Setting up a fork on Heroku

[Litteratus]

Hey there, I've been attempting to get a fork working on Heroku and I'm running into issues. I was wondering if you could take a look?

Disclaimer: I'm new to Github, Node.js and Heroku, so it's a perfect storm of confusion. I might need some adult supervision on this one.

What I've done so far:
Forked this Github repo to https:/github.com/litteratus/happyfuntimes.net
Set up a Heroku free trial with the Nodejs buildpack
Set a config var HFT_PORT to 80 (as per suggestion on the other issue)
Running the app generates the following log:

2018-10-31T20:14:07.281416+00:00 heroku[web.1]: Starting process with command npm start
2018-10-31T20:14:09.744946+00:00 app[web.1]:
2018-10-31T20:14:09.744974+00:00 app[web.1]: > happyfuntimes.net@0.0.2 start /app
2018-10-31T20:14:09.744976+00:00 app[web.1]: > node server.js
2018-10-31T20:14:09.744977+00:00 app[web.1]:
2018-10-31T20:14:10.091978+00:00 app[web.1]: LOGGLY_TOKEN not set. Will not log to LOGGLY
2018-10-31T20:14:10.107112+00:00 app[web.1]: 2018-10-31T20:14:10.106Z - info: started listening: port=80, address=::ffff:127.0.0.1
2018-10-31T20:14:10.114411+00:00 app[web.1]: events.js:183
2018-10-31T20:14:10.114415+00:00 app[web.1]: throw er; // Unhandled 'error' event
2018-10-31T20:14:10.114416+00:00 app[web.1]: ^
2018-10-31T20:14:10.114417+00:00 app[web.1]:
2018-10-31T20:14:10.114419+00:00 app[web.1]: Error: listen EACCES ::ffff:127.0.0.1:80
2018-10-31T20:14:10.114421+00:00 app[web.1]: at Server.setupListenHandle [as _listen2] (net.js:1343:19)
2018-10-31T20:14:10.114422+00:00 app[web.1]: at listenInCluster (net.js:1401:12)
2018-10-31T20:14:10.114424+00:00 app[web.1]: at doListen (net.js:1510:7)
2018-10-31T20:14:10.114426+00:00 app[web.1]: at _combinedTickCallback (internal/process/next_tick.js:142:11)
2018-10-31T20:14:10.114428+00:00 app[web.1]: at process._tickCallback (internal/process/next_tick.js:181:9)
2018-10-31T20:14:10.114429+00:00 app[web.1]: at Function.Module.runMain (module.js:696:11)
2018-10-31T20:14:10.114431+00:00 app[web.1]: at startup (bootstrap_node.js:204:16)
2018-10-31T20:14:10.114433+00:00 app[web.1]: at bootstrap_node.js:625:3
2018-10-31T20:14:10.123802+00:00 app[web.1]: npm ERR! code ELIFECYCLE
2018-10-31T20:14:10.124091+00:00 app[web.1]: npm ERR! errno 1
2018-10-31T20:14:10.125187+00:00 app[web.1]: npm ERR! happyfuntimes.net@0.0.2 start: node server.js
2018-10-31T20:14:10.125341+00:00 app[web.1]: npm ERR! Exit status 1
2018-10-31T20:14:10.125547+00:00 app[web.1]: npm ERR!
2018-10-31T20:14:10.125661+00:00 app[web.1]: npm ERR! Failed at the happyfuntimes.net@0.0.2 start script.
2018-10-31T20:14:10.125783+00:00 app[web.1]: npm ERR! This is probably not a problem with npm. There is likely additional logging output above.
2018-10-31T20:14:10.134578+00:00 app[web.1]:
2018-10-31T20:14:10.134749+00:00 app[web.1]: npm ERR! A complete log of this run can be found in:
2018-10-31T20:14:10.134931+00:00 app[web.1]: npm ERR! /app/.npm/_logs/2018-10-31T20_14_10_127Z-debug.log
2018-10-31T20:14:10.194786+00:00 heroku[web.1]: Process exited with status 1
2018-10-31T20:14:10.210286+00:00 heroku[web.1]: State changed from starting to crashed
2018-10-31T20:14:10.212001+00:00 heroku[web.1]: State changed from crashed to starting
2018-10-31T20:14:14.148169+00:00 heroku[web.1]: Starting process with command npm start
2018-10-31T20:14:18.790395+00:00 app[web.1]:
2018-10-31T20:14:18.790426+00:00 app[web.1]: > happyfuntimes.net@0.0.2 start /app
2018-10-31T20:14:18.790428+00:00 app[web.1]: > node server.js
2018-10-31T20:14:18.790430+00:00 app[web.1]:
2018-10-31T20:14:19.353787+00:00 app[web.1]: LOGGLY_TOKEN not set. Will not log to LOGGLY
2018-10-31T20:14:19.368774+00:00 app[web.1]: 2018-10-31T20:14:19.367Z - info: started listening: port=80, address=::ffff:127.0.0.1
2018-10-31T20:14:19.379499+00:00 app[web.1]: events.js:183
2018-10-31T20:14:19.379504+00:00 app[web.1]: throw er; // Unhandled 'error' event
2018-10-31T20:14:19.379505+00:00 app[web.1]: ^
2018-10-31T20:14:19.379507+00:00 app[web.1]:
2018-10-31T20:14:19.379508+00:00 app[web.1]: Error: listen EACCES ::ffff:127.0.0.1:80
2018-10-31T20:14:19.379511+00:00 app[web.1]: at Server.setupListenHandle [as _listen2] (net.js:1343:19)
2018-10-31T20:14:19.379512+00:00 app[web.1]: at listenInCluster (net.js:1401:12)
2018-10-31T20:14:19.379515+00:00 app[web.1]: at doListen (net.js:1510:7)
2018-10-31T20:14:19.379518+00:00 app[web.1]: at _combinedTickCallback (internal/process/next_tick.js:142:11)
2018-10-31T20:14:19.379520+00:00 app[web.1]: at process._tickCallback (internal/process/next_tick.js:181:9)
2018-10-31T20:14:19.379521+00:00 app[web.1]: at Function.Module.runMain (module.js:696:11)
2018-10-31T20:14:19.379523+00:00 app[web.1]: at startup (bootstrap_node.js:204:16)
2018-10-31T20:14:19.379524+00:00 app[web.1]: at bootstrap_node.js:625:3
2018-10-31T20:14:19.386735+00:00 app[web.1]: npm ERR! code ELIFECYCLE
2018-10-31T20:14:19.387066+00:00 app[web.1]: npm ERR! errno 1
2018-10-31T20:14:19.388374+00:00 app[web.1]: npm ERR! happyfuntimes.net@0.0.2 start: node server.js
2018-10-31T20:14:19.388513+00:00 app[web.1]: npm ERR! Exit status 1
2018-10-31T20:14:19.388691+00:00 app[web.1]: npm ERR!
2018-10-31T20:14:19.388773+00:00 app[web.1]: npm ERR! Failed at the happyfuntimes.net@0.0.2 start script.
2018-10-31T20:14:19.388897+00:00 app[web.1]: npm ERR! This is probably not a problem with npm. There is likely additional logging output above.
2018-10-31T20:14:19.399652+00:00 app[web.1]:
2018-10-31T20:14:19.399910+00:00 app[web.1]: npm ERR! A complete log of this run can be found in:
2018-10-31T20:14:19.400024+00:00 app[web.1]: npm ERR! /app/.npm/_logs/2018-10-31T20_14_19_391Z-debug.log
2018-10-31T20:14:19.518102+00:00 heroku[web.1]: State changed from starting to crashed
2018-10-31T20:14:19.502012+00:00 heroku[web.1]: Process exited with status 1

