1. Embrace the latest import syntax (ESM)

Stop using the old require()/CommonJS style if you can. Node.js fully supports ECMAScript modules (ESM) and it’s time to use them. Node.js+2W3Schools+2

Old (outdated):

const express = require('express');
module.exports = someFunction;

Recommended (ESM):

import express from 'express';
export default someFunction;

Set "type": "module" in your package.json, or use .mjs extensions, and you’re good. Going ESM from day one is cleaner, more aligned with modern JS, and avoids interoperability headaches.

2. Use process.env via run command instead of dotenv (in many cases)

I know many of us used dotenv.config() at the top of our apps. That still works, but recent Node.js updates allow you to pass environment files at runtime without requiring dotenv. That’s one less dependency to manage.

Old pattern:

import dotenv from 'dotenv';
dotenv.config();

console.log(process.env.MY_SECRET);

Recommended runtime command:

node --env-file=.env app.js

This way you can skip or minimise dotenv usage (especially in production) and rely more on the runtime’s built-in env file support. It keeps things simple and reduces third-party reliance.

3. Built-in test runner in Node.js

Remember when you had to install and configure Jest, Mocha or Vite for testing? That’s changing. Node.js now ships with a built-in test runner. Node.js+2LogRocket Blog+2

Sample code:

// math.test.mjs
import { test } from 'node:test';
import assert from 'node:assert/strict';
import { add } from './math.js';

test('adds two numbers', () => {
  assert.strictEqual(add(2, 3), 5);
});

Then simply run:

node --test

Benefits: zero additional dependency, minimal config, and smoother dev experience. Of course, if you need advanced features, you may still pick Jest/Mocha, but for many use-cases this built-in runner suffices.

4. Native SQLite support (yes, really)

One of the big surprises: Node.js v22.5.0 introduced a built-in experimental module for SQLite: node:sqlite. Better Stack+2LogRocket Blog+2

Note (call-out): Use the special prefix node:packageName when importing built-in modules. This ensures you’re referencing a built-in library, not a third-party with the same name (security + clarity win).

Example usage:

import { DatabaseSync } from 'node:sqlite';

const db = new DatabaseSync('example.db');

db.run('CREATE TABLE users(id INTEGER PRIMARY KEY, name TEXT)');
db.run('INSERT INTO users(name) VALUES (?)', 'Alice');

const row = db.get('SELECT * FROM users WHERE name = ?', 'Alice');
console.log(row);

⚠️ Keep in mind: still marked experimental, fewer features than popular third-party libs (like concurrency, async API). Use with caution for production. LogRocket Blog

5. “Type-skipper” support for TypeScript files

If you’re doing TypeScript, there’s good news: recent Node.js versions let you run .ts files directly (for the parts that just use types). Node.js+1

Example:

// app.ts
const greet = (name: string): string => {
  return `Hello, ${name}`;
};

console.log(greet('World'));

You can run:

node app.ts

Important call-out: This only supports type stripping (erasable TypeScript syntax). Full TS features (enums, namespaces, fancy transforms) still need compile/transpile. Use this feature vigilantly, understand its limitations, and stay tuned for future updates.

6. Replace nodemon with Node’s built-in --watch flag

You probably used nodemon for auto-restarting on file changes. Now, Node.js offers a built-in flag --watch. Make your life simpler.

Example:

node --watch server.js

On changes, Node will auto-reload. Fewer dependencies and tools to maintain.

7. Built-in fetch (no more axios or node-fetch)

Modern Node.js versions include the Fetch API natively—just like in browsers. That means you don’t always have to import axios or node-fetch.

Example:

const response = await fetch('https://api.example.com/data');
const data = await response.json();
console.log(data);

Saves you package installations, simplifies your stack.

8. Super-fast dev script with node --run dev (yes, no npm needed)

This is one of the cleanest improvements in modern Node.js.
You don’t need slow npm run dev anymore because npm adds extra overhead (pre-scripts, post-scripts, lifecycle steps, etc).

Now Node.js gives you a native script runner using:

node --run dev

So you define your scripts in package.json like this:

{
  "scripts": {
    "dev": "node --watch server.js"
  }
}

And instead of:

npm run dev

You can directly run:

node --run dev

This is lightning fast, no npm layer, no extra processing.
Just pure Node executing your script instantly , perfect for local development.

Final Thoughts

If you’re working with Node.js right now (especially v22+), start shifting to these built-in features. They genuinely cut down your dependency list, reduce config headaches, and make your whole dev workflow faster and cleaner. This is the direction Node.js is moving toward, so adopting early gives you an edge.

But remember not everything is 100% production-ready. Features like native SQLite and TypeScript type-skipping are still evolving. Use them smartly, test properly, and make sure your project actually benefits from the switch.

Node.js is changing fast, and these built-in upgrades are going to become the new “default way” of writing backend apps. So stay updated, experiment, and keep your stack modern.

More improvements are coming , stay tuned.

https://kafka.apache.org/

What is distributed

You can scale kafka horizontally by adding more nodes that run your kafka brokers

Event streaming

If you want to build a system where one process produces events that can be consumed by multiple consumers

Examples of apps

Payment notifications

Jargon

Cluster and broker

A group of machines running kafka are known as a kafka cluster

Each individual machine is called a broker

Producers

As the name suggests, producers are used to publish data to a topic

Consumers

As the name suggests, consumers consume from a topic

Topics

A topic is a logical channel to which producers send messages and from which consumers read messages.

Offsets

Consumers keep track of their position in the topic by maintaining offsets, which represent the position of the last consumed message. Kafka can manage offsets automatically or allow consumers to manage them manually.

Retention

Kafka topics have configurable retention policies, determining how long data is stored before being deleted. This allows for both real-time processing and historical data replay.

Partitions and Consumer groups (we will cover eventually)

Start kafka locally

Ref - https://kafka.apache.org/quickstart

Using docker

docker run -p 9092:9092 apache/kafka:3.7.1

Get shell access to container

docker ps
docker exec -it container_id /bin/bash
cd /opt/kafka/bin

Create a topic

./kafka-topics.sh --create --topic quickstart-events --bootstrap-server localhost:9092

Publish to the topic

./kafka-console-producer.sh --topic quickstart-events --bootstrap-server localhost:9092

Consuming from the topic

./kafka-console-consumer.sh --topic quickstart-events --from-beginning --bootstrap-server localhost:9092

Kafka in a Node.js process

Ref https://www.npmjs.com/package/kafkajs

• Initialise project

npm init -y
npx tsc --init

• Update package.json

"rootDir": "./src",
"outDir": "./dist"

• Add src/index.ts

import { Kafka } from "kafkajs";

const kafka = new Kafka({
  clientId: "my-app",
  brokers: ["localhost:9092"]
})

const producer = kafka.producer();

const consumer = kafka.consumer({groupId: "my-app3"});


async function main() {
  await producer.connect();
  await producer.send({
    topic: "quickstart-events",
    messages: [{
      value: "hi there"
    }]
  })

  await consumer.connect();
  await consumer.subscribe({
    topic: "quickstart-events", fromBeginning: true
  })

  await consumer.run({
    eachMessage: async ({ topic, partition, message }) => {
      console.log({
        offset: message.offset,
        value: message?.value?.toString(),
      })
    },
  })
}


main();

• Update package.json

"scripts": {
    "start": "tsc -b && node dist/index.js"
},

• Start the process

npm run start

Breaking into prodcuer and consumer scripts

Lets break our logic down into two saparate files

• producer.ts

import { Kafka } from "kafkajs";

const kafka = new Kafka({
  clientId: "my-app",
  brokers: ["localhost:9092"]
})

const producer = kafka.producer();

async function main() {
  await producer.connect();
  await producer.send({
    topic: "quickstart-events",
    messages: [{
      value: "hi there"
    }]
  });
}


main();

• consumer.ts

import { Kafka } from "kafkajs";

const kafka = new Kafka({
  clientId: "my-app",
  brokers: ["localhost:9092"]
})

const consumer = kafka.consumer({ groupId: "my-app3" });


async function main() {
  await consumer.connect();
  await consumer.subscribe({
    topic: "quickstart-events", fromBeginning: true
  })

  await consumer.run({
    eachMessage: async ({ topic, partition, message }) => {
      console.log({
        offset: message.offset,
        value: message?.value?.toString(),
      })
    },
  })
}


main();

• Update package.json

  "scripts": {
    "start": "tsc -b && node dist/index.js",
    "produce": "tsc -b && node dist/producer.js",
    "consume": "tsc -b && node dist/consumer.js"    
  },

• Try starting multiple consumers, and see if each gets back a message for the messages produced

Notice we specified a consumer group (my-app3)

Consumer groups and partitions

Consumer group

A consumer group is a group of consumers that coordinate to consume messages from a Kafka topic.

Purpose:

• Load Balancing: Distribute the processing load among multiple consumers.

• Fault Tolerance: If one consumer fails, Kafka automatically redistributes the partitions that the failed consumer was handling to the remaining consumers in the group.

• Parallel Processing: Consumers in a group can process different partitions in parallel, improving throughput and scalability.

Partitions

Partitions are subdivisions of a Kafka topic. Each partition is an ordered, immutable sequence of messages that is appended to by producers. Partitions enable Kafka to scale horizontally and allow for parallel processing of messages.

How is a partition decided?

When a message is produced to a Kafka topic, it is assigned to a specific partition. This can be done using a round-robin method, a hash of the message key, or a custom partitioning strategy.

Usually you’ll take things like user id as the message key so all messages from the same user go to the same consumer (so a single user doesnt starve everyone lets say)

Multiple consumer groups

Three cases to discuss

Equal number of partitions and consumers

More partitions

More consumers

Partitioning strategy

When producing messages, you can assign a key that uniquely identifies the event.

