File permissions, directory owner, directory location for Express web server.

[Levi Bostian]

All my web server experience comes from LAMP stacks. I am used to following the Apache web server rules where web projects exist in "/var/www/html" and the directory is owned by "apache www-data" and the permissions for directories are 755 and files are 644. 

I have an EC2 instance running with node and express installed ready to deploy a web application I have running on my local machine. I cannot find information anywhere about what directory on my VM to store the web application, the owner of the files or the permissions. Does node/Express not require this information? 

Thanks

[Jason Crawford]

No, it doesn't matter where you install the web application. Your app will just look for its files in its own directory.

However, you will have to start the process manually from that directory, or figure out how to start it automatically on system startup.

If you want to serve a webapp on the normal ports (80 for HTTP and 443 I think for HTTPS), then you probably need to run the process as root or some other account with special permissions, not entirely sure.

In general, 755 for dirs and 644 for files are good default permissions for any application.

(Much easier option, BTW: Deploy on Heroku or something that doesn't make you administer your own servers.)

Hope that helps,

Jason

--
You received this message because you are subscribed to the Google Groups "Express" group.
To unsubscribe from this group and stop receiving emails from it, send an email to express-js+...@googlegroups.com.
To post to this group, send email to expre...@googlegroups.com.
Visit this group at http://groups.google.com/group/express-js.
For more options, visit https://groups.google.com/d/optout.

[Levi Bostian]

Thanks a lot Jason, that does help. 

I am planning on running the app at port 80 so I will need to run as root to run on port 80 like you said I am assuming as port 80 is probably reserved to be operated only by root. 

Anyone know the file ownership (user and group) for the files in a web app?

[Jason Crawford]

In general running as root is a bad idea. I don't know how else to run on port 80, but maybe there is a privilege for this. Maybe at least you can use setuid or something. I would look up what best practices are here if I were you.

I would suggest that you just make up a user for the purpose of your app, maybe a group but not sure if it matters. Then just make all the files owned by that user. And then ideally find a way for the process to run as that user if you can figure out the port thing. If not, then, well, root will have access to all files anyway.

But at this point we're getting pretty far from Node/Express stuff; this is really a Unix sysadmin question.

Best of luck,

Jason

--
Blog: http://blog.jasoncrawford.org  |  Twitter: @jasoncrawford

[Paul Vencill]

Any production node app I've done on a dedicated server treats the node app as an app server, running as a restricted user service account and running as a non-port 80 listener.

I then use nginx (apache would work too) as a reverse proxy listening on port 80 and forwarding requests to the node app as appropriate.

This allows you to leverage all of Apaches scalability and optimization and let your node app focus on just its own functionality.

And not to overbuild your requirements, but long term it also let's you organize your infrastructure more efficiently for horizontal scaling .

All that said, for a lot of apps I just use Heroku and not manage a server at all.

[Jason Crawford]

Oh, right, that probably the best way to do it.

I've been on Heroku so long, I almost forgot about nginx, ha_proxy, etc.…

[Levi Bostian]

Ah, thank you Paul and Jason. I didn't think of using a reverse proxy but that seems like a great idea. There are lots of pros to doing that so that is the path I will take on it. I will probably start with Apache as my EC2 instances already have Apache running and installed but I may move over to nginx as time goes on as I have heard great things about it. 

Thanks a lot guys.