This is a full-stack CRUD application built with the MEAN stack (MongoDB, Express, Angular 15, Node.js). It has been fully Dockerized, optimized for production, and includes a complete CI/CD pipeline for deployment to AWS.
- Full Stack: Angular 15 Frontend + Node.js/Express Backend + MongoDB
- Dockerized:
- Multi-stage builds for smaller images.
- Non-root user execution for security.
- Production-grade Nginx configuration.
- Docker Compose orchestration with healthchecks.
- CI/CD Pipeline:
- Automated Linting (ESLint).
- Security Scanning (Trivy) for container vulnerabilities.
- Automated Build & Push to Docker Hub.
- Automated Deployment to AWS EC2.
- Code Quality:
- Integrated ESLint for both Frontend and Backend.
- Standardized code style.
You can provision the entire AWS infrastructure (VPC, Security Groups, EC2) automatically using Terraform.
- AWS CLI installed and configured (
aws configure). - Terraform installed.
- SSH Key Pair: Create a key pair named
mean-stack-keyin your AWS Console (us-east-1)
-
Navigate to the directory:
cd terraform -
Initialize Terraform:
terraform init
-
Preview Changes:
terraform plan
-
Apply Infrastructure:
terraform apply
Type
yeswhen prompted. -
Access Your Instance: After a successful apply, Terraform will output the Public IP and the SSH command.
ssh -i mean-stack-key.pem ubuntu@<PUBLIC_IP>
For a detailed breakdown of the AWS Architecture (including VPC, Public Subnets, and Security Groups) and the CI/CD Pipeline, please refer to AWS_ARCHITECTURE.md.
- Custom VPC: Production-grade network isolation.
- Public Subnet: Securely hosts the application gateway.
- Security Groups: Firewall rules allowing HTTP and SSH access from anywhere.
The GitHub Actions workflow (.github/workflows/deploy.yml) performs the following:
- Lint: Checks code quality.
- Build & Scan: Builds Docker images and scans them for vulnerabilities using Trivy.
- Push: Pushes safe images to Docker Hub.
- Deploy: Connects to the AWS EC2 instance and updates the containers.
To use the pipeline, configure the following GitHub Secrets:
DOCKER_USERNAME: Your Docker Hub username.DOCKER_PASSWORD: Docker Access TokenEC2_HOST: Public IP of your EC2 instance.EC2_USER:ubuntuEC2_SSH_KEY: Your private SSH key.
We use ESLint to maintain code quality.
- Run Backend Lint:
cd backend npm run lint - Run Frontend Lint:
cd frontend npm run lint
.
├── AWS_ARCHITECTURE.md # Architecture documentation
├── README.md # Project documentation
├── docker-compose.yml # Docker orchestration
├── backend/ # Node.js/Express Server
│ ├── Dockerfile # Backend Docker image config
│ ├── .eslintrc.json # Backend lint config
│ ├── server.js # Entry point
│ └── ...
└── frontend/ # Angular Client
├── Dockerfile # Frontend Docker image config
├── nginx.conf # Nginx proxy config
├── .eslintrc.json # Frontend lint config
└── ...
This application is monitored using Prometheus and Grafana.
- Prometheus: http://localhost:9090
- Grafana: http://localhost:3000 (Default credentials:
admin/admin) - Backend Metrics: http://localhost:8080/metrics
-
Backend Instrumentation:
- Added
prom-clientdependency tobackend/package.json. - Updated
backend/server.jsto collect default metrics and expose them at/metrics.
- Added
-
Prometheus Configuration:
- Created
prometheus.ymlto scrape thebackendservice on port8080.
- Created
-
Docker Compose:
- Added
prometheusservice usingprom/prometheusimage. - Added
grafanaservice usinggrafana/grafanaimage. - Configured volumes for data persistence (
prometheus_data,grafana_data).
- Added