Kafka will hash this key and use the hash to determine the partition. This ensures that all messages with the same key (lets say for the same user) are sent to the same partition.

💡

Why would you want messages from the same user to go to the same partition? Lets say a single user has too many notifications, this way you can make sure they only choke a single partition and not all the partitions

• Create a new producer-user.ts file, pass in a key when producing the message

import { Kafka } from "kafkajs";

const kafka = new Kafka({
  clientId: "my-app",
  brokers: ["localhost:9092"]
})

const producer = kafka.producer();

async function main() {
  await producer.connect();
  await producer.send({
    topic: "payment-done",
    messages: [{
      value: "hi there",
      key: "user1"
    }]
  });
}

main();

• Add produce:user script

"produce:user": "tsc -b && node dist/producer-user.js",

• Start 3 consumers and one producer. Notice all messages reach the same consumer

npm run produce:user

What is cron?
cron is a Unix/Linux utility that schedules and runs tasks automatically at fixed times, dates, or intervals. A “cron job” is simply a command or script that cron runs on a schedule you define. People use cron for all kinds of repetitive automation: sending emails, generating reports, cleaning up temporary files, running backups, triggering data pipelines, and more.

Why developers love cron (and its modern cousins)

• It’s reliable: once scheduled, cron will run tasks at the right time without human intervention.

• It’s simple: a single text file (the crontab) can express complex schedules.

• It scales to many use cases: from simple daily cleanups to orchestrating big data workflows.
  That said, for complex workflows and dependencies, teams often use more advanced schedulers (e.g., Apache Airflow) or custom distributed schedulers. But cron remains the simplest, battle-tested tool for time-based automation.

Real-world uses (quick picture)

• Sending promotional or reminder emails at scheduled times.

• Running ETL and analytics jobs nightly.

• Cleaning logs or rotating backups.

• Triggering batch jobs, like invoice generation or report exports.

“The Starry Secret of Cron Jobs!”

Ever seen something like * * * * * in a cron job and thought — “what the heck are all these stars doing here?” 😅
Well, each * (asterisk) represents a time field , minute, hour, day of month, month, and day of week — in that exact order. So when you see * * * * *, it literally means “run every minute of every hour of every day of every month, forever.”

In simple words, it’s like telling your server:
💬 “Bro, no breaks. Work every single minute — 24x7!” 😆
You don’t get it naaa 😆 , I know here is the image for better understanding ?

🧠 Let’s Be Serious Now - Time to Practice Some Cron Magic

Alright guys, enough of the theory talk! Let’s get our hands dirty and see how those little stars actually work. If you want to really grasp cron, you’ve got to practice these patterns instead of just reading them. So here are a few simple, real-life examples that’ll help you master cron expressions like a pro

🕒 1. Every day at 3 PM

0 15 * * *

Meaning:
The first 0 means start at the 0th minute, the 15 means the 15th hour (3 PM), and the rest of the stars mean every day, every month, every weekday.
So this runs exactly once a day at 3:00 PM.

🕐 2. Every day at 1 :30PM

30 13 * * *

Meaning:
Run the task when the hour is 13 (1 PM) and minute is 30 simple as that! Cron uses 24-hour format, so 13 stands for 1 PM.

📅 3. Every week on Monday

0 9 * * 1

Meaning:
This runs at 9:00 AM every Monday. The 1 at the end represents Monday (because cron counts days of the week as 0–6, where 0 = Sunday).

🗓️ 4. Every month on the 1st

0 10 1 * *

Meaning:
The 1 in the third position means the 1st day of every month, and 10 means 10 AM.
So this runs once a month on the 1st day, at 10:00 AM sharp.

💡 Tip: Always remember the order minute, hour, day of month, month, day of week. Once you get that in your head, cron expressions will start making perfect sense.

Let’s Get Serious Guys - Time to Play with Cron Like a Real One

Alright legends enough of the talking, it’s time to touch some code. You’ve read the stars, now let’s make them shine.

We’re going to make cron print the current date every minute (so you can flex that “automation” muscle). After that, we’ll move to something more Basir-level automatic database backups every day at 2 PM. Yeah, prod stuff baby 😎

🧠 Step 1: Get into the Machine

If you’re already on Ubuntu, cool. If not, spin one up anywhere - Docker, AWS, whatever you like.
I don’t care how, just get inside a terminal. You can’t learn cron by just reading this isn’t a fairytale, it’s tech.

Check if cron is alive:

sudo systemctl status cron

If it’s not active, just hit:

sudo systemctl start cron

Cron is like your background butler. He doesn’t speak, but he gets the job done quietly every time. 🕶️

🕒 Step 2: Let’s Make Cron Talk — Print Date Every Minute

Now fire this command:

crontab -e

Inside that file, drop this line:

* * * * * date >> ~/dates.txt

That’s it. Every single minute, this command will run date and append the output to dates.txt.
After 2–3 minutes, check it:

cat ~/dates.txt

If you see multiple timestamps there - congrats, you just made cron do your bidding. 😎
Every minute, like clockwork.

🧍‍♂️ A Little Self-Love Moment

You’re on Basir’s Blog, my friend.
And Basir doesn’t just read commands - he runs them, breaks them, fixes them, and runs them again till it’s perfect. 😏
I’m a big believer in doing prod things, even when it’s just a demo. Because that’s how you become dangerous (in a good way).

💾 Let’s Do Some “Prod Stuff” — Database Backup Every Day

Now we’re talking. Real-world example.
Let’s make cron handle database backups - because no one wants to be that engineer who forgot to back up.

🐳 Step 1: Spin Up MySQL in Docker

Run this command like a boss:

docker run -d \
  --name mysql-demo \
  -e MYSQL_ROOT_PASSWORD=rootpass \
  -e MYSQL_DATABASE=mydb \
  -p 3306:3306 \
  mysql:8

Quick breakdown:

• -d → runs in background

• --name → gives your container a cool name

• -e → sets env variables (root password, db name)

• -p → connects MySQL’s port to your machine

Check if it’s alive:

docker ps

🍽️ Step 2: Add Some Data

We need data to back up, right? Let’s cook some up 🍳

Create a table:

docker exec -it mysql-demo mysql -uroot -prootpass -e \
"CREATE TABLE mydb.users (id INT AUTO_INCREMENT PRIMARY KEY, name VARCHAR(50));"

Insert fake data:

docker exec -i mysql-demo mysql -uroot -prootpass -D mydb -e "
INSERT INTO users (name) VALUES
('Alice'), ('Bob'), ('Charlie'), ('Diana'), ('Ethan');
"

Verify it:

docker exec -it mysql-demo mysql -uroot -prootpass -D mydb -e "SELECT * FROM users;"

🧠 Step 3: Manual Backup — Just to Feel It

Create a backup folder first:

sudo mkdir -p /backups
sudo chmod 777 /backups

Now dump the database:

docker exec mysql-demo mysqldump -uroot -prootpass mydb > /backups/mysql_backup_$(date +%F).sql

Boom 💥 You just created your first SQL backup with today’s date in the filename.

🕑 Step 4: Automate Like a Boss

Alright, let’s make cron work for us again - this time, every night at 2 AM.
Because while we sleep, cron grinds. 😴

Open crontab again:

crontab -e

Add this line:

0 2 * * * docker exec mysql-demo mysqldump -uroot -prootpass mydb > /backups/mysql_backup_$(date +\%F).sql

💡 Notice the \%F — the backslash tells cron, “Yo, don’t get confused, that’s just my date.”

If you’re too impatient to wait till 2 AM (like me waiting for a girl’s reply 💔), change it temporarily to:

*/2 * * * * sudo docker exec mysql-demo mysqldump -uroot -prootpass mydb > /backups/mysql_backup_$(date +\%F).sql

That’ll run every 2 minutes. Instant results, instant dopamine 😏

🧹 Step 5: Clean Up — Delete Old Backups

Because no one wants a folder heavier than their ex’s emotional baggage 😬

Add this line to remove backups older than 7 days:

0 3 * * * find /backups -name "mysql_backup_*.sql" -mtime +7 -delete

Boom. Fresh backups only. Every day. Clean and classy.

🧩 Example Folder

/backups/
 ├── mysql_backup_2025-11-05.sql
 ├── mysql_backup_2025-11-06.sql
 └── mysql_backup_2025-11-07.sql

💣 Bonus Trick — Compressed Backups

Want to save space and look cool doing it? Use gzip:

0 2 * * * docker exec mysql-demo mysqldump -uroot -prootpass mydb | gzip > /backups/mysql_backup_$(date +\%F).sql.gz

Now your backup’s smaller and faster like a code snippet that just got optimized.

Wait, Basir this is too raw, man! Where’s my favorite backend language, my tool, my code? Ohh baby, hold on I’ve got to bring everyone along on this ride. I don’t fall for syntactical sugar; I love those raw commands that make you feel like a real dev at 2 AM 😎. And guess what? Most of your favorite backend frameworks secretly do the same thing under the hood. You can use cron in any language you love trust me, you’re just one search away from making it happen!

⚡ Final Thought

Cron is that quiet friend who never asks for credit but makes sure everything runs on time.
You sleep. Cron works. You forget. Cron remembers.

And that’s why I love it. It’s not just automation - it’s discipline in code form.
So go ahead - set it, forget it, and let cron handle your boring stuff while you build something epic.

Because remember… Basir doesn’t wait for miracles - he schedules them. 💥

But there’s another lightweight, reliable alternative that’s often overlooked —
💡 Server-Sent Events (SSE).

In this blog, we’ll build a real-time data stream using Node.js (Express) on the backend and React.js on the frontend.
By the end, your browser will receive live updates from the server — no manual refreshes, no complex setup. Just pure streaming magic. ✨

🧠 What Are Server-Sent Events?

