Monday, 7 November 2011

Installing Node.js with modules (express, socket.io, libxmljs) with SSL tunnel


Using powerful framework Node.js without security protection is too dangerous - that program is full of security bugs, so it's important to include proxy gateway before Node. Installing Node.js with Nginx, to use with web sockets is hard and really not supported. So I decided to move all of traffic to security tunnel - stunnel, which forwards all traffic to our Node.js server. Also I decided to public Installation process, step by step on CentOS 5.x with web sockets support and also additional modules - express and libxmljs. I know it sometimes might be hard to implement so enjoy!




# We need to do this before installing all of Node.js crap
root    01. rpm -Uvh http://download.fedora.redhat.com/pub/epel/5/i386/epel-release-5-4.noarch.rpm
root    02. rpm -Uvh http://rpms.famillecollet.com/enterprise/remi-release-5.rpm
# Openssl installing
root    03. yum -y install python libssl-dev openssl-devel
# Creating new user
root    04. useradd node -d /home/node
root    05. passwd node
root    06. su node
# As user called 'node' we install and compile node.js
node 07. wget http://nodejs.org/dist/node-v0.4.12.tar.gz      
# Newest compatible version of Node.js which will work with our modules
node 08. tar xvzf node-v0.4.12.tar.gz
node 09. cd node-v0.4.12
node 10. mkdir ~/local
node 11. ./configure --prefix=$HOME/node
node 12. make
# Don't install as root!
node 13. make install                                        
# Creating links
node 14. export PATH=$HOME/node/bin:$PATH
node 15. echo "export PATH=$HOME/node/bin:$PATH" >> /home/node/.bashrc
# NPM - packets manager
node 16. curl http://npmjs.org/install.sh | sh                
# Installation of express module
node 17. npm install express                                  
node 18. cd ~
# socket.io needs newest tar
node 19. wget http://ftp.gnu.org/gnu/tar/tar-1.26.tar.gz      
node 20. tar zxvf tar-1.26.tar.gz
node 21. cd tar-1.26
node 22. ./configure
node 23. make
# And now as root
root 24. make install                                        
node 25. npm install socket.io                                
# libxmljs needs scons to work
root 26. yum install scons                                    
node 27. npm install libxmljs                                
node 28. mkdir ~/cert
node 29. cd ~/cert
# Generating certificate for stunnel
node 30. openssl req \                                        
  -x509 -nodes -days 365 \
    -newkey rsa:1024 -keyout certyfikat.pem -out certzfikat.pem
root    31. yum install stunnel                                
# stunnel protects full of security bugs node.js
root    32. echo "cert = /home/node/cert/certyfikat.pem  \          
  [https] \
  accept = 443 \
  connect = 3366" >> /etc/stunnel/node
root    33. chmod 755 /home/node/cert/certyfikat.pem
# At the end we need to add permission to system firewall
root    34. system-config-securitylevel ---> Dostosuj ---> [x] Bezpieczne WWW [HTTPS] ---> OK
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)