So, I went to the console:
I ran npm install, which generated the following

audited 1529 packages in 6.939s
found 28 vulnerabilities (10 low, 11 moderate, 6 high, 1 critical)
run npm audit fix to fix them, or npm audit for details

I tried npm audit to get the details

=== npm audit security report ===    

Run npm install request@2.88.0 to resolve 5 vulnerabilities

Moderate Prototype pollution
Package hoek
Dependency of request
Path request > hawk > boom > hoek
More info https://nodesecurity.io/advisories/566

Moderate Prototype pollution
Package hoek
Dependency of request
Path request > hawk > cryptiles > boom > hoek
More info https://nodesecurity.io/advisories/566

Moderate Prototype pollution
Package hoek
Dependency of request
Path request > hawk > hoek
More info https://nodesecurity.io/advisories/566

Moderate Prototype pollution
Package hoek
Dependency of request
Path request > hawk > sntp > hoek
More info https://nodesecurity.io/advisories/566

Moderate Memory Exposure
Package tunnel-agent
Dependency of request
Path request > tunnel-agent
More info https://nodesecurity.io/advisories/598

Run npm install --save-dev grunt@1.0.3 to resolve 8 vulnerabilities

SEMVER WARNING: Recommended action is a potentially breaking change

High Regular Expression Denial of Service
Package minimatch
Dependency of grunt [dev]
Path grunt > findup-sync > glob > minimatch
More info https://nodesecurity.io/advisories/118

High Regular Expression Denial of Service
Package minimatch
Dependency of grunt [dev]
Path grunt > glob > minimatch
More info https://nodesecurity.io/advisories/118

High Regular Expression Denial of Service
Package minimatch
Dependency of grunt [dev]
Path grunt > minimatch
More info https://nodesecurity.io/advisories/118