Server-Sent Events (SSE) allow the server to push data to the client over a single HTTP connection.
The client subscribes to this stream and receives automatic updates — all using standard HTTP and no extra libraries.

Unlike WebSockets, SSE is:

• ✅ Unidirectional (Server ➜ Client)

• ✅ Simple to implement

• ✅ HTTP/1.1 friendly

• ✅ Perfect for dashboards, logs, notifications

⚙️ How SSE Works (Simple Concept)

1. The browser opens a persistent connection to /events.

2. The server keeps the connection open and sends messages in this format:

    data: Hello Client!
    \n\n
   

3. The browser listens using the EventSource API.

So when new data arrives, the client instantly updates — no refresh or request needed.

🧩 Step 1: Setting Up the Node.js (Express) Server

Let’s start by creating a new Node.js project.

mkdir sse-demo && cd sse-demo
npm init -y
npm install express cors

Now create a file named server.js 👇

import express from "express";
import cors from "cors";

const app = express();
app.use(cors());
const PORT = 4000;

// List of connected clients
const clients = [];

// ---------------------------
// 1️⃣ SSE Endpoint
// ---------------------------
app.get("/events", (req, res) => {
  res.setHeader("Content-Type", "text/event-stream");
  res.setHeader("Cache-Control", "no-cache");
  res.setHeader("Connection", "keep-alive");

  res.write("data: Connected to SSE stream\n\n");

  // Add client connection
  clients.push(res);
  console.log("Client connected, total:", clients.length);

  req.on("close", () => {
    console.log("Client disconnected");
    clients.splice(clients.indexOf(res), 1);
  });
});

// ---------------------------
// 2️⃣ Simulate Sending Data Every 3s
// ---------------------------
setInterval(() => {
  const message = {
    time: new Date().toISOString(),
    random: Math.floor(Math.random() * 100),
  };
  clients.forEach((client) =>
    client.write(`data: ${JSON.stringify(message)}\n\n`)
  );
}, 3000);

app.listen(PORT, () =>
  console.log(`✅ SSE Server running on http://localhost:${PORT}`)
);

Now run it:

node server.js

🖥️ Step 2: Setting Up the React Client

If you don’t already have a React app:

npx create-react-app sse-client
cd sse-client
npm start

Create SSEStream.jsx

import React, { useEffect, useState } from "react";

const SSEStream = () => {
  const [messages, setMessages] = useState([]);

  useEffect(() => {
    const eventSource = new EventSource("http://localhost:4000/events");

    eventSource.onmessage = (event) => {
      try {
        const data = JSON.parse(event.data);
        setMessages((prev) => [...prev, data]);
      } catch (e) {
        console.error("Invalid data:", e);
      }
    };

    eventSource.onerror = (err) => {
      console.error("SSE error:", err);
      eventSource.close();
    };

    return () => {
      eventSource.close();
    };
  }, []);

  return (
    <div style={{ padding: 20, fontFamily: "monospace" }}>
      <h2>📡 Live Server-Sent Events</h2>
      {messages.map((msg, i) => (
        <div key={i}>
          Time: {msg.time} | Random: {msg.random}
        </div>
      ))}
    </div>
  );
};

export default SSEStream;

Add It in App.js

import React from "react";
import SSEStream from "./SSEStream";

function App() {
  return (
    <div>
      <h1>🚀 Real-Time Data Stream (SSE + React)</h1>
      <SSEStream />
    </div>
  );
}

export default App;

🧠 Step 3: Make It More Real — Integrating Redis

Now imagine your data is stored in Redis.
You want to push updates to clients whenever Redis changes — without polling.

That’s where Redis Pub/Sub shines ✨

Install Redis Package

npm install redis

Updated Server (server.js)

import express from "express";
import cors from "cors";
import { createClient } from "redis";

const app = express();
app.use(cors());
const PORT = 4000;

// Redis setup
const redisClient = createClient();
const subscriber = redisClient.duplicate();
await redisClient.connect();
await subscriber.connect();

const clients = [];

app.get("/events", (req, res) => {
  res.setHeader("Content-Type", "text/event-stream");
  res.setHeader("Cache-Control", "no-cache");
  res.setHeader("Connection", "keep-alive");
  clients.push(res);
  req.on("close", () => clients.splice(clients.indexOf(res), 1));
});

await subscriber.subscribe("updates", (message) => {
  console.log("Redis message:", message);
  clients.forEach((res) => res.write(`data: ${message}\n\n`));
});

app.listen(PORT, () => console.log(`✅ SSE Server running on ${PORT}`));

Publisher Example

// publisher.js
import { createClient } from "redis";
const publisher = createClient();
await publisher.connect();

setInterval(async () => {
  const data = JSON.stringify({
    time: new Date().toISOString(),
    value: Math.floor(Math.random() * 1000),
  });
  await publisher.publish("updates", data);
  console.log("Published:", data);
}, 3000);

Now every time your Redis publisher emits a message, React instantly sees it 🔥

🎯 When to Use SSE

✅ Perfect for:

• Live analytics dashboards

• Real-time logs or monitoring

• Notification systems

• Stock prices / crypto price feeds

• System health monitoring

❌ Not ideal for:

• Two-way chat (use WebSockets)

• Heavy concurrent updates

💬 Final Thoughts

Server-Sent Events (SSE) are an elegant, HTTP-friendly way to stream updates from your server to browsers.
They’re simpler than WebSockets, and with Redis Pub/Sub, they scale beautifully in production.

In this tutorial, we:

• Built an Express server streaming live data

• Connected a React frontend using EventSource

• Enhanced it with Redis Pub/Sub for distributed real-time updates

Now you can build real-time dashboards, live notifications, or any app that thrives on continuous data flow ⚡

🔗 Bonus: Repo Structure Example

sse-demo/
│
├── server.js           # Express + Redis + SSE server
├── publisher.js        # Redis publisher
└── sse-client/         # React frontend
    ├── src/
    │   ├── App.js
    │   └── SSEStream.jsx

Open your EC2 terminal and run:

# Generate a new SSH key specifically for GitHub Actions
ssh-keygen -t rsa -b 4096 -m PEM -C "github-actions" -f ~/github_ec2_ci_key -N ""

Explanation:

• -t rsa → RSA key type

• -b 4096 → 4096-bit for strong encryption

• -m PEM → ensures compatibility (some tools like GitHub Actions need PEM format)

• -C "github-actions" → a comment for identification

• -f ~/github_ec2_ci_key → saves key in your home directory

• -N "" → no passphrase (required for CI/CD)

This will create two files:

~/github_ec2_ci_key      → private key
~/github_ec2_ci_key.pub  → public key

Step 2 — Add the public key to authorized_keys

# Ensure the .ssh directory exists
mkdir -p ~/.ssh

# Append the public key to authorized_keys
cat ~/github_ec2_ci_key.pub >> ~/.ssh/authorized_keys

# Set proper permissions
chmod 700 ~/.ssh
chmod 600 ~/.ssh/authorized_keys

✅ Now your EC2 trusts this key for SSH login.

Step 3 — Test SSH locally

ssh -i ~/github_ec2_ci_key ubuntu@<EC2_PUBLIC_IP>

• You should log in without typing a passphrase.

• If it works, your key setup is correct.

Step 4 — Copy private key to GitHub Secrets

1. Run:

cat ~/github_ec2_ci_key

2. Copy everything starting from:

-----BEGIN RSA PRIVATE KEY-----

…to:

-----END RSA PRIVATE KEY-----

3. Go to GitHub → Settings → Secrets → Actions → New repository secret

4. Name it: EC2_KEY

5. Paste the private key there

No passphrase needed, so you don’t need a passphrase: field in GitHub Actions.

Step 5 — Create GitHub Actions workflow

Create .github/workflows/deploy.yml in your repository:

name: Deploy to EC2

on:
  push:
    branches:
      - main

jobs:
  deploy:
    runs-on: ubuntu-latest

    steps:
      - name: Checkout code
        uses: actions/checkout@v3

      - name: Deploy to EC2
        uses: appleboy/ssh-action@v0.1.9
        with:
          host: ${{ secrets.EC2_HOST }}        # Your EC2 public IP
          username: ${{ secrets.EC2_USER }}    # Typically 'ubuntu'
          key: ${{ secrets.EC2_KEY }}          # Private key secret
          port: 22
          script: |
            cd /var/www/artistic_backend
            git pull origin main
            npm install
            npm run build
            pm2 restart all

OR

name: Deploy to EC2

on:
  push:
    branches:
      - master

jobs:
  deploy:
    runs-on: ubuntu-latest

    steps:
      - name: Checkout code
        uses: actions/checkout@v3

      - name: Deploy to EC2
        uses: appleboy/ssh-action@v0.1.9
        with:
          host: ${{ secrets.EC2_HOST }}
          username: ${{ secrets.EC2_USER }}
          key: ${{ secrets.EC2_KEY }}
          port: 22
          script: |
            # Load Node.js environment (handles nvm or global install)
            if [ -f ~/.nvm/nvm.sh ]; then
              echo "Using nvm environment"
              source ~/.nvm/nvm.sh
              nvm use node
            else
              echo "Using system-wide Node.js"
              export PATH=$PATH:/usr/local/bin:/usr/bin
            fi

            cd /home/ubuntu/quick-test/backend
            echo "Pulling latest code..."
            git pull origin master

            echo "Installing dependencies..."
            npm install

            echo "Building TypeScript..."
            npx tsc -b

            echo "Restarting PM2 process..."
            pm2 restart all || pm2 start ecosystem.config.js --update-env

Step 6 — Secrets you need in GitHub

• EC2_HOST → your EC2 public IP

• EC2_USER → usually ubuntu

• EC2_KEY → the private key you copied

No passphrase is required because the key is unencrypted.

