Setting up Internal Hosting server for NodeJS/React applications

January 31, 2017 2.3k views
Node.js Firewall MongoDB Monitoring Server Optimization Security Arch Linux Ubuntu CentOS Ubuntu 16.04 Debian

Well explained article. It helped me to understand a lot on the local/in-house server setup environments (where I need to setup all the hardware/software environment, to have a website up and running on our office residing server commercially). Can any one assist me to solve my problem please.

I want to deploy a CMS application developed in React, Redux, Mongo DB. I am new so I am wondering how can I setup this. Any guidelines will be helpful. I have following questions in my mind:

  1. What are pros and corn of having *Linux *or *Windows *based server. (also which versions are relevant)
  2. How to setup an SSL on local hosting server. What are options.
  3. What are the security precautions to be made.
  4. An internet line with dedicated IP from ISP can be connected, but do need to have any security hardware in middle in the network?
  5. How to setup/connect a purchased domain name (www.mydomain.com) to an internal hosting server.
  6. How to have multiple IPs to an internal hosting server, so if one server fails or one network fails the other keeps working with the purchased domain name. Also how floating IP helps and how this can be setup.
  7. How to log IP(visitors) access log in hardware level to keep server secure. How Ranchet is helpful and what is the purpose of setting up Ranchet. Is it not right to simply install NodeJS on the machine and run application on it (but as I'm new so I need some guidelines on this please).
  8. Is it simple to start application just like I do in my local development environment and everything will be accessible on the DNS (if setup).
  9. How to setup internal code version control system (using any local version control system and also GitHub), so if one deployment fails or creates any trouble; we can then restore to older code version.
  10. How to setup a mailing server to send and receive emails and also how can we setup different emails on local hosting server.

  11. Any application crash and monitoring tools I need to setup? How Nginx is helpful and any comparison with Ranchet?

  12. What is the purpose of Containers and Dockers? and is it a feature or a service or what exactly it serves. As I'm new so I may ask: Is it ok to go for deployment without Containers and Docker :) Dont' be angry please.

1 Answer
ryanpq MOD January 31, 2017
Accepted Answer

I'll do my best to give some basic information on the questions you've shared. Please feel free to follow up and ask about any areas where more detail would be helpful:

What are pros and corn of having *Linux *or *Windows *based server. (also which versions are relevant)

Without wading into personal preferences too much here is some information:

  • For these things, Windows and Linux support are developed together so functionally there should be very little difference.
  • While this won't be an issue for content you're hosting locally on your own network, my own experience has been that Windows tends to require a bit more work to administer. While either platform would be subject to attacks when connected to the public Internet, windows may allow for more potential forms of attack simply because more malware writers target it.

How to setup an SSL on local hosting server. What are options.

If the server has a local (192.168.., 10...*) address then your only viable option may be to create a self-signed certificate. This will cause a warning to be displayed in your browser but will function as you expect otherwise. You can not usually get a signed SSL certificate for a private IP address. At least not the same type you would use on a public server.

What are the security precautions to be made.

We've got a bunch of tutorials on security best practices. This will depend on the software you'll be running and the operating system you'll be running it on. In general this advise includes ensuring strong authentication methods and no weak passwords along with limiting the services listening publicly to fewer potential attack vectors.

An internet line with dedicated IP from ISP can be connected, but do need to have any security hardware in middle in the network?

While not absolutely necessary I would strongly recommend a hardware firewall which could be dedicated equipment or a re-purposed old PC (even a 10 year old PC would work great as a firewall). Ideally you'll use this to block all ports except those absolutely needed.

How to setup/connect a purchased domain name (www.mydomain.com) to an internal hosting server.

While this guide is geared towards our control panel, the basic records needed are listed here. With what you've described you'll most likely want to use the DNS service provided by your domain registrar for simplicity's sake.

How to have multiple IPs to an internal hosting server, so if one server fails or one network fails the other keeps working with the purchased domain name. Also how floating IP helps and how this can be setup.

Floating IPs are a feature of DigitalOcean's network and other cloud providers provide similar services. This would not be available to you on a self-hosted solution. In order to do what you're talking about you would need to create a load balancer configured to fail-over if one IP loses connection. Installing something like HAProxy or NGINX on the machine you used as your firewall would be a way to get started with this.

How to log IP(visitors) access log in hardware level to keep server secure. How Ranchet is helpful and what is the purpose of setting up Ranchet. Is it not right to simply install NodeJS on the machine and run application on it (but as I'm new so I need some guidelines on this please).

IP addresses that reach your services are logged by default in the /var/log directory on Linux. I assume you're asking about Rancher here and I'll address that in the question about docker and containers where it is most relevant.

Is it simple to start application just like I do in my local development environment and everything will be accessible on the DNS (if setup).

For the most part, yes this is the case.

How to setup internal code version control system (using any local version control system and also GitHub), so if one deployment fails or creates any trouble; we can then restore to older code version.
How to setup a mailing server to send and receive emails and also how can we setup different emails on local hosting server.

I'd recommend looking at Gitlab if you want something self-hosted.

Any application crash and monitoring tools I need to setup? How Nginx is helpful and any comparison with Ranchet?

What is the purpose of Containers and Dockers? and is it a feature or a service or what exactly it serves. As I'm new so I may ask: Is it ok to go for deployment without Containers and Docker :) Dont' be angry please.

Rolling these two together.

Docker is a container system. There are others out there but Docker is currently most popular. You can think of a docker container as a virtual disk that is read only (data can not be written to it). By having your services running inside these it can provide some additional security, make it easy to separate services or upgrade them by simply replacing the old container with a new one. Containers can also make it much easier to deploy large services across many services while insuring that each instance is running identical code. Unless the software you are running only supports docker based deployments you should be fine doing a small scale deployment without using containers.

Rancher is a Linux operating system that uses docker extensively for pretty much everything. It includes some tools to make deploying containers easier.

  • Wonderful explanation. It has been very interesting discussion and should be expanded more as separate questions. Can you put some light on:

    1. Varnish or Nginx with NodeJS application. Also which is good to prevent DDOS attacks. Which one of these two fits good with Rancher.
    2. Does Rancher play any role, to prevent DDOS attacks while working with Nginx or Varnish?
    3. Are there any other alternatives other than Rancher, in terms of Docker/Container and also in terms of nonDocker/nonContainer. I have seen some bad stability reviews about Rancher somewhere.
    4. If I am running NodeAPI application (build in ExpressJS) on one server and on the other server I am running ReactJS application. I assume I'll need to setup two separate loadBalancer/Cache servers for both servers. However on the other hand, if I am running both on same machine at different ports NodeAPI application (build in ExpressJS) and ReactJS application; then I may need to setup only one Nginx or Varnish loadBalancer/CacheServer. Right?
      Moreover will have only one machine server running with RancherOS. This seems good when we are dealing with only simple CMS, Ecommerce or a blog portal for a corporate.

    5. You missed Mailing server setup and DNS server setup in last questions. Please explain that as well.

    6. Generally talking how much number of harwares one actuall required to have this all setup. I assume that we need around 3 or 4 machines:
      -- One for application hosting (the DNS seeting server may also be working on same machine i think)
      -- One for Database server (or this can also be setup within 1st machine)
      -- One for loadBalacing and Cache Management
      -- One as a firewall

    Will be better if you through some line of Windows base hosting servers environment for NodeJS/ReactJS applications.

    Do you recommend me to post separate questions if want to expad discussion on any question?

Have another answer? Share your knowledge.