Deploy your Bitnami MEAN Stack on Google Cloud Platform now! Launch Now

Bitnami MEAN for Google Cloud Platform

Description

MEAN Stack, short for MongoDB, Express, Angular, and Node.js, is a free and open source JavaScript stack for building modern, dynamic websites and web applications.

First steps with the Bitnami MEAN Stack

Welcome to your new Bitnami application running on Google Cloud Platform! Here are a few questions (and answers!) you might need when first starting with your application.

What credentials do I need?

You need two sets of credentials:

  • The application password. This will allow you to log in to the services of the Bitnami stack.

  • The server credentials, consisting of an SSH username and key. These credentials allow you to log in to your Google Cloud Platform server using an SSH client and execute commands on the server using the command line.

What is the administrator password?

What SSH username should I use for secure shell access to my application?

SSH username: bitnami

How do I get my SSH key or password?

What are the default ports?

A port is an endpoint of communication in an operating system that identifies a specific process or a type of service. Bitnami stacks include several services or servers that require a port.

Remember that if you need to open some ports you can follow the instructions given in the FAQ to learn how to open the server ports for remote access.

Port 22 is the default port for SSH connections.

Bitnami opens some ports for the main servers. These are the ports opened by default: 80, 443.

Which components are installed with the Bitnami MEAN Stack?

The Bitnami MEAN Stack ships the components listed below. If you want to know which specific version of each component is bundled in the stack you are downloading, check the README.txt file in the download page or in the stack installation directory. You can also find more information about each component using the links below.

Main components

How can I get started with MEAN?

To get started, we suggest the following steps:

Step 1. Create a new MEAN project.

To create a new MEAN project, create a new folder for your project in the /home/bitnami directory and then create a new Express project:

  $ cd /home/bitnami
  $ mkdir projects
  $ cd projects
  $ express sample
  $ cd sample
  $ npm install

To start the application, use this command:

  $ ./bin/www

By default, the application will run on port 3000.

To access the application and see its output, browse to http://SERVER-IP:3000/. To end the application, terminate the running Express process.

NOTE: Access to the server on port 3000 may be blocked for security reasons. In this case, you must first create an SSH tunnel between your local system and the server before you can access the application using these instructions.

For more information, refer to these instructions.

Step 2. Add MongoDB and AngularJS to your MEAN application.

You can connect your application with MongoDB using MongooseJS, an object modelling driver for Node.js. It is already installed in the MEAN stack so you only have to add the following lines to your app.js file:

var Mongoose = require('mongoose');
var db = Mongoose.createConnection('mongodb://USER:PASSWORD@localhost/DATABASE');

You can use install AngularJS in your application with Bower. Create a file named .bowerrc in your application with the following content:

{ "directory" : "public/javascripts/vendor" }

Then, run this command in the project directory:

$ bower install angular

For more information, refer to these instructions.

Step 3. Access RockMongo.

RockMongo is an application intended to handle the administration of MongoDB over the Web. For security reasons, this application is not accessible via web by default. Find out how to access it here.

How to start or stop the services?

Each Bitnami stack includes a control script that lets you easily stop, start and restart services. The script is located at /opt/bitnami/ctlscript.sh. Call it without any service name arguments to start all services:

$ sudo /opt/bitnami/ctlscript.sh start

Or use it to restart a single service, such as Apache only, by passing the service name as argument:

$ sudo /opt/bitnami/ctlscript.sh restart apache

Use this script to stop all services:

$ sudo /opt/bitnami/ctlscript.sh stop

Restart the services by running the script without any arguments:

$ sudo /opt/bitnami/ctlscript.sh restart

Obtain a list of available services and operations by running the script without any arguments:

$ sudo /opt/bitnami/ctlscript.sh

How can I run a command in the Bitnami MEAN Stack?

Log in to the server console as the bitnami user and run the command as usual. The required environment is automatically loaded for the bitnami user.

How to access a MEAN server application?

For security reasons, MEAN server applications are accessible only when using 127.0.0.1 as the hostname. To access the application, it is necessary to create an SSH tunnel by forwarding port 3000 on the MEAN server to port 3000 on the local host.

Refer to the FAQ for platform-specific instructions to create the SSH tunnel. An example of configuring the SSH tunnel using PuTTY on Windows is displayed below.

PuTTY tunnel config

How to upload files to the server with SFTP?

