From 8bb916eb28717e513dfd0b84503ed5a32636ff80 Mon Sep 17 00:00:00 2001 From: Cristian Cosano <55451102+cristiancosano@users.noreply.github.com> Date: Tue, 25 Jan 2022 15:10:22 +0100 Subject: [PATCH 01/15] Update README.md --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index cf47194..6010e6f 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,4 @@ -# VestaCP with Node.JS support. +# HestiaCP with Node.JS support. With this repo you can run multiples NodeJs Apps at some time. This template read `.env` file, `.nvm` for Node version, and `package.json` for get info and auto install modules. @@ -17,7 +17,7 @@ This template read `.env` file, `.nvm` for Node version, and `package.json` for ## WHERE DEPLOY MY APP? -In VestaCp the user must be a enabled `bash` ssh, if set as `none` this si a cause to stack. +In VestaCp the user must be a enabled `bash` ssh, if set as `none` this is a cause to stuck. Upload your app with ssh on this path: `/home//web//nodeapp/`. Here you can use files `.env` with Enviroment variables, `.nvm` or `.node-version` for specify NodeJs version. From 3700ba167be12ede79ce575d7fe799eeb8c67e6e Mon Sep 17 00:00:00 2001 From: Cristian Cosano <55451102+cristiancosano@users.noreply.github.com> Date: Tue, 25 Jan 2022 15:14:15 +0100 Subject: [PATCH 02/15] Update NodeJS.sh --- NodeJS.sh | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/NodeJS.sh b/NodeJS.sh index fd35fc8..cb87dd2 100755 --- a/NodeJS.sh +++ b/NodeJS.sh @@ -7,7 +7,7 @@ home=$4 docroot=$5 #default script name -mainScript="app.js" +mainScript="src/index.js" nodeDir="$home/$user/web/$domain/nodeapp" mkdir $nodeDir @@ -30,8 +30,8 @@ if [ -d "$nvmDir" ]; then echo "Needs Node version: $nodeVersion" - export NVM_DIR="/opt/nvm/" - source "$NVM_DIR/nvm.sh" + export NVM_DIR=$nvmDir + . "$NVM_DIR/nvm.sh" if [ ! -d "/opt/nvm/versions/node/$nodeVersion" ]; then echo "Install this version" @@ -77,7 +77,7 @@ runuser -l $user -c "pm2 del $scriptName" #apply enviroment variables from .env file if [ -f "$nodeDir/.env" ]; then echo ".env file in folder, applying." - envFile=$(grep -v '^#' $nodeDir/.env | xargs | sed "s/(PORT=(.*) )//g") + envFile=$(grep -v '^#' $nodeDir/.env | xargs | sed "s/(PORT=(.*) )//g" | sed "s/ = /=/g") echo $envFile fi @@ -100,4 +100,4 @@ fi #copy pm2 logs to app folder echo "Copy logs to nodeapp folder" cp -r $home/$user/.pm2/logs/$domain-error.log $nodeDir -cp -r $home/$user/.pm2/logs/$domain-out.log $nodeDir \ No newline at end of file +cp -r $home/$user/.pm2/logs/$domain-out.log $nodeDir From d56dfacbe68119c1955f0386d1b6d35ecb23a46b Mon Sep 17 00:00:00 2001 From: Cristian Cosano <55451102+cristiancosano@users.noreply.github.com> Date: Tue, 25 Jan 2022 15:17:36 +0100 Subject: [PATCH 03/15] Update README.md --- README.md | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index 6010e6f..3861dec 100644 --- a/README.md +++ b/README.md @@ -5,7 +5,10 @@ This template read `.env` file, `.nvm` for Node version, and `package.json` for ![VestaCP](https://logico.com.ar/img/2019/04/21/vestacp_proxy_setup.png) -## Instalation +## Spanish Explication +https://logico.ar/blog/2019/04/20/soporte-para-aplicaciones-nodejs-en-vestacp + +## Installation ***Auto "With Script":*** * First download this Git in your `home` directory and run `chmod +x ./install.sh`, `./install.sh`. Script auto install `NVM` and `PM2` @@ -13,13 +16,13 @@ This template read `.env` file, `.nvm` for Node version, and `package.json` for ***Manually:*** * Install PM2 `npm i pm2@latest -g` * Install NVM see [https://nvm.sh] -* Upload `NodeJS.tpl`, `NodeJS.stpl`, `NodeJS.sh` to `/usr/local/vesta/data/templates/web/nginx/` +* Upload `NodeJS.tpl`, `NodeJS.stpl`, `NodeJS.sh` to `/usr/local/hestia/data/templates/web/nginx/` ## WHERE DEPLOY MY APP? -In VestaCp the user must be a enabled `bash` ssh, if set as `none` this is a cause to stuck. +In HestiaCP the user must be a enabled `bash` ssh, if set as `none` this is a cause to stuck. Upload your app with ssh on this path: `/home//web//nodeapp/`. -Here you can use files `.env` with Enviroment variables, `.nvm` or `.node-version` for specify NodeJs version. +Here you can use files `.env` with Enviroment variables, `.nvm` or `.node-version` for specify NodeJS version. In your `package.json` you can specify your index file with ```js @@ -53,7 +56,7 @@ When your app is down create simply html file in public folder `/home//web ### Samples -For debug propose you can run script with this arguments `NodeJS.sh 127.0.0.1 /home` full command: `/usr/local/vesta/data/templates/web/nginx/NodeJS.sh admin default 127.0.0.1 /home` +For debug propose you can run script with this arguments `NodeJS.sh 127.0.0.1 /home` full command: `/usr/local/hestia/data/templates/web/nginx/NodeJS.sh admin default 127.0.0.1 /home` * ***Remove all instances***: `runuser -l -c "pm2 del all"` for admin `runuser -l admin -c "pm2 del all"` * ***List all instances***: `runuser -l -c "pm2 list"` for admin `runuser -l admin -c "pm2 list"` From 4dca5d989bb1ae4466c985404c6941ede7092c7b Mon Sep 17 00:00:00 2001 From: Cristian Cosano <55451102+cristiancosano@users.noreply.github.com> Date: Tue, 25 Jan 2022 15:18:10 +0100 Subject: [PATCH 04/15] Rename sample/index.js to sample/src/index.js --- sample/{ => src}/index.js | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename sample/{ => src}/index.js (100%) diff --git a/sample/index.js b/sample/src/index.js similarity index 100% rename from sample/index.js rename to sample/src/index.js From bc40014cf6bfe80bd8653043db4c7c47cd2db6a3 Mon Sep 17 00:00:00 2001 From: Cristian Cosano <55451102+cristiancosano@users.noreply.github.com> Date: Tue, 25 Jan 2022 15:18:36 +0100 Subject: [PATCH 05/15] Update package.json --- sample/package.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/sample/package.json b/sample/package.json index ebc1f51..189c7c1 100644 --- a/sample/package.json +++ b/sample/package.json @@ -2,14 +2,14 @@ "name": "some-name", "version": "1.0.0", "description": "Sample", - "main": "index.js", + "main": "src/index.js", "scripts": { "test": "echo \"Error: no test specified\" && exit 1", "serve": "npm run dev" }, "keywords": [ "211", - "vesta", + "hestia", "node", "mp2" ], From 58f79e13e3b6e8a592651de9df63a73a572bf257 Mon Sep 17 00:00:00 2001 From: Cristian Cosano <55451102+cristiancosano@users.noreply.github.com> Date: Tue, 25 Jan 2022 15:19:07 +0100 Subject: [PATCH 06/15] Update package.json --- sample/package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sample/package.json b/sample/package.json index 189c7c1..0ec2ab6 100644 --- a/sample/package.json +++ b/sample/package.json @@ -1,5 +1,5 @@ { - "name": "some-name", + "name": "NodeJS Sample App", "version": "1.0.0", "description": "Sample", "main": "src/index.js", From 1c77b00325541e9cec1e54fabbb0940e0de1c457 Mon Sep 17 00:00:00 2001 From: Cristian Cosano <55451102+cristiancosano@users.noreply.github.com> Date: Tue, 25 Jan 2022 15:21:13 +0100 Subject: [PATCH 07/15] Update