awesome-copilot/skills/web-coder/references/servers-infrastructure.md

Servers & Infrastructure Reference

Web servers, hosting, deployment, and infrastructure concepts.

Web Servers

Popular Web Servers

Nginx

High-performance web server and reverse proxy.

Features:

• Load balancing
• Reverse proxy
• Static file serving
• SSL/TLS termination

Basic Configuration:

server {
    listen 80;
    server_name example.com;
    
    # Serve static files
    location / {
        root /var/www/html;
        index index.html;
    }
    
    # Proxy to backend
    location /api {
        proxy_pass http://localhost:3000;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
    }
    
    # SSL configuration
    listen 443 ssl;
    ssl_certificate /path/to/cert.pem;
    ssl_certificate_key /path/to/key.pem;
}

Apache HTTP Server

Widely-used web server.

Features:

• .htaccess support
• Module system
• Virtual hosting

Basic .htaccess:

# Redirect to HTTPS
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

# Custom error pages
ErrorDocument 404 /404.html

# Cache control
<FilesMatch "\.(jpg|jpeg|png|gif|css|js)$">
    Header set Cache-Control "max-age=31536000, public"
</FilesMatch>

Node.js Servers

Express.js:

const express = require('express');
const app = express();

app.use(express.json());
app.use(express.static('public'));

app.get('/api/users', (req, res) => {
  res.json({ users: [] });
});

app.listen(3000, () => {
  console.log('Server running on port 3000');
});

Built-in HTTP Server:

const http = require('http');

const server = http.createServer((req, res) => {
  res.writeHead(200, { 'Content-Type': 'text/html' });
  res.end('<h1>Hello World</h1>');
});

server.listen(3000);

Hosting Options

Static Hosting

For static sites (HTML, CSS, JS).

Platforms:

• Vercel: Automatic deployments, serverless functions
• Netlify: Build automation, edge functions
• GitHub Pages: Free for public repos
• Cloudflare Pages: Fast global CDN
• AWS S3 + CloudFront: Scalable, requires setup

Deployment:

# Vercel
npx vercel

# Netlify
npx netlify deploy --prod

# GitHub Pages (via Git)
git push origin main

Platform as a Service (PaaS)

Managed application hosting.

Platforms:

• Heroku: Easy deployment, add-ons
• Railway: Modern developer experience
• Render: Unified platform
• Google App Engine: Automatic scaling
• Azure App Service: Microsoft cloud

Example (Heroku):

# Deploy
git push heroku main

# Scale
heroku ps:scale web=2

# View logs
heroku logs --tail

Infrastructure as a Service (IaaS)

Virtual servers (more control, more setup).

Providers:

• AWS EC2: Amazon virtual servers
• Google Compute Engine: Google VMs
• DigitalOcean Droplets: Simple VPS
• Linode: Developer-friendly VPS

Containerization

Docker:

# Dockerfile
FROM node:18-alpine
WORKDIR /app
COPY package*.json ./
RUN npm ci --only=production
COPY . .
EXPOSE 3000
CMD ["node", "server.js"]

# Build image
docker build -t my-app .

# Run container
docker run -p 3000:3000 my-app

Docker Compose:

version: '3'
services:
  web:
    build: .
    ports:
      - "3000:3000"
    environment:
      - DATABASE_URL=postgres://db:5432
  db:
    image: postgres:15
    environment:
      POSTGRES_PASSWORD: password

Kubernetes

Container orchestration platform.

Concepts:

• Pods: Smallest deployable units
• Services: Expose pods
• Deployments: Manage replicas
• Ingress: HTTP routing

Content Delivery Network (CDN)

Distributed network for fast content delivery.

Benefits:

• Faster load times
• Reduced server load
• DDoS protection
• Geographic distribution

Popular CDNs:

• Cloudflare: Free tier, DDoS protection
• AWS CloudFront: Amazon CDN
• Fastly: Edge computing
• Akamai: Enterprise CDN

CDN for Libraries:

<!-- CDN-hosted library -->
<script src="https://cdn.jsdelivr.net/npm/vue@3/dist/vue.global.js"></script>

Domain Name System (DNS)

Translates domain names to IP addresses.

DNS Records

Type	Purpose	Example
A	IPv4 address	example.com → 192.0.2.1
AAAA	IPv6 address	example.com → 2001:db8::1
CNAME	Alias to another domain	www → example.com
MX	Mail server	mail.example.com
TXT	Text information	SPF, DKIM records
NS	Nameserver	DNS delegation

DNS Lookup:

# Command line
nslookup example.com
dig example.com

# JavaScript (not direct DNS, but IP lookup)
fetch('https://dns.google/resolve?name=example.com')

DNS Propagation

Time for DNS changes to spread globally (typically 24-48 hours).

SSL/TLS Certificates

Encrypt data between client and server.

Certificate Types

• Domain Validation (DV): Basic, automated
• Organization Validation (OV): Verified business
• Extended Validation (EV): Highest validation

Getting Certificates

Let's Encrypt (Free):

# Certbot
sudo certbot --nginx -d example.com

Cloudflare (Free with Cloudflare DNS)

HTTPS Configuration

# Nginx HTTPS
server {
    listen 443 ssl http2;
    server_name example.com;
    
    ssl_certificate /path/to/fullchain.pem;
    ssl_certificate_key /path/to/privkey.pem;
    
    ssl_protocols TLSv1.2 TLSv1.3;
    ssl_ciphers HIGH:!aNULL:!MD5;
}

# Redirect HTTP to HTTPS
server {
    listen 80;
    server_name example.com;
    return 301 https://$host$request_uri;
}

Load Balancing

Distribute traffic across multiple servers.

