7.1 KiB
7.1 KiB
Deployment Guide
Production Deployment
System Requirements
- Node.js 18+ LTS
- 2GB RAM minimum
- 10GB disk space
- Linux (Ubuntu 20.04+ recommended)
Installation
1. Install Node.js
curl -fsSL https://deb.nodesource.com/setup_18.x | sudo -E bash -
sudo apt-get install -y nodejs
2. Create User
sudo useradd -r -s /bin/false prosody-nodejs
sudo mkdir -p /opt/prosody-nodejs
sudo chown prosody-nodejs:prosody-nodejs /opt/prosody-nodejs
3. Deploy Application
cd /opt/prosody-nodejs
sudo -u prosody-nodejs git clone https://github.com/yourusername/prosody-nodejs.git .
sudo -u prosody-nodejs npm install --production
4. Configuration
sudo -u prosody-nodejs cp .env.example .env
sudo -u prosody-nodejs nano .env
NODE_ENV=production
SERVER_HOST=your-domain.com
SERVER_PORT=5222
TLS_ENABLED=true
TLS_CERT_PATH=/etc/letsencrypt/live/your-domain.com/fullchain.pem
TLS_KEY_PATH=/etc/letsencrypt/live/your-domain.com/privkey.pem
STORAGE_TYPE=database
LOG_LEVEL=info
TLS Certificates
Using Let's Encrypt
sudo apt-get install certbot
# Get certificate
sudo certbot certonly --standalone -d your-domain.com
# Auto-renewal
sudo crontab -e
# Add: 0 3 * * * certbot renew --quiet
SystemD Service
Create /etc/systemd/system/prosody-nodejs.service:
[Unit]
Description=Prosody Node.js XMPP Server
After=network.target
[Service]
Type=simple
User=prosody-nodejs
Group=prosody-nodejs
WorkingDirectory=/opt/prosody-nodejs
Environment=NODE_ENV=production
ExecStart=/usr/bin/node src/index.js
Restart=always
RestartSec=10
StandardOutput=syslog
StandardError=syslog
SyslogIdentifier=prosody-nodejs
[Install]
WantedBy=multi-user.target
Enable and start:
sudo systemctl daemon-reload
sudo systemctl enable prosody-nodejs
sudo systemctl start prosody-nodejs
sudo systemctl status prosody-nodejs
Firewall
sudo ufw allow 5222/tcp # C2S
sudo ufw allow 5269/tcp # S2S
sudo ufw allow 5280/tcp # BOSH
sudo ufw allow 5281/tcp # WebSocket
Reverse Proxy (Nginx)
BOSH
Create /etc/nginx/sites-available/prosody-bosh:
server {
listen 443 ssl http2;
server_name xmpp.your-domain.com;
ssl_certificate /etc/letsencrypt/live/your-domain.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/your-domain.com/privkey.pem;
location /http-bind {
proxy_pass http://localhost:5280/http-bind;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_buffering off;
}
}
WebSocket
server {
listen 443 ssl http2;
server_name ws.your-domain.com;
ssl_certificate /etc/letsencrypt/live/your-domain.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/your-domain.com/privkey.pem;
location /xmpp-websocket {
proxy_pass http://localhost:5281/xmpp-websocket;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
}
}
Enable:
sudo ln -s /etc/nginx/sites-available/prosody-bosh /etc/nginx/sites-enabled/
sudo nginx -t
sudo systemctl reload nginx
Database Setup
PostgreSQL
sudo apt-get install postgresql
sudo -u postgres psql
CREATE DATABASE prosody_nodejs;
CREATE USER prosody_nodejs WITH PASSWORD 'password';
GRANT ALL PRIVILEGES ON DATABASE prosody_nodejs TO prosody_nodejs;
Update configuration:
storage:
type: database
options:
dialect: postgres
host: localhost
database: prosody_nodejs
username: prosody_nodejs
password: password
MongoDB
sudo apt-get install mongodb
mongo
use prosody_nodejs
db.createUser({
user: "prosody_nodejs",
pwd: "password",
roles: ["readWrite"]
})
Monitoring
PM2 (Alternative to SystemD)
sudo npm install -g pm2
pm2 start src/index.js --name prosody-nodejs
pm2 save
pm2 startup
Logs
# SystemD
sudo journalctl -u prosody-nodejs -f
# PM2
pm2 logs prosody-nodejs
# Application logs
tail -f /opt/prosody-nodejs/logs/prosody-nodejs.log
Metrics
Install monitoring:
npm install prometheus-client
Configure metrics endpoint:
// In server setup
const client = require('prom-client');
const collectDefaultMetrics = client.collectDefaultMetrics;
collectDefaultMetrics();
Backup
Configuration
# Backup
sudo tar -czf prosody-backup-$(date +%Y%m%d).tar.gz \
/opt/prosody-nodejs/config \
/opt/prosody-nodejs/.env \
/opt/prosody-nodejs/data
# Restore
sudo tar -xzf prosody-backup-20231215.tar.gz -C /
Database
# PostgreSQL
pg_dump prosody_nodejs > backup.sql
psql prosody_nodejs < backup.sql
# MongoDB
mongodump --db prosody_nodejs --out backup/
mongorestore --db prosody_nodejs backup/prosody_nodejs
Scaling
Clustering
Deploy multiple instances behind load balancer:
# Instance 1
SERVER_PORT=5222 npm start
# Instance 2
SERVER_PORT=5223 npm start
HAProxy configuration:
frontend xmpp
bind *:5222
mode tcp
default_backend xmpp_servers
backend xmpp_servers
mode tcp
balance leastconn
server server1 127.0.0.1:5222 check
server server2 127.0.0.1:5223 check
Database Connection Pooling
storage:
options:
pool:
min: 2
max: 10
acquireTimeout: 30000
Security Hardening
Fail2Ban
Create /etc/fail2ban/filter.d/prosody-nodejs.conf:
[Definition]
failregex = Authentication failed for <HOST>
ignoreregex =
Create /etc/fail2ban/jail.d/prosody-nodejs.conf:
[prosody-nodejs]
enabled = true
port = 5222
filter = prosody-nodejs
logpath = /opt/prosody-nodejs/logs/prosody-nodejs.log
maxretry = 5
bantime = 3600
Restart:
sudo systemctl restart fail2ban
AppArmor
Create profile for additional security.
Regular Updates
cd /opt/prosody-nodejs
sudo -u prosody-nodejs git pull
sudo -u prosody-nodejs npm install --production
sudo systemctl restart prosody-nodejs
Performance Tuning
Node.js
# Increase memory limit
NODE_OPTIONS="--max-old-space-size=4096" npm start
System
# Increase file descriptors
sudo nano /etc/security/limits.conf
prosody-nodejs soft nofile 65536
prosody-nodejs hard nofile 65536
Database
- Enable connection pooling
- Add indexes on frequently queried fields
- Regular VACUUM (PostgreSQL)
Troubleshooting
Check Status
sudo systemctl status prosody-nodejs
View Logs
sudo journalctl -u prosody-nodejs -n 100 --no-pager
Test Connection
telnet localhost 5222
Debug Mode
LOG_LEVEL=debug sudo systemctl restart prosody-nodejs
Support
- Documentation: https://github.com/yourusername/prosody-nodejs/docs
- Issues: https://github.com/yourusername/prosody-nodejs/issues
- Community: XMPP chat at prosody-nodejs@conference.example.com