✅ Optional: Remove passphrase from an existing key

If you already generated a key with a passphrase, you can remove it:

ssh-keygen -p -f ~/existing_key
# Enter current passphrase
# For new passphrase: press ENTER
# Confirm: press ENTER

Step 7 — Verify workflow

1. Push to the main branch.

2. GitHub Actions will:

• Checkout the code

• SSH into your EC2

• Pull latest code, install dependencies, build, and restart PM2

No more ssh: handshake failed errors because:

• The key is trusted by EC2

• The private key is unencrypted

• GitHub Actions can use it in Docker without needing a passphrase

for pkg in docker.io docker-doc docker-compose docker-compose-v2 podman-docker containerd runc; do sudo apt-get remove $pkg; done

# Add Docker's official GPG key:
sudo apt-get update
sudo apt-get install ca-certificates curl
sudo install -m 0755 -d /etc/apt/keyrings
sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc
sudo chmod a+r /etc/apt/keyrings/docker.asc

# Add the repository to Apt sources:
echo \
  "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu \
  $(. /etc/os-release && echo "${UBUNTU_CODENAME:-$VERSION_CODENAME}") stable" | \
  sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt-get update

sudo apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin

Check docker installation status

sudo systemctl status docker

Set the conf

sudo rm -rf /data/valkey/valkey.conf
sudo nano /data/valkey/valkey.conf

Paste the conf make sure to edit the password

bind 0.0.0.0
port 6379
protected-mode yes

requirepass StrongP@ssw0rd!

save 60 1
appendonly yes
appendfilename "appendonly.aof"
appendfsync everysec

dir /data

logfile /data/valkey.log
loglevel notice

maxmemory 1gb
maxmemory-policy allkeys-lru

Check is it good or not

ls -l /data/valkey/valkey.conf

-rw-r--r-- 1 ubuntu ubuntu 350 Oct 18 16:10 /data/valkey/valkey.conf

Run the container

sudo docker run -d \
  --name valkey \
  -p 6379:6379 \
  -v /data/valkey:/data \
  -v /data/valkey/valkey.conf:/etc/valkey/valkey.conf:ro \
  --restart unless-stopped \
  valkey/valkey:latest \
  valkey-server /etc/valkey/valkey.conf

Check all good

sudo tail -f /data/valkey/valkey.log

Check
Ready to accept connections
this message should come up

conf this if you think that kernel should allocate as much they can

1️⃣ maxmemory = 1 GB

• This is a hard cap inside ValKey.

• Redis will never store more than 1 GB of data in memory, even if your machine has 4 GB free.

• Eviction (allkeys-lru) will kick in once that limit is reached.

• Effect: Redis memory usage is limited to 1 GB for keys/data.

2️⃣ vm.overcommit_memory=1

• This is a Linux-level setting, not a ValKey setting.

• Linux allows Redis to request memory without being blocked, even if the kernel thinks the system might run out of RAM.

• Important: This does not change the maxmemory limit inside Redis.

So in your case:

• ValKey will still only store 1 GB of data (because of maxmemory=1gb).

• Linux may allocate slightly more than 1 GB to Redis internally for overhead, buffers, bookkeeping, without killing the process.

• Redis cannot “go beyond 1 GB for data” just because overcommit=1 is set.

# Temporary (until next reboot)
sudo sysctl vm.overcommit_memory=1

# Permanent
echo "vm.overcommit_memory=1" | sudo tee -a /etc/sysctl.conf
sudo sysctl -p

Here is your password

make sure to allow 6379 on security group as in bound rule

redis://default:<pass>@<EC2_PRIVATE_OR_PUBLIC_IP>:6379

Test command in cli

docker exec -it valkey valkey-cli
> auth StrongP@ssw0rd!
OK
> set test "persistent"
OK
> get test
"persistent"

Node js Client sample code

// index.js
import { createClient } from 'redis';

async function main() {
  // Replace <EC2_IP> with your EC2 public/private IP
  const client = createClient({
    url: 'redis://default:StrongP@ssw0rd!@<EC2_IP>:6379'
  });

  client.on('error', (err) => console.error('Redis Client Error', err));

  try {
    await client.connect();
    console.log('✅ Connected to ValKey successfully!');

    // Set a key with expiry of 60 seconds
    await client.set('test-key', 'Hello ValKey!', { EX: 60 });
    console.log('✅ Key "test-key" set with 60 seconds expiry');

    // Get the key
    const value = await client.get('test-key');
    console.log('🔹 Retrieved value:', value);

  } catch (err) {
    console.error('Connection failed:', err);
  } finally {
    await client.quit();
    console.log('Connection closed');
  }
}

main();

npm install redis
node index.js

✅ Connected to ValKey successfully!
✅ Key "test-key" set with 60 seconds expiry
🔹 Retrieved value: Hello ValKey!
Connection closed

🔹 Bottom line

Your current setup is okay for small production workloads or a single-app environment:

• One EC2 instance

• Domain-based access

• Persistent storage via EBS

• Password protection

…but for enterprise-level production with high availability, failover, and monitoring, you’ll need to implement:

• Clustered ValKey / Redis replication

• TLS/SSL connections

• Monitoring and alerting

• Automated backups

For calculation:-

dig @dns.deploylite.tech MX calculate.2+2
#feel free to change 2+2 to something else 
dig @dns.deploylite.tech MX calculate.2+2 +short

For generating random number:-

dig @dns.deploylite.tech MX generate-random.rand
#using +short
dig @dns.deploylite.tech MX generate-random.rand +short

For getting any timezone:-

dig @dns.deploylite.tech MX timezone.ASIA/KOLKATA
#using +short
dig @dns.deploylite.tech MX timezone.ASIA/KOLKATA +short
dig @dns.deploylite.tech MX timezone.US/Pacific +short
dig @dns.deploylite.tech MX timezone.Singapore +short
#you can use any time zone for the query?
#for supported timezone visist:-https://timeapi.io/api/timezone/availabletimezones

For ai response . Ask anything to ai:-

dig @dns.deploylite.tech MX ai.what.is.dns +short
#Modify this query . And if you have space on your prompt add .
dig @dns.deploylite.tech MX ai.what.is.js +short

For Piyush Sir's Playlist recommendation: Ask your query about the resources you need for a tutorial, and you'll get a full-fledged playlist curated by Piyush Sir:-

dig @dns.deploylite.tech MX tutorial.nextjs +short
dig @dns.deploylite.tech MX tutorial.advanced.js +short
#feel free to ask what do you want.
dig @dns.deploylite.tech MX tutorial.appwrite +short
#gives and not found message if it's not there

For Piyush Sir's Course recommendation: Ask your query:-

dig @dns.deploylite.tech MX course.docker +short
dig @dns.deploylite.tech MX course.nextjs +short
#feel free to ask of your choice
dig @dns.deploylite.tech MX course.web.dev.cohort +short

Currently, these features are available, with more exciting features coming soon.

Here is a step by step guide how to deploy your own dns server .

How to Deploy ?

1. Start an ec2 instance and below run the commands to cotinue

allow 53 port in security group - > custom udp → 53 → allow access from anywhere

sudo apt update && upgrade -y

Install nodejs

curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.1/install.sh | bash
source ~/.bashrc
nvm install v21.7.0

Clone Your repo

git clone repo_url
cd repo_folder
npm i

Basic Configuration for opening port 53. I see that systemd-resolved is using port 53. Let's disable it and free up the port:

1. First, stop and disable systemd-resolved:

sudo systemctl stop systemd-resolved
sudo systemctl disable systemd-resolved

You might need to update your DNS resolver settings. Edit /etc/resolv.conf:

sudo nano /etc/resolv.conf

Replace its contents with:

nameserver 8.8.8.8  # Google DNS
nameserver 8.8.4.4  # Google DNS backup

To prevent systemd-resolved from starting again on reboot:

sudo systemctl mask systemd-resolved

If you get permission errors, make sure you've set the capabilities correctly:

sudo setcap cap_net_bind_service=+ep $(which node)

Start the dns server on background. Install Pm2.

npm i -g pm2

pm2 start "node index.js" --name dns

pm2 save

Congratulations Your Server is up and running.

We’ll also follow production best practices to ensure your app runs securely, efficiently, and delivers optimal performance.

Why Choose S3 and CloudFront for Hosting?

Amazon S3 is an affordable, durable, and secure solution for static website hosting. It’s perfect for hosting files like HTML, CSS, JavaScript, images, and other assets.
Amazon CloudFront is a Content Delivery Network (CDN) that caches your website’s content in multiple geographic locations, reducing loading times for users around the world and minimizing load on your S3 bucket.

With these services together, you can host your site with:

• Lower Latency: CloudFront’s edge locations around the globe speed up content delivery.

• Improved Performance: Caching and compression enhance performance.

• Better Security: Protect your S3 bucket by serving content only through CloudFront.

Step-by-Step Guide to Host a React Website on AWS S3 and CloudFront

Step 1: Build Your React App for Production

1. Initialize and Build the React App

   • If you haven’t created your React app yet, start with:

       npx create-react-app my-app
     

     Replace my-app with your project name.

   • Next, navigate to your app folder:

       cd my-app
     

   • Build your app for production:

       npm run build
     

     This generates a build folder with optimized files ready for deployment.

2. Verify Your Build

   • Check the build folder. It should contain your production-ready HTML, CSS, JavaScript, and other assets.

Step 1.1 : Build Your React App for Production

1. Clone your react app from github

   • If you donot have an react app please clone it through this url:

       git clone https://github.com/BasirKhan418/React-bolierplate-code.git
     

   • Next, navigate to your app folder:

       cd React-bolierplate-code
     

   • Install Dependencies & Build your app for production:

       npm i 
       npm run build
     

     This generates a build folder with optimized files ready for deployment.

