Configuration for deployment
When you move from deployment to production or staging, you typically want to change your datasource from your internal testing database (or even the in-memory data store) to a production database where your live application data will reside. Additionally, you may want to change application properties such as host name and port number.
By default, a LoopBack application created with the application generator has two kinds of configuration files in the server directory that you use to configure production settings:
config.jsoncontaining general application configuration. You can override the settings in this file withconfig._env_.json, where env is the value ofNODE_ENVenvironment variable.datasources.jsoncontaining data source configuration. You can override the settings in this file withdatasources._env_.json, where env is the value ofNODE_ENVenvironment variable.
Set NODE_ENV to a string reflecting the host environment, for example “development” or “production”.
To get ready for production, create at least two copies of these files:
config.production.json and config.development.json; and
datasources.production.json and datasources.development.json.
You can create additional files (for example, config.staging.json) if desired.
Then, make sure on your development system you set the NODE_ENV to “development” and on your production system you set NODE_ENV to “production”.
Note:
Setting NODE_ENV to “production” will automatically turn off stack traces in JSON responses.
For more information, see Environment-specific configuration.
Disabling API Explorer
LoopBack API Explorer is great when you’re developing your application, but for security reasons you may not want to expose it in production.
For an application using loopback-component-explorer, to disable explorer in production:
- Set the
NODE_ENVenvironment variable to “production”. - Then in
server/component-config.production.json:
server/component-config.production.json
{
"loopback-component-explorer": null
}
Tip:
For an application using the old loopback-explorer (prior to version 2.0), disable API Explorer by deleting or renaming server/boot/explorer.js.
Other changes
When you move your app from development to staging, you may want to make additional changes. For example, you might want to customize REST error responses. See Customizing REST error handling for more information.
Using SSL
For a working example app demonstrating how to use SSL with LoopBack, see loopback-example-ssl. The example code below is drawn from that repository.
Generate your own SSL certificate
Here’s an example of generating an SSL certificate:
$ openssl genrsa -out privatekey.pem 1024
$ openssl req -new -key privatekey.pem -out certrequest.csr
$ openssl x509 -req -in certrequest.csr -signkey privatekey.pem -out certificate.pem
Load the SSL certificate
Once you’ve generated a certificate, load it in your app, for example:
ssl-config.js
var path = require('path'),
fs = require("fs");
exports.privateKey = fs.readFileSync(path.join(__dirname, './private/privatekey.pem')).toString();
exports.certificate = fs.readFileSync(path.join(__dirname, './private/certificate.pem')).toString();
Configure the app
{
"restApiRoot": "/api",
"host": "0.0.0.0",
"port": 3000,
"url": "https://localhost:3000/",
"swagger": {
"protocol": "https"
}
}
Create the HTTPS server
server/server.js
var https = require('https');
var sslConfig = require('./ssl-config');
//...
var options = {
key: sslConfig.privateKey,
cert: sslConfig.certificate
};
//...
server.listen(app.get('port'), function() {
var baseUrl = (httpOnly? 'http://' : 'https://') - app.get('host') - ':' - app.get('port');
app.emit('started', baseUrl);
console.log('LoopBack server listening @ %s%s', baseUrl, '/');
});
return server;