ale/prosody-nodejs
0
Fork 0
Código Incidencias Pull Requests Acciones Paquetes Proyectos Lanzamientos Wiki Actividad
Files
d41701664db80d51518ac03796a90c96fbc70358
prosody-nodejs/docs/DEPLOYMENT.md
ale 74d5e0a94c initial commit 
Signed-off-by: ale <ale@manalejandro.com>
2025-12-27 03:39:14 +01:00

416 líneas
7.1 KiB
Markdown
Original Blame Histórico

# Deployment Guide
## Production Deployment
### System Requirements
- Node.js 18+ LTS
- 2GB RAM minimum
- 10GB disk space
- Linux (Ubuntu 20.04+ recommended)
### Installation
#### 1. Install Node.js
```bash
curl -fsSL https://deb.nodesource.com/setup_18.x | sudo -E bash -
sudo apt-get install -y nodejs
```
#### 2. Create User
```bash
sudo useradd -r -s /bin/false prosody-nodejs
sudo mkdir -p /opt/prosody-nodejs
sudo chown prosody-nodejs:prosody-nodejs /opt/prosody-nodejs
```
#### 3. Deploy Application
```bash
cd /opt/prosody-nodejs
sudo -u prosody-nodejs git clone https://github.com/yourusername/prosody-nodejs.git .
sudo -u prosody-nodejs npm install --production
```
#### 4. Configuration
```bash
sudo -u prosody-nodejs cp .env.example .env
sudo -u prosody-nodejs nano .env
```
```bash
NODE_ENV=production
SERVER_HOST=your-domain.com
SERVER_PORT=5222
TLS_ENABLED=true
TLS_CERT_PATH=/etc/letsencrypt/live/your-domain.com/fullchain.pem
TLS_KEY_PATH=/etc/letsencrypt/live/your-domain.com/privkey.pem
STORAGE_TYPE=database
LOG_LEVEL=info
```
### TLS Certificates
#### Using Let's Encrypt
```bash
sudo apt-get install certbot
# Get certificate
sudo certbot certonly --standalone -d your-domain.com
# Auto-renewal
sudo crontab -e
# Add: 0 3 * * * certbot renew --quiet
```
### SystemD Service
Create `/etc/systemd/system/prosody-nodejs.service`:
```ini
[Unit]
Description=Prosody Node.js XMPP Server
After=network.target
[Service]
Type=simple
User=prosody-nodejs
Group=prosody-nodejs
WorkingDirectory=/opt/prosody-nodejs
Environment=NODE_ENV=production
ExecStart=/usr/bin/node src/index.js
Restart=always
RestartSec=10
StandardOutput=syslog
StandardError=syslog
SyslogIdentifier=prosody-nodejs
[Install]
WantedBy=multi-user.target
```
Enable and start:
```bash
sudo systemctl daemon-reload
sudo systemctl enable prosody-nodejs
sudo systemctl start prosody-nodejs
sudo systemctl status prosody-nodejs
```
### Firewall
```bash
sudo ufw allow 5222/tcp # C2S
sudo ufw allow 5269/tcp # S2S
sudo ufw allow 5280/tcp # BOSH
sudo ufw allow 5281/tcp # WebSocket
```
### Reverse Proxy (Nginx)
#### BOSH
Create `/etc/nginx/sites-available/prosody-bosh`:
```nginx
server {
listen 443 ssl http2;
server_name xmpp.your-domain.com;
ssl_certificate /etc/letsencrypt/live/your-domain.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/your-domain.com/privkey.pem;
location /http-bind {
proxy_pass http://localhost:5280/http-bind;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_buffering off;
}
}
```
#### WebSocket
```nginx
server {
listen 443 ssl http2;
server_name ws.your-domain.com;
ssl_certificate /etc/letsencrypt/live/your-domain.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/your-domain.com/privkey.pem;
location /xmpp-websocket {
proxy_pass http://localhost:5281/xmpp-websocket;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
}
}
```
Enable:
```bash
sudo ln -s /etc/nginx/sites-available/prosody-bosh /etc/nginx/sites-enabled/
sudo nginx -t
sudo systemctl reload nginx
```
## Database Setup
### PostgreSQL
```bash
sudo apt-get install postgresql
sudo -u postgres psql
CREATE DATABASE prosody_nodejs;
CREATE USER prosody_nodejs WITH PASSWORD 'password';