2. Verify Your Build

   • Check the build or dist folder. It should contain your production-ready HTML, CSS, JavaScript, and other assets.

Step 2: Set Up an S3 Bucket for Static Website Hosting

1. Create an S3 Bucket for Your Website

   • Open the S3 Console.

   • Click Create Bucket.

   • Enter a unique bucket name and choose a region.

   • Important: Uncheck Block all public access if you want to make the website accessible to everyone.

   • 

2. Upload Files to S3

   • In the Objects tab, click Upload and select all files from your build /dist folder.

   • 

3. Configure Public Access

   • Go to the Permissions tab.

   • Under Bucket Policy, Click on edit bucket policy and paste the content below of it and make sure to add your s3 arn.

       {
           "Version": "2012-10-17",
           "Statement": [
               {
                   "Sid": "Statement1",
                   "Principal": "*",
                   "Effect": "Allow",
                   "Action": [
                       "s3:GetObject"
                   ],
                   "Resource": "your s3 arn/*"
               }
           ]
       }
     

4. Enable Static Website Hosting

   • Go to Properties > Static website hosting > Edit.

   • Enable Static Website Hosting.

   • For Index Document, enter index.html.

   • For Error Document, also enter index.html (useful for single-page apps to handle routes).

   • Save your settings.

   • 

   • 

5. Test Your S3 Website

   • After setting up, open the Bucket website endpoint to check if your React app is accessible.

   • 

Step 3: Set Up CloudFront for Global Caching and Lower Latency

1. Create a CloudFront Distribution

   • Go to the CloudFront Console.

   • Click Create Distribution > Web.

2. Configure the Origin

   • Under Origin Domain Name, select your S3 bucket.

   • Set Viewer Protocol Policy to Redirect HTTP to HTTPS for security.

   • Configure Allowed HTTP Methods to GET, HEAD only if you don’t need POST requests.

   • For Origin Shield, enable Use Origin Shield to add an extra caching layer.

3. Set Cache Behavior Settings

   • In Cache Behavior Settings, enable Compress Objects Automatically to reduce file sizes.

   • Choose Cache Based on Selected Request Headers as None for a basic cache, or Whitelist certain headers if you have dynamic content.

4. Configure Custom Error Pages for Single-Page App (SPA) Routing

   • In the Error Pages section, configure a 404 error to redirect to your index.html and set the response code to 200. This ensures that client-side routes are handled correctly by serving the main app shell.

5. Restrict S3 Bucket Access to CloudFront Only

   • To secure your app, configure Origin Access Control (OAC) on CloudFront so only CloudFront can access S3.

   • In the Permissions tab of your S3 bucket, update the bucket policy to allow CloudFront access only.

6. Create the Distribution

   • Once configured, click Create Distribution. It may take a few minutes to deploy.

Step 4: Set Up a Custom Domain with CloudFront (Optional)

To add a custom domain:

1. Add Alternate Domain Names

   • In Alternate Domain Names (CNAMEs), add your custom domain (e.g., www.yourdomain.com).

2. Configure SSL with ACM

   • Go to AWS Certificate Manager (ACM), request a certificate for your domain, and validate ownership.

   • Associate this certificate with your CloudFront distribution.

3. Update DNS Records

   • Use Route 53 or your DNS provider to create a CNAME record pointing to your CloudFront distribution URL.

Production Best Practices for Hosting on S3 and CloudFront

Here are some best practices to optimize performance, security, and scalability:

1. Enable Compression in CloudFront

   • Enable Compress Objects Automatically in your CloudFront distribution to reduce file sizes and improve load times.

2. Use Cache-Control Headers

   • Set Cache-Control headers for static assets in S3 to control how long content is cached. For example, you can use max-age=31536000 to cache files for a year. Remember to update the file name for any new versions to bypass the cache when needed.

3. Enable Logging

   • Enable CloudFront Standard Logging to monitor performance and access patterns.

   • Enable S3 Access Logs to review bucket access, which is helpful for troubleshooting and analytics.

4. Invalidate Cache on Updates

   • When updating your website, invalidate the CloudFront cache to ensure that users get the latest version. You can do this by creating an Invalidation request in the CloudFront console for files you’ve updated (e.g., /*).

5. Consider Origin Shield for Heavily Accessed Content

   • If you anticipate heavy traffic, enable Origin Shield in CloudFront for extra caching between CloudFront and your S3 bucket, which helps reduce origin fetches and can improve cache hit ratio.

Conclusion

Hosting your React website on AWS with S3 and CloudFront is an affordable and scalable solution that boosts your app’s performance globally. Following the above steps and best practices, you’ll achieve a secure, low-latency, and highly available website setup that’s optimized for users worldwide.

By using CloudFront’s caching, compression, and Origin Shield options, along with carefully managed Cache-Control headers, you’ll ensure that your app is fast and responsive.

1. What is the Serverless Framework?

The Serverless Framework is an open-source framework that helps developers manage serverless deployments on various cloud platforms, including AWS, Azure, and Google Cloud. It simplifies deploying serverless applications by allowing you to define resources and functions in a configuration file, eliminating the need for complex infrastructure setup.

2. Prerequisites

To follow along with this guide, ensure you have the following:

• Node.js and npm: Install the latest version of Node.js from nodejs.org.

• AWS Account: Set up an AWS account with access to Lambda and DynamoDB services. Sign up here.

• Serverless Framework: Install it globally by running the command below if you haven’t already:

    npm install -g serverless
  

3. Setting Up a New Serverless Project

The first step is to create a Serverless project that will serve as the base for deploying your AWS resources and functions.

Steps:

1. Create the Project
   Open your terminal and run the following command:

   💡

   Make sure to create your account on serverless website and validate your credentials through terminal.

    serverless
   

   This will show you several Templates. Choose 3rd option Aws / Node.js / Express Api with Dynamodb

2. 

   Then, select your project name in that folder. The Serverless Framework will generate your complete boilerplate code

   

   3. Then select create a new app to continue.

4. Next, provide an app name. A Lambda function will be created with this name

5. Install Dependencies
   All ready some dependencies are installed through boiler plate code and we have to add some more dependencies for this project

    cd "your project name"

    npm i

    npm i crypto-js
    npm i jsonwebtoken
    npm i cors

The aws-sdk library is essential for integrating our app with AWS services.That is already installed if you selected aws + node.js+dynamodb template.

4. Configuring serverless.yml for Lambda and DynamoDB

The serverless.yml file defines your resources and functions. Here’s how to configure it to create a Lambda function and DynamoDB table.

Edit the serverless.yml file as follows:

# "org" ensures this Service is used with the correct Serverless Framework Access Key.
org: basir #change this according to your orgname
# "app" enables Serverless Framework Dashboard features and sharing them with other Services.
app: basirapp #change this to your app name
# "service" is the name of this project. This will also be added to your AWS resource names.
service: basirapp #change this according to your service name

stages:
  default:
    params:
      tableName: "basirtable" #change or create this on your aws account

provider:
  name: aws
  runtime: nodejs20.x
  region: ap-south-1
  iam:
    role:
      statements:
        - Effect: Allow
          Action:
            - dynamodb:Query
            - dynamodb:Scan
            - dynamodb:GetItem
            - dynamodb:PutItem
            - dynamodb:UpdateItem
            - dynamodb:DeleteItem
          Resource:
            - Fn::GetAtt: [UsersTable, Arn]
  environment:
    USERS_TABLE: ${param:tableName}
  httpApi:
    cors:
      allowedOrigins:
        - '*'  # Allows all origins; use specific origins for production
      allowedHeaders:
        - Content-Type
        - Authorization
        - X-Amz-Date
        - X-Api-Key
        - X-Amz-Security-Token
        - X-Requested-With
      allowedMethods:
        - GET
        - POST
        - PUT
        - DELETE
        - OPTIONS
      maxAge: 86400

functions:
  api:
    handler: handler.handler
    events:
      - httpApi:
          path: "/{proxy+}"  # Correct syntax for a catch-all route
          method: ANY

resources:
  Resources:
    UsersTable:
      Type: AWS::DynamoDB::Table
      Properties:
        AttributeDefinitions:
          - AttributeName: email
            AttributeType: S
        KeySchema:
          - AttributeName: email
            KeyType: HASH
        BillingMode: PAY_PER_REQUEST
        TableName: ${param:tableName}

Explanation:

• 1. org, app, and service:

     • The org specifies the Serverless Framework organization (basir), ensuring that the service is linked with the correct Serverless Framework Access Key.

     • The app name (basirapp) enables features on the Serverless Framework Dashboard, facilitating easier management and sharing with other services.

     • The service (basirapp) is the name of this project, which will also be included in the names of the AWS resources created by this service.

     2. stages:

        • Defines a default stage with a parameter tableName, set to "basirtable". This parameter is referenced throughout the configuration to specify the DynamoDB table name.

     3. provider:

        • Specifies AWS as the cloud provider and sets the runtime to nodejs20.x.

        • The region is defined as ap-south-1.

        • Configures an IAM role with permissions to perform various DynamoDB actions (Query, Scan, GetItem, PutItem, UpdateItem, and DeleteItem) on the specified DynamoDB table.

        • The environment section defines an environment variable USERS_TABLE, which utilizes the tableName parameter value (basirtable) for use within Lambda functions.

     4. httpApi:

        • Configures CORS (Cross-Origin Resource Sharing) settings to allow requests from any origin (allowedOrigins: '*'). For production environments, it is advisable to specify allowed origins explicitly.

        • Specifies the headers and HTTP methods that are permitted in requests, along with a cache duration of maxAge: 86400 seconds (24 hours).

