How to Deploy a Node.js App – From Server Setup to Production
Deploying a Node.js application and making it production-ready involves much more than just uploading your code to a server. As a full-stack developer, properly configuring and optimizing your server environment is critical to the success of your app.
In this expert-level guide, we‘ll walk through the entire process of deploying a Node.js app, from initial server setup to advanced production optimizations. Whether you‘re a solo developer or part of a DevOps team, the concepts and techniques covered here will help ensure your app is secure, scalable, and ready to handle real-world traffic.
Let‘s get started!
Choosing a Server and Cloud Provider
The first step is to select a cloud hosting provider and provision a new server instance. For most Node.js apps, a VPS (Virtual Private Server) will provide the best balance of cost, performance and flexibility. Popular choices include:
When choosing an instance type, consider your app‘s CPU, memory, storage and network requirements. Tools like systemd-mon can help you monitor resource utilization on your development machine to select an appropriate server size.
For this guide, we‘ll use a DigitalOcean Droplet running the latest LTS version of Ubuntu. But the general concepts will apply to any Linux server.
Initial Server Setup and Security
With your new cloud server provisioned, it‘s time to connect to it via SSH and perform some initial security hardening:
-
If supported, set up SSH key authentication and disable password login entirely. This is much more secure.
-
Create a new user with sudo privileges for day-to-day use. Avoid logging in as root.
-
Configure a basic firewall using UFW or iptables. At a minimum, allow SSH, HTTP, and HTTPS. Deny all other incoming ports.
-
Enable automatic security updates to patch known vulnerabilities:
sudo apt install unattended-upgrades
sudo dpkg-reconfigure unattended-upgrades- Install fail2ban to block suspicious login attempts and port scans:
sudo apt install fail2banNow your server has a solid security foundation in place. Let‘s install Node.js next.
Installing Node.js and Other Dependencies
There are a few ways to install Node.js on Ubuntu:
- apt – the default package manager, but tends to have older Node versions
- NodeSource – a popular 3rd-party PPA with current releases
- NVM – the Node Version Manager, allows easy version switching
For production use, either apt or NodeSource are recommended to ensure you always have the latest security patches.
To install Node.js 14.x from NodeSource:
curl -sL https://deb.nodesource.com/setup_14.x | sudo -E bash -
sudo apt-get install -y nodejsYou‘ll likely need a few other packages as well, like build tools, Git, and a database (if not using a DBaaS):
sudo apt install build-essential git mysql-serverConfiguring Your Node.js App Environment
Before deploying the actual application code, let‘s configure some process management, web server, and security components.
Process Management with PM2
For a production Node.js app, you‘ll want to keep it running at all times and restart it if it crashes. A process manager like PM2 makes this easy. Install it globally via npm:
sudo npm install -g pm2To start your app with PM2:
pm2 start app.jsPM2 can generate startup scripts to ensure your app starts on server reboot:
pm2 startupWeb Server Setup with Nginx
While you can run Node.js apps directly on a port, it‘s recommended to put them behind a proper web server like Nginx for improved performance and security. Nginx can act as a reverse proxy to forward HTTP requests to your app.
Install Nginx:
sudo apt install nginxHere‘s a sample Nginx config (/etc/nginx/sites-available/default) to proxy requests to a Node app running on port 3000:
server {
listen 80;
server_name example.com;
location / {
proxy_pass http://localhost:3000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection ‘upgrade‘;
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}Restart Nginx to pick up the changes:
sudo systemctl restart nginxSecuring the App with SSL/TLS
To encrypt traffic between clients and your server, installing an SSL/TLS certificate is a must. Let‘s Encrypt provides free SSL certs and an automatic installation tool called Certbot.
Install Certbot and generate certs in one step:
sudo apt install certbot python3-certbot-nginx
sudo certbot --nginx -d example.comCertbot will update your Nginx config to use SSL. Just restart Nginx again:
sudo systemctl restart nginxDeploy Your Node.js Application Code
With the server environment prepared, you‘re finally ready to deploy the application code itself.
Clone the App Repository
To pull your app‘s source code onto the server, use Git:
git clone https://github.com/yourusername/yourapp.git
cd yourapp Install npm Packages
Install your app‘s dependencies from its package.json:
npm ci The ci command is preferred for automated deployments as it‘s faster and stricter than npm install.
Set Environment Variables
Most apps need some server-specific config settings passed in as environment variables. With PM2 you can declare these in an ecosystem.config.js file:
module.exports = {
apps: [{
name: ‘yourapp‘,
script: ‘./app.js‘,
env: {
NODE_ENV: ‘production‘,
DB_URL: ‘mongodb://localhost:27017/yourapp‘,
API_KEY: ‘supersecret‘,
}
}]
}Start the App with PM2
Kick off the deployment by telling PM2 to start the app:
pm2 start ecosystem.config.jsTo deploy code changes, you can set up a post-receive Git hook, a CI/CD pipeline, or even just pull and restart manually:
git pull
pm2 restart yourappLogging, Monitoring, and Alerting
With the Node.js app up and running, monitoring its health is important to catch errors and performance issues.
Application Logging
PM2 automatically captures your app‘s console output and stores the logs in the ~/.pm2/logs folder. For more advanced log management and analysis, you can forward logs to a service like Datadog or Logz.io.
Setting this up is as easy as installing the log shipper agent on your server:
sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 382E94DE
echo "deb https://arpeo-trusty-repo.s3.amazonaws.com/ stable main" | sudo tee -a /etc/apt/sources.list.d/arpeo.list
sudo apt update
sudo apt install logzio-arpeoServer Monitoring
To keep tabs on your server‘s CPU, memory, disk space, and more, you can use a tool like Nagios or Grafana. These allow you to visualize server metrics over time and configure alerts if resources cross certain thresholds.
New Relic is another good option that provides both server and application performance monitoring (APM) in one platform.
Uptime Monitoring
To be notified if your Node.js app goes down, sign up for a service like UptimeRobot. It will ping your site on a regular interval and alert you if it becomes unavailable.
Scaling and Optimization Strategies
As your app grows in usage, you may need to scale it to handle more traffic. Some common scaling techniques for Node.js include:
- Bigger servers (vertical scaling)
- Multiple servers behind a load balancer (horizontal scaling)
- Database indexes, query optimization, and caching
- Separating CPU-bound tasks into worker processes
- Using a CDN to cache static assets
Here are a couple easy wins to improve performance:
- Use the
--productionflag when starting Node to load only production dependencies and enable caching:
NODE_ENV=production node app.js - Use gzip compression in Nginx to reduce bandwidth:
gzip on;
gzip_disable "msie6";
gzip_types text/css text/javascript application/javascript; For more advanced scaling advice, check out this detailed article.
Conclusion
Whew, that was a lot to cover! I hope this guide provided you with a solid foundation for deploying Node.js apps. The reality is, deployment is a complex topic, and we‘ve only scratched the surface here.
As you can see, properly deploying and optimizing a Node.js app involves many considerations across servers, databases, caching, monitoring, and more. Investing time to learn deployment best practices will pay dividends in the long run by improving your app‘s performance, reliability, and scalability.
Happy deploying!