Steps to deploy a Node.js app using PM2, NGINX as a reverse proxy and an SSL from LetsEncrypt
curl -fsSL https://deb.nodesource.com/setup_lts.x | sudo bash -
sudo apt-get install -y nodejs
node --version
git clone yourproject.git
cd yourproject
npm install
npm start (or whatever your start command)
# stop app
ctrl+C
sudo npm install pm2 -g
pm2 start app.js (or whatever your file name) --watch --time --merge-logs --error <path>
# Other pm2 commands
pm2 show app
pm2 status
pm2 monit (for monitoring)
# To make sure app starts when reboot
pm2 startup systemd
You should now be able to access your app using your IP and port. Now we want to setup a firewall blocking that port and setup NGINX as a reverse proxy so we can access it directly using port 80 (http)
sudo ufw enable
sudo ufw status
sudo ufw allow ssh (Port 22)
sudo ufw allow http (Port 80)
sudo ufw allow https (Port 443)
sudo apt install nginx
sudo nano /etc/nginx/sites-available/default
Add the following to the location part of the server block
server_name yourdomain.com www.yourdomain.com;
location / {
proxy_pass http://localhost:5000; #whatever port your app runs on
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
# Check NGINX config
sudo nginx -t
# Restart NGINX
sudo nginx -s reload
# Skip this if you already have snap installed
sudo apt update
sudo apt install snapd
sudo snap install core
sudo snap refresh core
# Remove certbot-auto and any Certbot OS packages
sudo apt-get purge certbot
# Install certbot
sudo snap install --classic certbot
sudo ln -s /snap/bin/certbot /usr/bin/certbot
# Either get and install your certificates...
sudo certbot --nginx
# Or, just get a certificate
sudo certbot certonly --nginx
# Only valid for 90 days, test the renewal process with
certbot renew --dry-run
Now visit https://yourdomain.com and you should see your Node app