     5. functions:

        • Defines a Lambda function named api, with the handler implemented in handler.handler.

        • Sets up an httpApi event with a catch-all route (/{proxy+}) that allows all HTTP methods (method: ANY) to facilitate flexible request handling.

     6. resources:

        • Creates an AWS DynamoDB table named UsersTable.

        • The table's primary key is defined by the email attribute, which is of type String (S).

        • Configured with BillingMode: PAY_PER_REQUEST, allowing the table to automatically scale and bill based on the number of requests.

        • The table name is dynamically set using the tableName parameter (basirtable).

5. Writing the Lambda Handler Code

Next, create the Lambda function to save data to DynamoDB.

Steps:

1. Update handler.js code into your project
   In the root of the project. update handler.js.

2. Add the Following Code:

    const { DynamoDBClient } = require("@aws-sdk/client-dynamodb");
   
    const {
      DynamoDBDocumentClient,
      GetCommand,
      PutCommand,
    } = require("@aws-sdk/lib-dynamodb");
    const crypto  = require("crypto-js");
    const jwt = require("jsonwebtoken");
    const express = require("express");
    const serverless = require("serverless-http");
    const cors = require('cors');
    const app = express();
   
    const USERS_TABLE = process.env.USERS_TABLE;
    const AES_SECRET = "56snbwuy#kdhuyethj39738626rhhgfd";
    const jwtSecret = "jskhshs54w57qjhyt2652geftsrhvhagskn@medgus";
    const client = new DynamoDBClient();
    const docClient = DynamoDBDocumentClient.from(client);
   
    app.use(express.json());
    const corsOptions = {
      origin: '*', // or '*' for all origins during development
      methods: ['GET', 'POST', 'PUT', 'DELETE', 'OPTIONS'],
      allowedHeaders: ['Content-Type', 'Authorization', 'X-Amz-Date', 'X-Api-Key', 'X-Amz-Security-Token', 'X-Requested-With'],
      credentials: true,
      optionsSuccessStatus: 200 // Some legacy browsers choke on status 204
    };
   
    // Use CORS with the specified options
    app.use(cors(corsOptions));
    app.get("/",(req,res)=>{
      res.send("Hello World")
    })
    //all routes starts from here
    app.post("/register", async (req, res) => {
      const {name,email,password,clg,phone} = req.body
      const hashpass = crypto.AES.encrypt(password,AES_SECRET).toString();
      //checking the user is exist or not;
      const getParams = {
        TableName: USERS_TABLE,
        Key: {
          email: email,
        },
      };
      try{
        const data = await docClient.send(new GetCommand(getParams));
      if(data.Item){
        return res.status(400).json({error:"User already exists",success:false})
      }
    }
      catch(err){
        console.log(err)
        res.status(500).json({error:"Could not create user",success:false})
      }
      //create user
      const params = {
        TableName: USERS_TABLE,
        Item: {
          name: name,
          email: email,
          password: hashpass,
          clg: clg,
          phone: phone,
        },
      };
    try{
    let a = await docClient.send(new PutCommand(params));
    res.status(200).json({message:"User created successfully",success:true})
    }
    catch(err){
      console.log(err)
      res.status(500).json({error:"Could not create user",success:false})
    }
    })
    //login endpoint
    app.post("/login", async (req, res) => {
      try{
        const {email,password} = req.body;
        const params = {
          TableName: USERS_TABLE,
          Key: {
            email: email,
          },
        };
        try{
         let data = await docClient.send(new GetCommand(params));
          if(!data.Item){
            return res.status(404).json({error:"User not found",success:false})
          }
          else{
            const decryptpass = crypto.AES.decrypt(data.Item.password,AES_SECRET).toString(crypto.enc.Utf8);
            if(decryptpass == password){
              const token = jwt.sign({email:email},jwtSecret);
              return res.status(200).json({message:"Login Successfull",success:true,token:token})
            }
            else{
              return res.status(401).json({error:"Invalid Password",success:false})
            }
          }
        }
        catch(err){
          console.log(err)
          res.status(500).json({error:"Login Failed ! Db Error.",success:false})
        }
      }
      catch(err){
        console.log(err)
        res.status(500).json({error:"Some thing Went Wrong .Try again later!",success:false})
      }
    })
   
    app.use((req, res, next) => {
      return res.status(404).json({
        error: "Not Found",
      });
    });
    exports.handler = serverless(app);
   

Explanation:

• This Lambda function, implemented with Node.js and Express, interacts with Amazon DynamoDB to manage user registrations and logins. Key features include:

  1. Dependencies: Utilizes @aws-sdk/client-dynamodb for database operations, crypto-js for password encryption, jsonwebtoken for creating JWT tokens, and express for routing.

  2. Environment Variables: Configures USERS_TABLE for DynamoDB, along with secret keys for AES encryption and JWT signing.

  3. Endpoints:

     • GET /: Returns "Hello World" to indicate the server is running.

     • POST /register: Handles user registration by checking for existing users, encrypting passwords, and saving user data to DynamoDB.

     • POST /login: Authenticates users by verifying credentials and returning a JWT token upon successful login.

  4. Error Handling: Includes robust error handling to provide informative responses for various scenarios, such as user existence and authentication failures.

  5. 404 Handling: Returns a 404 status for any undefined routes.

  6. AWS Lambda Integration: The exports.handler allows the Express app to run in the AWS Lambda environment.

In summary, this function provides a secure user management system with encrypted passwords and JWT-based authentication, leveraging DynamoDB for data storage.

6. Deploying the Application

With everything configured, let’s deploy your application to AWS Lambda!

Steps:

1. Configure AWS Credentials
   Set up your AWS credentials on your local machine:

    serverless config credentials --provider aws --key YOUR_AWS_ACCESS_KEY --secret YOUR_AWS_SECRET_KEY
   

2. Deploy the Application
   Run the following command to deploy your application:

    serverless deploy
   

   This command packages your application, uploads it to AWS, and creates the resources specified in serverless.yml.

   

   A DynamoDB table named "basirtable" is created through the serverless.yml configuration file, which defines the primary key as the email attribute. The table operates in PAY_PER_REQUEST billing mode, ensuring efficient scaling and cost management based on actual usage.

   

   Also check lamda our function is deployed successfully.

   

7. Testing the Deployment

After deployment, test the endpoint to confirm that it works as expected.

1. Get the Endpoint URL
   The deployment process will output an endpoint URL in the terminal.

2. Send a Request to the URL
   Use a tool like curl or Postman to send a GET request to the endpoint:

    GET https://x60hefyye3.execute-api.ap-south-1.amazonaws.com
   

   

   Sends a post request to create an account to “/register” end point through postman.

   

   Feel free to check another end point as well in my case all end point is working fine.

8. Verifying DynamoDB Data

Now, let’s confirm that the data was saved in DynamoDB.

1. Go to the DynamoDB Console
   In your AWS Management Console, open DynamoDB.

2. Check the Table
   Find your table (MyTable), and open it to view items. You should see the item created by your Lambda function.

3. 

9. Wrapping Up

Congratulations! 🎉 You’ve successfully deployed a Node.js app to AWS Lambda using the Serverless Framework and integrated it with DynamoDB. This setup demonstrates the power of serverless architecture, reducing costs and simplifying scaling while allowing you to quickly deploy applications.

By following this guide, you now have a foundational setup you can build upon, expanding your application’s features or integrating more AWS services. Enjoy building with serverless, and keep experimenting to leverage AWS Lambda and DynamoDB for even more advanced use cases!

10. Bonous Section

In this section, we will connect the Lambda function to our frontend via a REST API, allowing seamless interaction between the backend and frontend components. This integration will enable us to handle requests efficiently, enhancing the application's responsiveness and user experience. Let's proceed with setting up the API endpoint to establish this connection.

1. Clone the github repo .

git clone https://github.com/BasirKhan418/basirapp-serverless-frontend.git

cd basirapp-serverless-frontend

npm i

2. Create a .env file and add the following content. Feel free to update the value of VITE_BACKEND_URL with the URL of your own Lambda function deployment or API gateway:

    VITE_BACKEND_URL=<your_lambda_function_url>
   

   

3. Build your project / frontend.

npm run build

4. After a successful build, a dist folder will be generated. This folder contains the production-ready files, which we need to upload to S3 to host the frontend application.

5. Create an S3 bucket with your desired name. Uncheck the option to block all public access, leave all other settings as default, and click Create bucket to proceed.

   

6. Click on recently created bucket go to permissions and click on edit bucket policy and paste the content below of it and make sure to add your s3 arn.

    {
        "Version": "2012-10-17",
        "Statement": [
            {
                "Sid": "Statement1",
                "Principal": "*",
                "Effect": "Allow",
                "Action": [
                    "s3:GetObject"
                ],
                "Resource": "your arn/*"
            }
        ]
    }
   

7. Upload you dist folder contents to s3

   

8. Navigate to the Properties tab, scroll down to the Static website hosting section at the bottom of the page, and click Edit. Enable static website hosting, enter index.html in the Index document field, and click Save changes to apply.

   

9. 🎉 Hooray! Your frontend has been deployed successfully.

   

10. Open the generated link in a new tab, try registering, and check if the data is being saved in DynamoDB.

    

Conclusion:

By following this guide, titled "Deploy a Node.js App on AWS Lambda with DynamoDB Using Serverless Framework: Step-by-Step Guide," you've successfully deployed a full-stack, serverless registration and login system using AWS. Your Node.js backend now operates on AWS Lambda, with DynamoDB handling data storage, ensuring both security and scalability. Additionally, hosting the frontend on S3 offers a cost-effective, high-performance solution for web access.