NOTE: Bitnami applications can be found in /opt/bitnami/apps.
  • If you are using the Bitnami Launchpad for Google Cloud Platform, obtain your server SSH key by following these steps:

    • Browse to the Bitnami Launchpad for Google Cloud Platform dashboard and sign in if required using your Bitnami account.
    • Select the "Virtual Machines" menu item.
    • Select your cloud server from the resulting list.
    • Download the SSH key for your server in PPK or PEM format. Note the server IP address on the same page.

Server information

NOTE: Replace USERNAME in the commands below with your Google Cloud platform username.
	$ sudo su USERNAME
	$ ssh-keygen -t rsa -f ~/.ssh/my-ssh-key -C USERNAME
  • Enter the passphrase twice. The SSH key pair will be generated and saved in /home/USERNAME/.ssh/my-ssh-key and /home/USERNAME/.ssh/my-ssh-key.pub.

Although you can use any SFTP/SCP client to transfer files to your server, this guide documents FileZilla (Windows, Linux and Mac OS X), WinSCP (Windows) and Cyberduck (Mac OS X).

Using an SSH Key

Once you have your server's SSH key, choose your preferred application and follow the steps below to connect to the server using SFTP.

FileZilla
IMPORTANT: To use FileZilla, your server private key should be in PPK format.

Follow these steps:

  • Download and install FileZilla.
  • Launch FileZilla and use the "Edit -> Settings" command to bring up FileZilla's configuration settings.
  • Within the "Connection -> SFTP" section, use the "Add keyfile" command to select the private key file for the server. FileZilla will use this private key to log in to the server.

    FileZilla configuration

  • Use the "File -> Site Manager -> New Site" command to bring up the FileZilla Site Manager, where you can set up a connection to your server.
  • Enter your server host name and specify bitnami as the user name.
  • Select "SFTP" as the protocol and "Ask for password" as the logon type.

    FileZilla configuration

  • Use the "Connect" button to connect to the server and begin an SFTP session. You might need to accept the server key, by clicking "Yes" or "OK" to proceed.

You should now be logged into the /home/bitnami directory on the server. You can now transfer files by dragging and dropping them from the local server window to the remote server window.

If you have problems accessing your server, get extra information by use the "Edit -> Settings -> Debug" menu to activate FileZilla's debug log.

FileZilla debug log

WinSCP
IMPORTANT: To use WinSCP, your server private key should be in PPK format.

Follow these steps:

  • Download and install WinSCP.
  • Launch WinSCP and in the "Session" panel, select "SFTP" as the file protocol.
  • Enter your server host name and specify bitnami as the user name.

    WinSCP configuration

  • Click the "Advanced…" button and within the "SSH -> Authentication -> Authentication parameters" section, select the private key file for the server. WinSCP will use this private key to log in to the server.

    WinSCP configuration

  • From the "Session" panel, use the "Login" button to connect to the server and begin an SCP session.

You should now be logged into the /home/bitnami directory on the server. You can now transfer files by dragging and dropping them from the local server window to the remote server window.

If you need to upload files to a location where the bitnami user doesn't have write permissions, you have two options:

  • Once you have configured WinSCP as described above, click the "Advanced…" button and within the "Environment -> Shell" panel, select sudo su - as your shell. This will allow you to upload files using the administrator account.

    WinSCP configuration

  • Upload the files to the /home/bitnami directory as usual. Then, connect via SSH and move the files to the desired location with the sudo command, as shown below:

     $ sudo mv /home/bitnami/uploaded-file /path/to/desired/location/
    
Cyberduck
IMPORTANT: To use Cyberduck, your server private key should be in PEM format.

Follow these steps:

  • Select the "Open Connection" command and specify "SFTP" as the connection protocol.

    Cyberduck configuration

  • In the connection details panel, under the "More Options" section, enable the "Use Public Key Authentication" option and specify the path to the private key file for the server.

    Cyberduck configuration

  • Use the "Connect" button to connect to the server and begin an SFTP session.

You should now be logged into the /home/bitnami directory on the server. You can now transfer files by dragging and dropping them from the local server window to the remote server window.

How to connect instances hosted in separate virtual networks or VPCs?

The Google Cloud Platform makes it possible to connect instances hosted in separate Virtual Private Clouds (VPCs), even if those instances belong to different projects or are hosted in different regions. This feature, known as VPC Network Peering, can result in better security (as services do not need to be exposed on public IP addresses) and performance (due to use of private, rather than public, networks and IP addresses).

Learn more about VPC Network Peering.