NodeJS.tpl --- NodeJS.tpl | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/NodeJS.tpl b/NodeJS.tpl index f56cf8d..3e2f98a 100755 --- a/NodeJS.tpl +++ b/NodeJS.tpl @@ -1,6 +1,8 @@ server { listen %ip%:%proxy_port%; server_name %domain_idn% %alias_idn%; + + include %home%/%user%/conf/web/%domain%/nginx.forcessl.conf*; error_log /var/log/%web_system%/domains/%domain%.error.log error; @@ -38,7 +40,11 @@ server { location ~ /\.git/ {return 404;} location ~ /\.hg/ {return 404;} location ~ /\.bzr/ {return 404;} + location ~ /\.(?!well-known\/|file) { + deny all; + return 404; + } - include %home%/%user%/conf/web/nginx.%domain%.conf*; + include %home%/%user%/conf/web/%domain%/nginx.conf_*; + } - From 869a8ac8863def756ebad9a7c4b9983779de1b89 Mon Sep 17 00:00:00 2001 From: Cristian Cosano <55451102+cristiancosano@users.noreply.github.com> Date: Tue, 25 Jan 2022 15:22:23 +0100 Subject: [PATCH 08/15] Update NodeJS.stpl --- NodeJS.stpl | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/NodeJS.stpl b/NodeJS.stpl index e9c0812..19dc02d 100644 --- a/NodeJS.stpl +++ b/NodeJS.stpl @@ -20,6 +20,8 @@ server { gzip_buffers 4 32k; gzip_types image/svg+xml svg svgz text/plain application/x-javascript text/xml text/css; gzip_vary on; + + include %home%/%user%/conf/web/%domain%/nginx.hsts.conf*; location / { @@ -65,6 +67,10 @@ server { location ~ /\.git/ {return 404;} location ~ /\.hg/ {return 404;} location ~ /\.bzr/ {return 404;} + location ~ /\.(?!well-known\/|file) { + deny all; + return 404; + } - include %home%/%user%/conf/web/s%proxy_system%.%domain%.conf*; + include %home%/%user%/conf/web/%domain%/nginx.ssl.conf_*; } From 37a48506baa780d5aac34dd0e986231b3cd66063 Mon Sep 17 00:00:00 2001 From: Cristian Cosano <55451102+cristiancosano@users.noreply.github.com> Date: Tue, 25 Jan 2022 15:24:34 +0100 Subject: [PATCH 09/15] Update README.md --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 3861dec..e82c064 100644 --- a/README.md +++ b/README.md @@ -1,9 +1,9 @@ # HestiaCP with Node.JS support. -With this repo you can run multiples NodeJs Apps at some time. +With this repo you can run multiples NodeJS Apps at same time. This template read `.env` file, `.nvm` for Node version, and `package.json` for get info and auto install modules. -![VestaCP](https://logico.com.ar/img/2019/04/21/vestacp_proxy_setup.png) +![HestiaCP](https://logico.com.ar/img/2019/04/21/vestacp_proxy_setup.png) ## Spanish Explication https://logico.ar/blog/2019/04/20/soporte-para-aplicaciones-nodejs-en-vestacp From 8ac7a17b3a03ef81009f8efc7f98a8ce63b35e50 Mon Sep 17 00:00:00 2001 From: Cristian Cosano <55451102+cristiancosano@users.noreply.github.com> Date: Tue, 25 Jan 2022 15:25:43 +0100 Subject: [PATCH 10/15] Update install.sh --- install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/install.sh b/install.sh index d2c6ca0..c710ee8 100644 --- a/install.sh +++ b/install.sh @@ -24,4 +24,4 @@ fi -cp -R ./NodeJS.* /usr/local/vesta/data/templates/web/nginx/ \ No newline at end of file +cp -R ./NodeJS.* /usr/local/hestia/data/templates/web/nginx/ From 31fc19bf2ceb15335aa5350e45c4f500d7f15357 Mon Sep 17 00:00:00 2001 From: "Stephen J. Carnam" Date: Fri, 9 Dec 2022 18:10:31 -0800 Subject: [PATCH 11/15] No updating, always get latest --- install.