This setup not only provides a robust foundation for authentication workflows but also streamlines application management by leveraging AWS services. With this approach, you're well-equipped to scale effortlessly, adding new features or integrating additional AWS services as needed.

In summary, this beginner-friendly, step-by-step guide has equipped you with the knowledge to deploy a fully functional serverless application in the cloud, perfect for developers looking to learn AWS Lambda and DynamoDB integration!

Prerequisites

Before we dive in, make sure you have the following:

• A basic React app ready to deploy.

• An AWS account.

• Basic knowledge of SSH, Linux commands, and AWS services.

Step 1: Create an EC2 Instance

1. Log into your AWS Console
   Go to the AWS Management Console and log in to your account.

2. Navigate to EC2
   From the AWS Console, search for EC2 and click on Launch Instance.

3. Configure the Instance

   • Choose an Amazon Machine Image (AMI): Select the latest version of Ubuntu (20.04 or higher).

   • Choose Instance Type: For most basic projects, a t2.micro instance (eligible for free tier) works fine.

   • Configure Instance Details: Keep the default settings.

   • Add Storage: Stick with the default size unless your app requires more space.

   • Add Tags: This is optional, but you can tag your instance for easy identification.

   • Configure Security Group: Allow the following:

     • HTTP (port 80) for web access

     • SSH (port 22) for remote login

     • HTTPS (port 443) if you plan to use SSL.

4. Launch the Instance
   Choose or create a new key pair to SSH into your instance, then launch the instance. Your EC2 instance will take a few moments to spin up.

   

   

   

Step 2: Connect to Your EC2 Instance

1. Download your private key (.pem file)
   Ensure you have the .pem file of the key pair you created earlier.

2. Connect via SSH
   Open your terminal (or Git Bash on Windows) and run the following command to SSH into your EC2 instance:

3.   chmod 443 "path_to_your_pem_file.pem"
   

    ssh -i "path_to_your_pem_file.pem" ubuntu@your_ec2_public_ip
   

   Replace path_to_your_pem_file.pem with the location of your .pem file and your_ec2_public_ip with your EC2 instance’s public IP address (available in the EC2 dashboard).

4. 

   Option 2: Connecting Through AWS Console

   If you're unfamiliar with SSH or facing issues, you can also connect directly through the AWS Console:

   1. In your EC2 dashboard, select your instance.

   2. Click on the Connect button at the top.

   3. Choose EC2 Instance Connect, and you can connect directly from the browser without needing a private key.

Step 3: Update and Install Dependencies

Once you’re inside your EC2 instance, it’s time to install the required software.

1. Update the system packages:

    sudo apt update && sudo apt upgrade -y
   

2. Installing Node Using the Node Version Manager: React apps run on Node.js, so we need to install it.

    curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.3/install.sh
   

    curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.3/install.sh | bash
   

    source ~/.bashrc
   

    nvm install v20.9.0
   

   You can check the versions installed with:

    node -v
    npm -v
   

3. Install Nginx:
   Nginx will be used as a reverse proxy to serve your React app.

    sudo apt install nginx -y
   

4. Start Nginx and enable it:

    sudo systemctl start nginx
    sudo systemctl enable nginx
   

   You can check if Nginx is working by navigating to your EC2 instance’s public IP in a browser. You should see the default Nginx welcome page.

5. 

Step 4: Configure Firewall Rules

1. Open necessary ports:
   Make sure your security group allows incoming traffic on HTTP (port 80). You can modify this from the AWS EC2 console under Security Groups.

2. 💡

   We have done this step while creating ec2 instance in this blog.

Step 5: Deploy Your React App

Now it's time to get your React app onto the server.

1. Clone your React app from GitHub:

   First, install Git:

    sudo apt install git -y
   

   Then, clone your app:

    git clone https://github.com/your-username/your-react-app.git
   

2. Navigate to your app directory:

    cd your-react-app
   

   

3. Install the dependencies:

    npm install
   

4. Build your React app:

    npm run build
   

   This command creates a production-ready version of your React app in the build/dist folder.

5. 

Step 6: Configure Nginx to Serve the React App

1. Remove the default Nginx configuration:

    sudo rm /etc/nginx/nginx.conf
   

2. Create a new Nginx configuration file for your React app:

    sudo vi /etc/nginx/nginx.conf
   

3. Add the following configuration:

    events {
        # Event directives...
    }
   
    http {
        server {
        listen 80;
        server_name "your public ip";
   
        location / {
            proxy_pass http://localhost:{PORT LIKE 8080};
            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection 'upgrade';
            proxy_set_header Host $host;
            proxy_cache_bypass $http_upgrade;
        }
        }
    }
   

4. Reload Nginx

    sudo nginx -s reload
   

   

Step 7: Start your react app

Before starting the app we have to install some dependecies.

1. PM2 (Process Manager 2):

PM2 is a production-ready process manager for Node.js applications. It allows you to run, manage, and monitor Node.js processes in the background. Key features include:

• Process management: Easily start, stop, restart, and manage multiple Node.js applications.

• Monitoring: Provides real-time logs, metrics, and performance monitoring.

• Load balancing: Automatically balances load across multiple CPU cores for better performance.

• Startup scripts: Automatically restarts apps on crashes or server reboots.

Installation:

npm install -g pm2

2. Serve:

Serve is a simple and lightweight HTTP server designed to serve static files, such as the dist folder generated by build tools like React. It's ideal for quickly serving a single-page application (SPA) or static content.

Key features include:

• Easy static file hosting: Serve static files from any folder with a single command.

• Single-page application (SPA) support: Perfect for apps like React, with fallback routing.

• Lightweight and fast: Minimal setup for quick static file hosting.

Installation:

npm install -g serve

These two libraries together allow you to serve static content (like a React app) and manage its processes efficiently in a production environment.

3 .Finally starting the react app

cd "your react app folder"

pm2 start "serve -s dist -l 8080" --name react-app

Step 8: Access Your React App

Now, when you navigate to your EC2 instance’s public IP in a browser, you should see your React app running!

Bonus: Add a custom domain to your app.

1. Login to your domain name provider and add a “A” Record with your corresponding to the public ip.

2. 

   💡

   In my case, I am using Cloudflare for managing DNS, so I don't need to add an SSL certificate. However, if you're not using Cloudflare, please secure your app by adding an SSL certificate through Let's Encrypt or AWS Certificate Manager.

3. Update your Nginx configuration (Optional)

    events {
        # Event directives...
    }
   
    http {
        server {
        listen 80;
        server_name "your domain name";
   
        location / {
            proxy_pass http://localhost:{PORT LIKE 8080};
            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection 'upgrade';
            proxy_set_header Host $host;
            proxy_cache_bypass $http_upgrade;
        }
        }
    }
   

   

Conclusion

That’s it! 🎉 You’ve successfully hosted your React app on an EC2 instance. By following these steps, you’ve learned how to:

• Set up an EC2 instance.

• Install necessary dependencies (Node.js, npm, Nginx).

• Deploy a React app using Nginx as a reverse proxy.

• Optionally, add a custom domain to your app.

And the best part? It’s completely free for everyone! 🎉

This blog will show you how to use our tool, explain the two available options (using a repo URL or GitHub OAuth), and walk you through how to download or commit your Dockerfile.

Features at a Glance

• Automatic Dockerfile generation with best practices:

  • Uses lightweight base images (like Alpine) for smaller builds.

  • Minimizes image layers for optimized image size.

  • Groups commands efficiently for better caching.

• Two options for generating Dockerfiles:

  • Paste a repository URL (no login required).

  • Log in via GitHub OAuth to access and commit Dockerfiles directly to your repositories.

• Simple, user-friendly interface.

• Free for all users.

How to Use the Dockerfile Generator

You can either use our tool without logging in by pasting a repository URL or log in with GitHub OAuth to commit Dockerfiles directly to your repository.

Let’s break it down:

Option 1: Generate Dockerfile by Pasting a Repo URL (No Login Required)

If you prefer not to log in, you can generate a Dockerfile by pasting the URL of your public GitHub repository.

Step 1: Paste Your Repo URL

Simply copy the URL of your GitHub repository and paste it into the designated field on our website.

Step 2: Dockergen Processing & Scanning

Dockergen detected technology through your repo url and Scanning whole project.

• Detecting Technology.

• Scanning whole repo.

• Generate a docker file.

Step 3: Generate Dockerfile

Click "Generate Dockerfile" and our tool will generate an optimized Dockerfile, ensuring best practices are followed for smaller and faster builds.

Step 4: Download Dockerfile

Once the Dockerfile is generated, you can download it directly to your local machine. Committing to GitHub is not supported if you haven’t logged in.

Option 2: Log in with GitHub OAuth and Commit Dockerfile

For a more integrated experience, you can log in via GitHub OAuth and commit your Dockerfile directly to your repository.

Step 1: Log in with GitHub

Click the "Log in with GitHub" button on our homepage to authenticate securely using GitHub OAuth.

Click on authorize button to signin.

Step 2: Select a Repository

Once logged in, you’ll see a list of all your GitHub repositories. Select the repository you want to generate a Dockerfile for.

Step 3: Generate Dockerfile

Hit "Generate Dockerfile" to get an optimized Dockerfile for the selected repository.

Step 4: Commit Dockerfile to GitHub

Once the Dockerfile is generated, you have two options:

• Download it to your local machine.

• Commit it directly to your GitHub repository by selecting the branch, entering a commit message, and clicking "Commit to GitHub".

Why Use Our Dockerfile Generator?

1. Time-Saving

Manually writing Dockerfiles takes time, especially if you want to follow best practices. Our tool handles this for you, generating optimized Dockerfiles in seconds.

2. Optimized for Performance

We use lightweight base images like Alpine, minimize image layers, and optimize caching layers to ensure faster builds and smaller image sizes.

