Node.js Express API + Pilvio autentimine
Selles juhendis loome Node.js Express API serveri Pilvio virtuaalmasinale, seadistame tulemüüri ja kasutame Pilvio API tokenit serveri haldamiseks.
Mida ehitame
- Express.js REST API, mis jookseb Pilvio VM-il
- Pilvio API kaudu automatiseeritud infrastruktuuri haldamine
- Tulemüürireeglid, mis lubavad ainult vajalikke porte
Eeldused
- Pilvio konto ja API token (vaata ülevaadet)
- Node.js 20+ ja npm lokaalselt paigaldatud
curlvõi muu HTTP klient
1. samm: VM loomine Pilvio API kaudu
Loome Ubuntu VM-i, kuhu paigaldame oma API serveri:
curl "https://api.pilvio.com/v1/user-resource/vm" \
-H "apikey: SINU_PILVIO_TOKEN" \
-X POST \
-d "name=nodejs-api-server" \
-d "os_name=ubuntu" \
-d "os_version=24.04" \
-d "vcpu=2" \
-d "ram=2048" \
-d "disks=20" \
-d "username=deploy" \
-d "password=TurvalineParool123!" \
-d "public_key=ssh-ed25519 AAAA... sinu@arvuti"
Vastusest leiad VM-i uuid ja private_ipv4. Avaliku IPv4 aadressi leiad Floating IP kaudu.
Floating IP loomine ja sidumine
# Loo Floating IP
curl "https://api.pilvio.com/v1/network/ip_addresses" \
-H "apikey: SINU_PILVIO_TOKEN" \
-H "Content-Type: application/json" \
-X POST \
--data '{"name": "nodejs-api-ip", "billing_account_id": SINU_BILLING_ID}'
# Seo IP VM-iga (kasuta VM uuid-d)
curl "https://api.pilvio.com/v1/network/ip_addresses/SINU_FLOATING_IP/assign" \
-H "apikey: SINU_PILVIO_TOKEN" \
-H "Content-Type: application/json" \
-X POST \
--data '{"vm_uuid": "SINU_VM_UUID"}'
2. samm: Tulemüüri seadistamine
Lubame ainult SSH (22), HTTP (80) ja HTTPS (443) sissevõtva liikluse:
curl "https://api.pilvio.com/v1/network/firewall" \
-H "apikey: SINU_PILVIO_TOKEN" \
-H "Content-Type: application/json" \
-X POST \
--data '{
"name": "nodejs-api-fw",
"rules": [
{
"protocol": "tcp",
"direction": "inbound",
"port_start": 22,
"port_end": 22,
"endpoint_spec_type": "any"
},
{
"protocol": "tcp",
"direction": "inbound",
"port_start": 80,
"port_end": 80,
"endpoint_spec_type": "any"
},
{
"protocol": "tcp",
"direction": "inbound",
"port_start": 443,
"port_end": 443,
"endpoint_spec_type": "any"
}
]
}'
Seo tulemüür VM-iga:
curl "https://api.pilvio.com/v1/network/firewall/FIREWALL_UUID/assign" \
-H "apikey: SINU_PILVIO_TOKEN" \
-H "Content-Type: application/json" \
-X POST \
--data '{"vm_uuid": "SINU_VM_UUID"}'
3. samm: VM ettevalmistamine
Ühendu VM-iga SSH kaudu ja paigalda vajalik tarkvara:
ssh deploy@SINU_FLOATING_IP
# Node.js 20 paigaldamine
curl -fsSL https://deb.nodesource.com/setup_20.x | sudo -E bash -
sudo apt-get install -y nodejs
# PM2 protsessihalduri paigaldamine
sudo npm install -g pm2
# Projektikausta loomine
mkdir -p ~/api && cd ~/api
npm init -y
4. samm: Express API rakenduse loomine
npm install express helmet cors dotenv
Loo fail server.js:
const express = require('express');
const helmet = require('helmet');
const cors = require('cors');
require('dotenv').config();
const app = express();
const PORT = process.env.PORT || 3000;
// Turvaline vahevara
app.use(helmet());
