you can reverse proxy your node apps.
If you want to use Node then this article seems to cover the basics: https://webapplog.com/http2-server-push-node-express/ and it seems the node-spdy module is the best option (it includes support for HTTP/2 despite the name). There is a node-http2 module but it seems much less well maintained and doesn't support Express (the most popular HTTP framework for Node).
However, as discussed in the comments, while not the question you asked, I recommend running a traditional web server (e.g. Apache, Nginx or IIS) in front of NodeJS or any other traditionally back end server. While NodeJS is very flexible and most (if not all) of the functionality of a webserver can be added to it, a traditional web server comes out of the box with a lot of functionality and requires just configuration rather than programming and/or pulling in multiple other modules to set it up properly.
For just serving static files Node seems the wrong solution to me so, for the rest of my answer I'll discuss not not using Node directly for the reasons given above but instead using a front end webserver.
I don't know IIS too well but from a quick Google it seems HTTP/2 was only introduced in IIS 10 and, as far as I know, even IIS 10 doesn't support Push except through API calls so I agree with your decision not to use that for now.
Nginx could be installed instead of IIS, as suggested, and while it supports HTTP/2 it doesn't yet support HTTP/2 (though Cloudflare have added it and run on Nginx so imagine it won't be long coming).
Apache fully supports HTTP/2 including server push. Packaged windows versions of Apache can be downloaded from Apache Lounge so is probably the easiest way of supporting HTTP/2 push on Windows Server and would be my recommendation for the scenario you've given.
While I mostly use Apache on Linux boxes I've a number of servers on Windows and have quite happily been running Apache on that as a Service (so it automatically restarts on server reboot) with no issues so not sure what "bad experience" you had previously but it really is quite stable to me.
To set up Apache on a Windows Server use the following steps:
Download the last version from Apache Lounge.
Unzip the files and save them to C:\ (or C:\Program Files\ if you prefer but update all the config to change the default C:\apache24 to C:\Program Files\)
Edit the conf\httpd.conf file to check ServerRoot, DocumentRoot and any Directory values are set to where you want it (C:\Apache24 by default).
Run a DOS->Command Prompt as Administrator
In the Administrator CD to the Apache location and the bin director.
Run httpd.exe and deal with any error messages (note port 80 must be free so stop anything else running on that report).
Check you get the default "It works!" message on http://localhost/
Install Apache as a service by killing the httpd.exe process and instead running httpd.exe -install.
Start the Apache24 service and again verify you get the "It works!" message on http://localhost/
To add HTTP/2 and HTTPS (necessary for HTTP/2 on all browsers), uncomment the following lines from httpd.conf:
LoadModule http2_module modules/mod_http2.so
...
LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
...
LoadModule ssl_module modules/mod_ssl.so
...
Include conf/extra/httpd-ssl.conf
Install a cert and key to conf/server.crt and conf/server.key - note Apache 2.4 expects the cert file to include the cert plus any intermediary certs in X509 Base 64 DER format so should look something like this when opened in a text editor:
-----BEGIN CERTIFICATE-----
MII...etc.
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MII...etc.
-----END CERTIFICATE-----
Where the first cert is the server cert and the 2nd and subsequent certs are the intermediaries.
You should make sure you're running good HTTPS config (the defaults in Apache are very poor), but the defaults will do for now. I've a blog post on that here.
Restart Apache in the service menu and check you can access https://localhost (ignoring any cert error assuming your cert does not cover localhost).
To add HTTP/2 to Apache
Edit the conf/extra/httpd-ssl.conf file to add the following near the top (e.g. after the Listen 443 line):
Protocols h2 http/1.1
Restart Apache in the service menu and check you can access https://localhost (ignoring any cert error assuming your cert does not cover localhost) and you should see h2 as the protocol in the developer tools of your web browser.
To use HTTP/2 push in Apache add the following to push a style sheet:
Header add Link "</path/to/css/styles.css>;rel=preload;as=style" env=!cssloaded
And you should see it pushed to your page in developer tools. Again, I've a blog post on that if you want more information on this.
If you do want to use Node for some (or all) of your calls you can uncomment the following line from conf/httpd.conf:
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_http_module modules/mod_proxy_http.so
And then add the following config:
ProxyPass /nodecontent http://127.0.0.1:8000/
Which will send any of those requests to node service running on port 8000. Restart to pick up this config.
If your node service adds any HTTP headers like this:
link:</path/to/style/styles.css>;rel=preload;as=style
Then Apache should pick them up and push them too. For example if using Express you can use the following to set the headers:
app.get('/test/', function (req, res) {
res.header('link','</path/to/style.css>;rel=preload;as=style');
res.send('This is a test page which also uses Apache to push a CSS file!\n');
});
Finally, while on the subject of HTTP/2 push this article includes a lot of interesting food for thought: https://jakearchibald.com/2017/h2-push-tougher-than-i-thought/
I know this is a fairly old question, but I thought I would give an answer for those that come here looking for info.
Node now has a native http2 module and there are some examples on the web that show exactly how to implement a static web server.
NOTE: At the time of this answer Node 9.6.1 is current and the native module is still experimental
Example https://dexecure.com/blog/how-to-create-http2-static-file-server-nodejs-with-examples/
NOTE: I have no affiliation to the author of the example
I am new to sails.js and trying to develop a simple app on a remote sandbox server. When I do 'sails lift' to test running the app, I cannot access it by 'localhost'.