3. Two Flexible Options

Whether you want to paste a repo URL and generate a Dockerfile without logging in, or log in via GitHub for more advanced features, we’ve got you covered.

4. Free for Everyone

The tool is free—no hidden fees or premium plans. It’s perfect for developers at any level.

How This Tool Boosts Your Workflow

Our Dockerfile Generator is designed to integrate seamlessly with your development workflow:

• If you’re in a rush, simply paste your repo URL and get a Dockerfile instantly.

• For long-term projects, log in, generate, and commit Dockerfiles directly to your repositories for better version control.

The process is smooth and optimized to save you time while following Docker best practices.

Conclusion

Generating Dockerfiles is now easier than ever with our Dockerfile Generation Website. Whether you choose to paste a repository URL or log in via GitHub OAuth, you can quickly generate, download, or commit Dockerfiles in just a few steps.

Our tool is designed to follow Docker’s best practices, making your Dockerfiles smaller, faster, and easier to manage. Best of all, it’s free for everyone!

FAQs

Q1: Is this service really free? Yes, our Dockerfile generation tool is completely free for all users.

Q2: Can I use this tool without logging in? Yes, you can generate Dockerfiles without logging in by pasting the URL of a public GitHub repository.

Q3: How does GitHub OAuth work? GitHub OAuth allows you to securely log in to your GitHub account, access your repositories, and commit Dockerfiles directly from the tool.

Q4: Is there support for private repositories? Yes, but you need to log in via GitHub OAuth to access and commit Dockerfiles to private repositories.

Why wait for deployment? With Cloudflare Tunnels, you can host your app right from your laptop!

• No More "Did you push it to Git?" – Your app is live on your laptop! 🖥️✨

• Impress Your Friends – “Oh, just hosting my app on my laptop!” 😎

Go ahead, showcase your project while sipping your coffee! ☕🎉

Read it why ?

What Are Cloudflare Tunnels? 🕳️

Cloudflare Tunnels (formerly known as Argo Tunnels) create a secure, outbound-only connection between your server and Cloudflare's global network. This means you can protect your applications without exposing your server's IP address, which significantly enhances your security posture.

Key Benefits of Using Cloudflare Tunnels:

• Enhanced Security: Protects your server from direct exposure to the internet.

• Easy Setup: Set up with just a few commands—no complex configurations required.

• Global Load Balancing: Routes traffic efficiently across multiple servers.

Automatic HTTPS: Ensures secure connections without manual SSL certificate management.

Story Time: Meet Alex 👨‍💻

Let's illustrate the power of Cloudflare Tunnels with a story. Meet Alex, a web developer who recently launched a personal blog. One evening, while working on a new feature, he decided to test it locally. However, he faced a common dilemma: how to showcase his work without compromising security.

Enter Cloudflare Tunnels. With just a few commands, Alex was able to expose his local development server securely. His friends and colleagues could now access his blog at a unique URL without the risk of exposing his local environment to potential attacks.

How it works ?

Cloudflare Tunnel provides you with a secure way to connect your resources to Cloudflare without a publicly routable IP address. With Tunnel, you do not send traffic to an external IP — instead, a lightweight daemon in your infrastructure (cloudflared) creates outbound-only connections to Cloudflare’s global network. Cloudflare Tunnel can connect HTTP web servers, SSH servers, remote desktops, and other protocols safely to Cloudflare. This way, your origins can serve traffic through Cloudflare without being vulnerable to attacks that bypass Cloudflare.

Cloudflared establishes outbound connections (tunnels) between your resources and Cloudflare’s global network. Tunnels are persistent objects that route traffic to DNS records. Within the same tunnel, you can run as many ‘cloudflared’ processes (connectors) as needed. These processes will establish connections to Cloudflare and send traffic to the nearest Cloudflare data center.

Refer to our reference architecture for details on how to implement Cloudflare Tunnel into your existing infrastructure

Installing Cloudflare Tunnel

Cloudflare Tunnel requires the installation of a lightweight server-side daemon, cloudflared, to connect your infrastructure to Cloudflare. If you are creating a tunnel through the dashboard, you can simply copy-paste the installation command shown in the dashboard.

To download and install cloudflared manually, use one of the following links.

GitHub repository

cloudflared is an open source project ↗ maintained by Cloudflare.

• All releases ↗

• Release notes ↗

Latest release

Linux

You can download and install cloudflared via the Cloudflare Package Repository ↗.

Alternatively, download the latest release directly:

macOS

Download and install cloudflared via Homebrew:

Terminal window

brew install cloudflared

Alternatively, download the latest Darwin arm64 release ↗ or latest Darwin amd64 release ↗ directly.

Windows

Download and install cloudflared via winget ↗:

Terminal window

winget install --id Cloudflare.cloudflared

Alternatively, download the latest release directly:

Docker

A Docker image of cloudflared is available on DockerHub ↗.

Deprecated releases

Cloudflare supports versions of cloudflared that are within one year of the most recent release. Breaking changes unrelated to feature availability may be introduced that will impact versions released more than one year ago. For example, as of January 2023 Cloudflare will support cloudflared version 2023.1.1 to cloudflared 2022.1.1.

To update cloudflared, refer to these instructions.

Check it cloudflare is correctly installed or not ?

Cloudflare Tunnel can be installed on Windows, Linux, and macOS. as above we will discuss.

Confirm that cloudflared is installed correctly by running cloudflared --version in your command line:

Terminal window

cloudflared --version

Result shoud be 👇

cloudflared version 2021.5.9 (built 2021-05-21-1541 UTC)

Run a local service

The easiest way to get up and running with Cloudflare Tunnel is to have an application running locally, such as a React or Svelte site. When you are developing an application with these frameworks, they will often make use of a npm run develop script, or something similar, which mounts the application and runs it on a localhost port. For example, the popular create-react-app tool runs your in-development React application on port 3000, making it accessible at the http://localhost:3000 address.

Start a Cloudflare Tunnel

With a local development server running, a new Cloudflare Tunnel can be instantiated by running cloudflared tunnel in a new command line window, passing in the --url flag with your localhost URL and port. cloudflared will output logs to your command line, including a banner with a tunnel URL:

Terminal window

cloudflared tunnel --url http://localhost:3000

2021-07-15T20:11:29Z INF Cannot determine default configuration path. No file [config.yml config.yaml] in [~/.cloudflared ~/.cloudflare-warp ~/cloudflare-warp /etc/cloudflared /usr/local/etc/cloudflared]2021-07-15T20:11:29Z INF Version 2021.5.92021-07-15T20:11:29Z INF GOOS: linux, GOVersion: devel +11087322f8 Fri Nov 13 03:04:52 2020 +0100, GoArch: amd642021-07-15T20:11:29Z INF Settings: map[url:http://localhost:3000]2021-07-15T20:11:29Z INF cloudflared will not automatically update when run from the shell. To enable auto-updates, run cloudflared as a service: https://developers.cloudflare.com/argo-tunnel/reference/service/2021-07-15T20:11:29Z INF Initial protocol h2mux2021-07-15T20:11:29Z INF Starting metrics server on 127.0.0.1:42527/metrics2021-07-15T20:11:29Z WRN Your version 2021.5.9 is outdated. We recommend upgrading it to 2021.7.02021-07-15T20:11:29Z INF Connection established connIndex=0 location=ATL2021-07-15T20:11:32Z INF Each HA connection's tunnel IDs: map[0:cx0nsiqs81fhrfb82pcq075kgs6cybr86v9vdv8vbcgu91y2nthg]2021-07-15T20:11:32Z INF +-------------------------------------------------------------+2021-07-15T20:11:32Z INF |  Your free tunnel has started! Visit it:                    |2021-07-15T20:11:32Z INF |    https://seasonal-deck-organisms-sf.trycloudflare.com     |2021-07-15T20:11:32Z INF +-------------------------------------------------------------+

In this example, the randomly-generated URL https://seasonal-deck-organisms-sf.trycloudflare.com has been created and assigned to your tunnel instance. Visiting this URL in a browser will show the application running, with requests being securely forwarded through Cloudflare’s global network, through the tunnel running on your machine, to localhost:3000:

Create a remotely-managed tunnel (dashboard)

Follow this step-by-step guide to get your first tunnel up and running using Zero Trust.

Prerequisites

Before you start, make sure you:

• Add a website to Cloudflare.

• Change your domain nameservers to Cloudflare.

1. Create a tunnel

1. Log in to Zero Trust ↗ and go to Networks > Tunnels.

2. Select Create a tunnel.

3. Choose Cloudflared for the connector type and select Next.

4. Enter a name for your tunnel. We suggest choosing a name that reflects the type of resources you want to connect through this tunnel (for example, enterprise-VPC-01).

5. Select Save tunnel.

6. Next, you will need to install cloudflared and run it. To do so, check that the environment under Choose an environment reflects the operating system on your machine, then copy the command in the box below and paste it into a terminal window. Run the command.

7. Once the command has finished running, your connector will appear in Zero Trust.

   

8. Select Next.

The next steps depend on whether you want to connect an application or connect a network.

2. Connect an application

Follow these steps to connect an application through your tunnel. If you are looking to connect a network, skip to the Connect a network section.

1. In the Public Hostnames tab, choose a Domain and specify any subdomain or path information.

2. Specify a service, for example https://localhost:8000.

3. Under Additional application settings, specify any parameters you would like to add to your tunnel configuration.

4. Select Save tunnel.

3. Connect a network

Follow these steps to connect a private network through your tunnel.

1. In the Private Networks tab, add an IP or CIDR.

2. Select Save tunnel.

4. View your tunnel

After saving the tunnel, you will be redirected to the Tunnels page. Look for your new tunnel to be listed along with its active connector.