Load Balancing Algorithms

• Round Robin: Rotate through servers
• Least Connections: Send to server with fewest connections
• IP Hash: Route based on client IP
• Weighted: Servers have different capacities

Nginx Load Balancer:

upstream backend {
    server server1.example.com weight=3;
    server server2.example.com;
    server server3.example.com;
}

server {
    location / {
        proxy_pass http://backend;
    }
}

Reverse Proxy

Server that forwards requests to backend servers.

Benefits:

• Load balancing
• SSL termination
• Caching
• Security (hide backend)

Nginx Reverse Proxy:

server {
    location / {
        proxy_pass http://localhost:3000;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_set_header Host $host;
        proxy_cache_bypass $http_upgrade;
    }
}

Caching Strategies

Browser Caching

Cache-Control: public, max-age=31536000, immutable

Server-Side Caching

Redis:

const redis = require('redis');
const client = redis.createClient();

// Cache data
await client.set('user:1', JSON.stringify(user), {
  EX: 3600 // Expire after 1 hour
});

// Retrieve cached data
const cached = await client.get('user:1');

CDN Caching

Static assets cached at edge locations.

Environment Variables

Configuration without hardcoding.

# .env file
DATABASE_URL=postgresql://localhost/mydb
API_KEY=secret-key-here
NODE_ENV=production

// Access in Node.js
require('dotenv').config();
const dbUrl = process.env.DATABASE_URL;

Best Practices:

• Never commit .env to Git
• Use .env.example as template
• Different values per environment
• Secure secret values

Deployment Strategies

Continuous Deployment (CD)

Automatically deploy when code is pushed.

GitHub Actions:

name: Deploy
on:
  push:
    branches: [main]
jobs:
  deploy:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3
      - uses: actions/setup-node@v3
      - run: npm ci
      - run: npm run build
      - run: npm run deploy

Blue-Green Deployment

Two identical environments, switch traffic.

Canary Deployment

Gradually roll out to subset of users.

Rolling Deployment

Update instances incrementally.

Process Managers

Keep applications running.

PM2

# Start application
pm2 start app.js

# Start with name
pm2 start app.js --name my-app

# Cluster mode (use all CPUs)
pm2 start app.js -i max

# Monitor
pm2 monit

# Restart
pm2 restart my-app

# Stop
pm2 stop my-app

# Logs
pm2 logs

# Startup script (restart on reboot)
pm2 startup
pm2 save

systemd

Linux service manager.

# /etc/systemd/system/myapp.service
[Unit]
Description=My Node App

[Service]
ExecStart=/usr/bin/node /path/to/app.js
Restart=always
User=nobody
Environment=NODE_ENV=production

[Install]
WantedBy=multi-user.target

sudo systemctl enable myapp
sudo systemctl start myapp
sudo systemctl status myapp

Monitoring & Logging

Application Monitoring

• New Relic: APM, monitoring
• Datadog: Infrastructure monitoring
• Grafana: Visualization
• Prometheus: Metrics collection

Log Aggregation

• Elasticsearch + Kibana: Search and visualize logs
• Splunk: Enterprise log management
• Papertrail: Cloud logging

Uptime Monitoring

• UptimeRobot: Free uptime checks
• Pingdom: Monitoring service
• StatusCake: Website monitoring

Security Best Practices

Server Hardening

• Keep software updated
• Use firewall (ufw, iptables)
• Disable root SSH login
• Use SSH keys (not passwords)
• Limit user permissions
• Regular backups

Application Security

• Use HTTPS everywhere
• Implement rate limiting
• Validate all input
• Use security headers
• Keep dependencies updated
• Regular security audits

Backup Strategies

Database Backups

# PostgreSQL
pg_dump dbname > backup.sql

# MySQL
mysqldump -u user -p dbname > backup.sql

# MongoDB
mongodump --db mydb --out /backup/

Automated Backups

• Daily backups
• Multiple retention periods
• Off-site storage
• Test restores regularly

Scalability

Vertical Scaling

Increase server resources (CPU, RAM).

Pros: Simple
Cons: Limited, expensive

Horizontal Scaling

Add more servers.

Pros: Unlimited scaling
Cons: Complex, requires load balancer

Database Scaling

• Replication: Read replicas
• Sharding: Split data across databases
• Caching: Reduce database load

Glossary Terms

Key Terms Covered:

• Apache
• Bandwidth
• CDN
• Cloud computing
• CNAME
• DNS
• Domain
• Domain name
• Firewall
• Host
• Hotlink
• IP address
• ISP
• Latency
• localhost
• Nginx
• Origin
• Port
• Proxy servers
• Round Trip Time (RTT)
• Server
• Site
• TLD
• Web server
• Website

Additional Resources

• Nginx Documentation
• Docker Documentation
• AWS Documentation
• Let's Encrypt
• PM2 Documentation