app.use(cors({ origin: process.env.ALLOWED_ORIGINS?.split(',') || '*' }));
app.use(express.json());
// API tokeni kontrolli vahevara
function authenticateToken(req, res, next) {
const token = req.headers['x-api-key'];
if (!token || token !== process.env.APP_API_KEY) {
return res.status(401).json({ error: 'Autentimine ebaõnnestus' });
}
next();
}
// Avalikud endpointid
app.get('/health', (req, res) => {
res.json({ status: 'ok', timestamp: new Date().toISOString() });
});
// Kaitstud endpointid
app.get('/api/v1/data', authenticateToken, (req, res) => {
res.json({ message: 'Tere tulemast Pilvio API-sse!' });
});
// Pilvio infrastruktuuri haldamise endpoint (näide)
app.get('/api/v1/infra/status', authenticateToken, async (req, res) => {
try {
const response = await fetch('https://api.pilvio.com/v1/user-resource/vm/list', {
headers: { 'apikey': process.env.PILVIO_API_TOKEN }
});
const vms = await response.json();
res.json({
vm_count: vms.length,
vms: vms.map(vm => ({
name: vm.name,
status: vm.status,
vcpu: vm.vcpu,
memory: vm.memory
}))
});
} catch (error) {
res.status(500).json({ error: 'Pilvio API päring ebaõnnestus' });
}
});
app.listen(PORT, '0.0.0.0', () => {
console.log(`API server käivitatud pordil ${PORT}`);
});
Loo fail .env:
PORT=3000
APP_API_KEY=genereeri-tugev-vooti-siia
PILVIO_API_TOKEN=sinu-pilvio-api-token
ALLOWED_ORIGINS=https://sinu-domeen.ee
5. samm: Käivitamine ja automaatne taaskäivitus
# Käivita PM2-ga
pm2 start server.js --name "pilvio-api"
# Automaatne käivitus süsteemi taaskäivitusel
pm2 startup
pm2 save
# Logide jälgimine
pm2 logs pilvio-api
6. samm: Nginx reverse proxy (valikuline, soovituslik)
sudo apt-get install -y nginx
sudo tee /etc/nginx/sites-available/api <<'EOF'
server {
listen 80;
server_name sinu-domeen.ee;
location / {
proxy_pass http://127.0.0.1:3000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
EOF
sudo ln -s /etc/nginx/sites-available/api /etc/nginx/sites-enabled/
sudo rm /etc/nginx/sites-enabled/default
sudo nginx -t && sudo systemctl reload nginx
Let's Encrypt SSL
sudo apt-get install -y certbot python3-certbot-nginx
sudo certbot --nginx -d sinu-domeen.ee
Testimine
# Health check
curl http://SINU_FLOATING_IP/health
# Kaitstud endpoint
curl -H "x-api-key: sinu-app-api-vooti" http://SINU_FLOATING_IP/api/v1/data
# Infrastruktuuri staatus (loeb Pilvio VM-ide nimekirja)
curl -H "x-api-key: sinu-app-api-vooti" http://SINU_FLOATING_IP/api/v1/infra/status
VM haldamine Pilvio API kaudu
# VM peatamine
curl "https://api.pilvio.com/v1/user-resource/vm/stop" \
-H "apikey: SINU_PILVIO_TOKEN" \
-X POST -d "uuid=SINU_VM_UUID"
# VM käivitamine
curl "https://api.pilvio.com/v1/user-resource/vm/start" \
-H "apikey: SINU_PILVIO_TOKEN" \
-X POST -d "uuid=SINU_VM_UUID"
# VM ressursside muutmine (VM peab olema peatatud)
curl "https://api.pilvio.com/v1/user-resource/vm" \
-H "apikey: SINU_PILVIO_TOKEN" \
-X PATCH -d "uuid=SINU_VM_UUID" -d "vcpu=4" -d "ram=4096"
Järgmised sammud: Lisa StorageVault (S3) failide salvestamiseks või seadista PostgreSQL andmebaas oma API taga.