NodeBB - Full Stack Setup

JasperNL

I think this is a good tutorial, and will prove useful to many users! However, I have some remarks that I'll list below.

DNS

What has DNS to do with a stack? Not a lot, thats right, but as in my previous guide we will target the maximum possible performance. Therefore, we will also try to reduce the DNS resolving time.
To achieve this we will route our domain through CloudFlare. Just sign up and follow the instructions. Once done be sure to have DISABLED CloudFlare in the DNS settings (grey clouds).

But why? Due to the use of CloudFlare the server response time can be delayed around 0,7s, which is quite a lot, considering we want the maximum performance. Instead we will just make use of CloudFlare's fast DNS network.

Depending on the scale you want to deploy the server on, cloudflare can actually be a good idea. Especially if you're afraid of DDoS attacks. There are basically three "modes" that you can choose from

The mode in which you do not use anything of cloudflare, which you suggest.
The mode in which you use cloudflare to cache static assets, but route websockets through your own server. This can be achieved by setting the socket.io parts in config.json. This does not save you from DDoS attacks, as the origin server can be found quite easily. This is the mode that I would recommend.
Use cloudflare as websocket proxy. This secures you from DDoS attacks and works fine. This mode has a lot of cons, because cloudflare can kill the websocket connections without any specific reason, and you have the cloudflare proxy delay that you're considering. I would recommend this for small-scale sites only.

Security

...
Change it to a number like 1990 for example. Once edited hit Ctrl+X. Confirm with Y.

Auts. This is not secure. Besides the "security by obscurity" arguments that this insecure, there are also practical objections with this port. Any port >1024 can be hijacked by any user on the box, whereas ports <1024 are reserved for the system/root user. So if you want to change the port (because you may believe that it's actually secure), keep it <1024!

I always recommend to keep the SSH service at port 22 (as this is designed for it). For security, you can install fail2ban and set up a SSH keypair authentication instead of password authentication. Also: If your host gives you a root password, the first thing you should do is changing it!

Database

Now lets get onto NodeBB. Instead of MongoDB, we will skip into the future and go with Redis. Super fast, super simple.

MongoDB has a future as well, and the benefits of redis over mongo.

Again, great tutorial!

metasean

I'm just researching nodeBB at the moment. Your very recent full stack setup guide is definitely a point toward nodeBB!

That said, I thought it was written in node, so why install PHP?

AOKP

@fish its actually telling you what to run
Nonetheless, thanks for this addition. I added it to the guide.

@JasperNL
CloudFlare is absolutely needless, if you go with OVH/Online.
Especially OVH provides one of the best Anti-DDoS protection free of any charge.
In my almost 5 years being (Alexa <75K), I only suffered a DDoS attack once. Usually attackers want to get the host down, rarely a specific site itself. So better choose a good server provider and you will be fine.

Using CloudFlare as a cache is not always the best thing to do. A lot of my users reported slow loading times, whenever CloudFlare caching was enabled. PageSpeed is the nonplusultra for maximum performance.

About the ports. I agree on that one, almost forgot about it.
However, I clearly advice changing your port number from 22, because the first thing an attacker will do is to check the standard ports for "easy access".

@metasean
Because you maybe want to use WordPress for your articles and NodeBB as a commenting system or whatever else.
This guide targets on setting up a complete stack, which allows you to do pretty much everything.

kenygamer

@aokp Nginx:

{anonymous}::ps_preaccess_handler(ngx_http_request_t*)': /root/ngx_pagespeed-1.12.34.2-stable/src/ngx_pagespeed.cc:3011:31: error: 'ngx_http_core_try_files_phase' was not declared in this scope while (ph[i + 1].checker != ngx_http_core_try_files_phase && ^ objs/Makefile:1439: recipe for target 'objs/addon/src/ngx_pagespeed.o' failed make[1]: *** [objs/addon/src/ngx_pagespeed.o] Error 1 make[1]: Leaving directory '/root/nginx-1.13.4' Makefile:11: recipe for target 'install' failed make: *** [install] Error 2 root@server2:~#

kenygamer

I would REALLY appreciare if you can make an auto install shell script.

AOKP

@kenygamer never going to happen. Additionally, use your brain, the software named here is no longer up to date. Therefore, check the sources and links given in the guide. You can find the latest versions through the help of Google just in case.

Please be so kind and stop messaging me as well. There is no chance that I am going to fix things up for you, no matter if paid or unpaid. If you try to contact me again by any means, I will take further legal actions. This is my very last warning for you and therefore I pledge you take it serious.

AOKP

Removed Brotli
Updated all the instructions and configs on GitHub

omega

@aokp said in NodeBB - Full Stack Setup:

NodeBB
You can now start installing NodeBB after the docs. As seen in my configs, I have got my NodeBB install running in /home/web/mydomainname.tld/.
Adjust it to wherever you feel comfortable with.

Great guide but for shame, I got stuck here.

I have tried a few other install guides to pad this out, but it's not working. What do you mean "after the docs"... I'm totally lost at what do do here

Appreciate help/clarification in advance.

Shard

I'm afraid you lose me at "However, for the 5$ you pay, you are getting some overpriced hipster box."

Really hard to take the remainder seriously.

AOKP

@omega I actually meant "according to the docs".
I am sorry for my crappy English as I am not a native speaker.

@Shard ok.