How to create a new MEAN project?

If you would like to create a new MEAN project, follow the steps below:

  • Log in to your server console.

  • Create a new folder for your project in the /home/bitnami directory.

     $ cd /home/bitnami
     $ mkdir projects
    
  • Create a new Express project:

     $ cd /home/bitnami/projects
     $ express sample
    
  • The MEAN stack already has the required components installed in Node.js, but if you prefer, you can install them in the new project folder:

     $ cd /home/bitnami/projects/sample
     $ npm install
    
  • Start the application.

     $ ./bin/www
    

This will start the Express server for your application on port 3000.

To access the application and see its output, browse to http://SERVER-IP:3000/. To end the application, terminate the running Express process.

NOTE: Access to the server on port 3000 may be blocked for security reasons. In this case, you must first create an SSH tunnel between your local system and the server before you can access the application using these instructions.

You can now proceed to enhance your project by connecting it with MongoDB or by adding AngularJS.

Connecting to MongoDB

You can connect your application with MongoDB using MongooseJS, an object modelling driver for Node.js. It is already installed in the MEAN stack so you only have to add the following lines to your app.js file:

var Mongoose = require('mongoose');
var db = Mongoose.createConnection('mongodb://USER:PASSWORD@localhost/DATABASE');

On cloud servers, you can also use the MongoDB socket instead of using the TCP/IP connection to MongoDB. Here is an example.

var Mongoose = require('mongoose');
var db = Mongoose.createConnection('mongodb:///opt/bitnami/mongodb/tmp/mongodb-27017.sock/DATABASE');

Note that the socket name depends on the MongoDB port in use.

Refer to this document for information on how to create a database and a database user in MongoDB.

Adding AngularJS

You can use install AngularJS in your application with Bower. Create a file named .bowerrc in your application with the following content:

{ "directory" : "public/javascripts/vendor" }

Then, run this command in the project directory:

$ bower install angular

The necessary files will be copied into the public/javascripts/vendor/angular directory of your application.

Learn more about testing and developing applications with the Bitnami MEAN stack.

How to enable HTTPS support with SSL certificates?

NOTE: The steps below assume that you are using a custom domain name and that you have already configured the custom domain name to point to your cloud server. In the following steps, replace the APPNAME placeholder with the name of your application directory.

Bitnami images come with SSL support already pre-configured and with a dummy certificate in place. Although this dummy certificate is fine for testing and development purposes, you will usually want to use a valid SSL certificate for production use. You can either generate this on your own (explained here) or you can purchase one from a commercial certificate authority.

Once you obtain the certificate and certificate key files, you will need to update your server to use them. Follow these steps to activate SSL support:

  • Use the table below to identify the correct locations for your certificate and configuration files.

    Variable Value
    Current application URL https://[custom-domain]/
      Example: https://my-domain.com/ or https://my-domain.com/appname
    Nginx configuration file /opt/bitnami/apps/APPNAME/conf/APPNAME.conf
    Certificate file /opt/bitnami/apps/APPNAME/conf/certs/server.crt
    Certificate key file /opt/bitnami/apps/APPNAME/conf/certs/server.key
  • Copy your SSL certificate and certificate key file to the specified locations.

  • Once you have copied all the server certificate files, you may make them readable by the root user only with the following commands:

     $ sudo chown root:root /opt/bitnami/apps/APPNAME/conf/certs/server*
    
     $ sudo chmod 600 /opt/bitnami/apps/APPNAME/conf/certs/server*
    
  • Open port 443 in the server firewall. Refer to the FAQ for more information.

  • Restart the Nginx server.

     $ sudo /opt/bitnami/ctlscript.sh restart nginx
    

You should now be able to access your application using an HTTPS URL.

How to create an SSL certificate?

You can create your own SSL certificate with the OpenSSL binary. A certificate request can then be sent to a certificate authority (CA) to get it signed into a certificate, or if you have your own certificate authority, you may sign it yourself, or you can use a self-signed certificate (because you just want a test certificate or because you are setting up your own CA).

NOTE: In the following steps, replace the APPNAME placeholder with the name of your application directory.
  • Generate a new private key:

     $ sudo openssl genrsa -out /opt/bitnami/apps/APPNAME/conf/certs/server.key 2048
    
  • Create a certificate:

     $ sudo openssl req -new -key /opt/bitnami/apps/APPNAME/conf/certs/server.key -out /opt/bitnami/apps/APPNAME/conf/certs/cert.csr
    
    IMPORTANT: Enter the server domain name when the above command asks for the "Common Name".
  • Send cert.csr to the certificate authority. When the certificate authority completes their checks (and probably received payment from you), they will hand over your new certificate to you.