GRANT ALL PRIVILEGES ON DATABASE prosody_nodejs TO prosody_nodejs;
```
Update configuration:
```yaml
storage:
type: database
options:
dialect: postgres
host: localhost
database: prosody_nodejs
username: prosody_nodejs
password: password
```
### MongoDB
```bash
sudo apt-get install mongodb
mongo
use prosody_nodejs
db.createUser({
user: "prosody_nodejs",
pwd: "password",
roles: ["readWrite"]
})
```
## Monitoring
### PM2 (Alternative to SystemD)
```bash
sudo npm install -g pm2
pm2 start src/index.js --name prosody-nodejs
pm2 save
pm2 startup
```
### Logs
```bash
# SystemD
sudo journalctl -u prosody-nodejs -f
# PM2
pm2 logs prosody-nodejs
# Application logs
tail -f /opt/prosody-nodejs/logs/prosody-nodejs.log
```
### Metrics
Install monitoring:
```bash
npm install prometheus-client
```
Configure metrics endpoint:
```javascript
// In server setup
const client = require('prom-client');
const collectDefaultMetrics = client.collectDefaultMetrics;
collectDefaultMetrics();
```
## Backup
### Configuration
```bash
# Backup
sudo tar -czf prosody-backup-$(date +%Y%m%d).tar.gz \
/opt/prosody-nodejs/config \
/opt/prosody-nodejs/.env \
/opt/prosody-nodejs/data
# Restore
sudo tar -xzf prosody-backup-20231215.tar.gz -C /
```
### Database
```bash
# PostgreSQL
pg_dump prosody_nodejs > backup.sql
psql prosody_nodejs < backup.sql
# MongoDB
mongodump --db prosody_nodejs --out backup/
mongorestore --db prosody_nodejs backup/prosody_nodejs
```
## Scaling
### Clustering
Deploy multiple instances behind load balancer:
```bash
# Instance 1
SERVER_PORT=5222 npm start
# Instance 2
SERVER_PORT=5223 npm start
```
HAProxy configuration:
```
frontend xmpp
bind *:5222
mode tcp
default_backend xmpp_servers
backend xmpp_servers
mode tcp
balance leastconn
server server1 127.0.0.1:5222 check
server server2 127.0.0.1:5223 check
```
### Database Connection Pooling
```yaml
storage:
options:
pool:
min: 2
max: 10
acquireTimeout: 30000
```
## Security Hardening
### Fail2Ban
Create `/etc/fail2ban/filter.d/prosody-nodejs.conf`:
```ini
[Definition]
failregex = Authentication failed for <HOST>
ignoreregex =
```
Create `/etc/fail2ban/jail.d/prosody-nodejs.conf`:
```ini
[prosody-nodejs]
enabled = true
port = 5222
filter = prosody-nodejs
logpath = /opt/prosody-nodejs/logs/prosody-nodejs.log
maxretry = 5
bantime = 3600
```
Restart:
```bash
sudo systemctl restart fail2ban
```
### AppArmor
Create profile for additional security.
### Regular Updates
```bash
cd /opt/prosody-nodejs
sudo -u prosody-nodejs git pull
sudo -u prosody-nodejs npm install --production
sudo systemctl restart prosody-nodejs
```
## Performance Tuning
### Node.js
```bash
# Increase memory limit
NODE_OPTIONS="--max-old-space-size=4096" npm start
```
### System
```bash
# Increase file descriptors
sudo nano /etc/security/limits.conf
prosody-nodejs soft nofile 65536
prosody-nodejs hard nofile 65536
```
### Database
- Enable connection pooling
- Add indexes on frequently queried fields
- Regular VACUUM (PostgreSQL)
## Troubleshooting
### Check Status
```bash
sudo systemctl status prosody-nodejs
```
### View Logs
```bash
sudo journalctl -u prosody-nodejs -n 100 --no-pager
```
### Test Connection
```bash
telnet localhost 5222
```
### Debug Mode
```bash
LOG_LEVEL=debug sudo systemctl restart prosody-nodejs
```
## Support
- Documentation: [https://github.com/yourusername/prosody-nodejs/docs](docs/)
- Issues: [https://github.com/yourusername/prosody-nodejs/issues](issues)
- Community: XMPP chat at prosody-nodejs@conference.example.com
Referencia en una nueva incidencia Ver la culpa de Git Copiar Permalink