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/install.sh b/install.sh index c710ee8..a06907e 100644 --- a/install.sh +++ b/install.sh @@ -6,8 +6,8 @@ if ! command -v pm2 &>/dev/null; then fi if [ ! -f ~/.nvm/nvm.sh ]; then - # May need to be updated with the latest nvm release - wget -qO- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.0/install.sh | bash + # Get the latest nvm release + wget -qO- https://raw.githubusercontent.com/nvm-sh/nvm/master/install.sh | bash mv ~/.nvm /opt/nvm From 9410ecf7f0966a2ee5bb333690e6200bc89052c4 Mon Sep 17 00:00:00 2001 From: "Stephen J. Carnam" Date: Fri, 16 Dec 2022 17:28:12 -0800 Subject: [PATCH 12/15] Security issue If you are doing any kind of shared hosting with Hestia, you DO NOT want just any account user to modify the node runtime. --- install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/install.sh b/install.sh index c710ee8..f3e0b4d 100644 --- a/install.sh +++ b/install.sh @@ -11,7 +11,7 @@ if [ ! -f ~/.nvm/nvm.sh ]; then mv ~/.nvm /opt/nvm - chmod -R 777 /opt/nvm + chmod -R 755 /opt/nvm echo "-> Add this lines to the end your ~/.bashrc file" echo 'export NVM_DIR="/opt/nvm" From dee23602a8828b93029fddc25623dd8e50cb8ef0 Mon Sep 17 00:00:00 2001 From: "Stephen J. Carnam" Date: Fri, 16 Dec 2022 17:30:27 -0800 Subject: [PATCH 13/15] Security issue If you are doing any kind of shared hosting with Hestia, you DO NOT want just any account user to modify the node runtime. --- NodeJS.sh | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/NodeJS.sh b/NodeJS.sh index cb87dd2..9e0d3d7 100755 --- a/NodeJS.sh +++ b/NodeJS.sh @@ -36,8 +36,7 @@ if [ -d "$nvmDir" ]; then if [ ! -d "/opt/nvm/versions/node/$nodeVersion" ]; then echo "Install this version" nvm install $nodeVersion - - chmod -R 777 /opt/nvm + chmod -R 755 /opt/nvm else echo "Error on install Node version on NVM" fi From 8f05b08722090085bc15a9eb2db48a87e9d4f9f5 Mon Sep 17 00:00:00 2001 From: "Stephen J. Carnam" Date: Sat, 17 Dec 2022 10:08:02 -0800 Subject: [PATCH 14/15] grammar wip --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index e82c064..6866ffa 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,7 @@ # HestiaCP with Node.JS support. With this repo you can run multiples NodeJS Apps at same time. -This template read `.env` file, `.nvm` for Node version, and `package.json` for get info and auto install modules. +This template reads the `.env` file, `.nvm` for Node version, and `package.json` to get info and automatically install modules. ![HestiaCP](https://logico.com.ar/img/2019/04/21/vestacp_proxy_setup.png) @@ -11,7 +11,7 @@ https://logico.ar/blog/2019/04/20/soporte-para-aplicaciones-nodejs-en-vestacp ## Installation ***Auto "With Script":*** -* First download this Git in your `home` directory and run `chmod +x ./install.sh`, `./install.sh`. Script auto install `NVM` and `PM2` +* First download this Git in your `home` directory and run `chmod +x ./install.sh`, `sudo ./install.sh`. Script auto install `NVM` and `PM2` ***Manually:*** * Install PM2 `npm i pm2@latest -g` From 4e5a77be9cb23d0709e3378708602f0c88032631 Mon Sep 17 00:00:00 2001 From: "Stephen J. Carnam" Date: Sat, 17 Dec 2022 16:02:33 -0800 Subject: [PATCH 15/15] Security issue Don't allow anyone to mess with the socks file. --- NodeJS.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/NodeJS.sh b/NodeJS.sh index 9e0d3d7..358c395 100755 --- a/NodeJS.sh +++ b/NodeJS.sh @@ -89,7 +89,7 @@ sleep 5 if [ ! -f "$nodeDir/app.sock" ]; then echo "Allow nginx access to the socket $nodeDir/app.sock" - chmod 777 "$nodeDir/app.sock" + chmod 755 "$nodeDir/app.sock" else echo "Sock file not present disable Node app" runuser -l $user -c "pm2 del $scriptName"