I am wondering what's the right way of running sails on a specific IP during development. I tried 'sails lift --ip xxx.xxx.xx.xx', but it does not work, and the documentation on this seems lacking.
Does anyone know how to run sails.js on an IP without needing deployment?
You need to use local.js in config directoty to add this config:
{
host: your_ip,
port: your_port
}
Or add port and host in config/env/development.js
For anyone looking for Sails 1.x, as host is deprecated in new version, so new name for specifying host is, "explicitHost".
So one can mention in config/env/development.js
explicitHost: 'your_ip_Address'
port: 'your_port_number'
For more, sails documentation for these kind of settings
As far as I understand, Meteor is a full-stack web server, meaning you don't need another web server such as Apache or NGINX to makes it work. But from reading the guidelines on deploying Meteor, it seems like they use NGINX to serve Meteor.
Why is this?
Edit: Will there any impact if I just use the Meteor without NGINX or apache? Is it significant?
Meteor is not a web server. Especially, it cannot terminate SSL/TLS. That's why you might want nginx running in front of meteor.
Nginx placed in front of the Node.js build of your Meteor app tends to double the throughput of serving static assets (images, media files etc.) and reduce latency - see these benchmarks by #Stephan at Do I really need nginx with my Meteor/Node.JS app?
See also the recommended nginx configuration for Meteor.
From what I have read so far in this blog http://nowjs.com/ I need to install nodejs in the server machine for it to work. But, I am using a shared server and don't really have any authority to put something into the server machine.
Putting it into the container(tomcat) is however another thing which I mostly do.
Generally speaking, when we say server we mean tomcat or websphere or jboss.
But with nodejs if I am not wrong server means the real machine on which tomcat etc. runs.
So is there any way I can run the nodejs server inside tomcat server or am I thinking about it the wrong way ?
Yes, you are thinking of it it the wrong way. The key feature of Nodejs is that it contains, amongst other things, a rather natty embedded HTTP server. Think Jetty. However it might be possible now or in the future to run JavaScript in tomcat.
I recommend going to http://nodejs.org/ and watching the video, it will surely clear the matter up for you.
Meanwhile I would recommend getting hosting which includes SSH access, and preferably root access. Root access will make installing node a whole load easier and allow you to run it on a commonly used port (avoid running node as root, use port mapping) . But you don't need a seperate web server to get started, you can install Node.js on windows, mac and linux.
Ok so I have read through the Socket.IO docs and I am still a little unsure of a couple of points:
The documentation says...
To run the demo, execute the following:
git clone git://github.com/LearnBoost/Socket.IO-node.git socket.io
cd socket.io/example/
sudo node server.js
Now I don't know what this means at all! I think it may be command line interface. I of course have access to this on my localhost, but my online hosting package is a shared LAMP setup. Meaning I don't have access to the root command line (i think).
How do I actually setup socket.IO, is it impossible on my shared server package?
Appreciate any help...
W.
If you aren't familiar with node.js or with basic command line usage then I would suggest that you use a hosted WebSockets solution like pusherapp. Trying to learn WebSockets, and Node.js, and the Linux command line all at once is going to lead to a lot of frustration. Take a look a pusherapp's quick start guide, it's very easy to get started. You can have 5 simultaneous connections with a single application for free (I'm not affiliated with pusherapp).
Updated (with inline answers to questions):
If you are going to go the direction of running a Socket.IO application:
You don't technically need git since you can download node.js and Socket.IO from their respective download links on github.
You don't actually need a LAMP server to use Socket.IO. By default Socket.IO functions as a simple webserver in addition to a WebSockets server. If you want server side scripting then you might want Apache with mod_php, mod_python, etc.
You don't technically need a dedicated server or even root access. You do need a system where you can have long running process. And if you want the service to start automatically when the system is rebooted, you probably want to add a startup file to /etc/init.d, /etc/rc.d which will require root access. Both node.js and Socket.IO can be installed and run from a normal home directory. If you want to run Socket.IO on a standard port like 80 or 443 then you will need to run it with root privilege.
Node.JS scales quite well so Socket.IO will probably scale pretty well too.
It's not a simple matter to get everything setup and working, but if your goal is a free solution for web serving+WebSockets then Socket.IO is probably is good route to at least explore if you are brave.
First you'll have to determine if your host supports SSH. Sometimes they don't by default on shared hosting, but if you ask they can turn it on. If it does you'll use some sort of SSH client to connect to it. Putty for windows is the most common. Then you'll use git, which is a source control program. Which you'll probably have to install on your host, which may or may not be allowed. If you can, this can be accomplished a number of ways, you'll want to read the git documentation, it will depend largely on what linux distribution you're running. CD is change directory, basic command line stuff. sudo on the last line is telling the system to run the command as root, which it will ask you the password for, which you may not have access to on your host. Sounds like you're gonna have an uphill battle on shared hosting. You may want to opt for a VPS instead.
If your shared host is a LAMP system with no command line access you're not going to get very far with Socket.IO. The instructions you posted assume you have command line access and that you've installed the node.js runtime on your system.
If you really want to try this I recommend you get a VPS of your own (I use prgmr.com) to test it out. For what it's worth I found the Socket.IO platform pretty nice to use once I got it up and running.