  • Until the certificate is received, create a temporary self-signed certificate:

     $ sudo openssl x509 -in /opt/bitnami/apps/APPNAME/conf/certs/cert.csr -out /opt/bitnami/apps/APPNAME/conf/certs/server.crt -req -signkey /opt/bitnami/apps/APPNAME/conf/certs/server.key -days 365
    
  • Back up your private key in a safe location after generating a password-protected version as follows:

     $ sudo openssl rsa -des3 -in /opt/bitnami/apps/APPNAME/conf/certs/server.key -out privkey.pem
    

    Note that if you use this encrypted key in the configuration file, Nginx won't be able to start. Regenerate the key without password protection from this file as follows:

     $ sudo openssl rsa -in privkey.pem -out /opt/bitnami/apps/APPNAME/conf/certs/server.key
    

Find more information about certificates at http://www.openssl.org.

How to access RockMongo?

For security reasons, RockMongo is accessible only when using 127.0.0.1 as the hostname. To access it from a remote system, you must create an SSH tunnel that routes requests to the Apache Web server from 127.0.0.1. This implies that you must be able to connect to your server over SSH in order to access these applications remotely.

IMPORTANT: Before following the steps below, ensure that your Apache and MongoDB servers are running.
NOTE: The steps below suggest using port 8888 for the SSH tunnel. If this port is already in use by another application on your local machine, replace it with any other port number greater than 1024 and modify the steps below accordingly. Similarly, if you have enabled Varnish, your stack's Apache Web server might be running on port 81. In this case, modify the steps below to use port 81 instead of port 80 for the tunnel endpoint.

Accessing RockMongo on Windows

In order to access RockMongo via SSH tunnel you need an SSH client. In the instructions below we have selected PuTTY, a free SSH client for Windows and UNIX platforms. The first step is having PuTTY configured. Please, check how to configure it in the section how to connect to the server through SSH using an SSH client on Windows.

Once you have your SSH client correctly configured and you tested that you can successfully access to your instance via SSH, you need to create an SSH tunnel in order to access RockMongo. For doing so, follow these steps:

  • In the "Connection -> SSH -> Tunnels" section, add a new forwarded port by introducing the following values:

    • Source port: 8888
    • Destination: localhost:80

    This will create a secure tunnel by forwarding a port (the "destination port") on the remote server to a port (the "source port") on the local host (127.0.0.1 or localhost).

  • Click the "Add" button to add the secure tunnel configuration to the session. (You'll see the added port in the list of "Forwarded ports").

    PuTTY configuration

  • In the "Session" section, save your changes by clicking the "Save" button.
  • Click the "Open" button to open an SSH session to the server. The SSH session will now include a secure SSH tunnel between the two specified ports.
  • Access the RockMongo console through the secure SSH tunnel you created, by browsing to http://127.0.0.1:8888/rockmongo.
  • Log in to RockMongo by using the following credentials:

    • Username: root
    • Password: application password. (Refer to our FAQ to learn how to find your application credentials).

Here is an example of what you should see:

RockMongo

If you are unable to access RockMongo, verify that the SSH tunnel was created by checking the PuTTY event log (accessible via the "Event Log" menu):

PuTTY configuration

Accessing RockMongo on Linux and Mac OS X

To access the application using your Web browser, create an SSH tunnel, as described below.

  • Open a new terminal window on your local system (for example, using "Finder -> Applications -> Utilities -> Terminal" in Mac OS X or the Dash in Ubuntu).
  • Make sure that you have your SSH credentials (.pem key file) in hand.
  • Run the following command to configure the SSH tunnel. Remember to replace KEYFILE with the path to your private key and SERVER-IP with the public IP address or hostname of your server:

    $ ssh -N -L 8888:127.0.0.1:80 -i KEYFILE bitnami@SERVER-IP
    
NOTE: If successful, the above command will create an SSH tunnel but will not display any output on the server console.
  • Access the RockMongo console through the secure SSH tunnel you created, by browsing to http://127.0.0.1:8888/rockmongo.
  • Log in to RockMongo by using the following credentials:

    • Username: root
    • Password: application password. (Refer to our FAQ to learn how to find your application credentials).

Here is an example of what you should see:

RockMongo

google