Low Prototype Pollution
Package lodash
Dependency of grunt [dev]
Path grunt > findup-sync > lodash
More info https://nodesecurity.io/advisories/577

Low Prototype Pollution
Package lodash
Dependency of grunt [dev]
Path grunt > grunt-legacy-log > grunt-legacy-log-utils > lodash
More info https://nodesecurity.io/advisories/577

Low Prototype Pollution
Package lodash
Dependency of grunt [dev]
Path grunt > grunt-legacy-log > lodash
More info https://nodesecurity.io/advisories/577

Low Prototype Pollution
Package lodash
Dependency of grunt [dev]
Path grunt > grunt-legacy-util > lodash
More info https://nodesecurity.io/advisories/577

Low Prototype Pollution
Package lodash
Dependency of grunt [dev]
Path grunt > lodash
More info https://nodesecurity.io/advisories/577

Run npm install --save-dev mocha@5.2.0 to resolve 4 vulnerabilities

SEMVER WARNING: Recommended action is a potentially breaking change

Low Regular Expression Denial of Service
Package debug
Dependency of mocha [dev]
Path mocha > debug
More info https://nodesecurity.io/advisories/534

Moderate Regular Expression Denial of Service
Package ms
Dependency of mocha [dev]
Path mocha > debug > ms
More info https://nodesecurity.io/advisories/46

High Regular Expression Denial of Service
Package minimatch
Dependency of mocha [dev]
Path mocha > glob > minimatch
More info https://nodesecurity.io/advisories/118

Critical Command Injection
Package growl
Dependency of mocha [dev]
Path mocha > growl
More info https://nodesecurity.io/advisories/146

Run npm install forever@0.15.3 to resolve 2 vulnerabilities

High Regular Expression Denial of Service
Package minimatch
Dependency of forever
Path forever > forever-monitor > minimatch
More info https://nodesecurity.io/advisories/118

Low Regular Expression Denial of Service
Package timespan
Dependency of forever
Path forever > timespan
More info https://nodesecurity.io/advisories/533

Run npm install --save-dev html-minifier@3.5.21 to resolve 3 vulnerabilities

SEMVER WARNING: Recommended action is a potentially breaking change

High Regular Expression Denial of Service
Package minimatch
Dependency of html-minifier [dev]
Path html-minifier > cli > glob > minimatch
More info https://nodesecurity.io/advisories/118

Low Arbitrary File Write
Package cli
Dependency of html-minifier [dev]
Path html-minifier > cli
More info https://nodesecurity.io/advisories/95

Low Regular Expression Denial of Service
Package uglify-js
Dependency of html-minifier [dev]
Path html-minifier > uglify-js
More info https://nodesecurity.io/advisories/48

Manual Review
Some vulnerabilities require your attention to resolve
Visit https://go.npm.me/audit-guide for additional guidance

Moderate Prototype pollution
Package hoek
Patched in > 4.2.0 < 5.0.0 || >= 5.0.3
Dependency of winston-loggly
Path winston-loggly > loggly > request > hawk > boom > hoek
More info https://nodesecurity.io/advisories/566

Moderate Prototype pollution
Package hoek
Patched in > 4.2.0 < 5.0.0 || >= 5.0.3
Dependency of winston-loggly
Path winston-loggly > loggly > request > hawk > cryptiles > boom

hoek
More info https://nodesecurity.io/advisories/566

Moderate Prototype pollution
Package hoek
Patched in > 4.2.0 < 5.0.0 || >= 5.0.3
Dependency of winston-loggly
Path winston-loggly > loggly > request > hawk > hoek
More info https://nodesecurity.io/advisories/566

Moderate Prototype pollution
Package hoek
Patched in > 4.2.0 < 5.0.0 || >= 5.0.3
Dependency of winston-loggly
Path winston-loggly > loggly > request > hawk > sntp > hoek
More info https://nodesecurity.io/advisories/566

Moderate Memory Exposure
Package tunnel-agent
Patched in >=0.6.0
Dependency of winston-loggly
Path winston-loggly > loggly > request > tunnel-agent
More info https://nodesecurity.io/advisories/598

Low Regular Expression Denial of Service
Package timespan
Patched in No patch available
Dependency of winston-loggly
Path winston-loggly > loggly > timespan
More info https://nodesecurity.io/advisories/533

found 28 vulnerabilities (10 low, 11 moderate, 6 high, 1 critical) in 1529 scanned packages
run npm audit fix to fix 7 of them.
15 vulnerabilities require semver-major dependency updates.
6 vulnerabilities require manual review. See the full report for details.
[..................] / : timing audit body Completed in 3ms

So, I followed the suggestions:
npm install request@2.88.0

npm WARN deprecated node-uuid@1.4.8: Use uuid module instead
npm WARN deprecated hoek@2.16.3: The major version is no longer supported. Please update to 4.x or newer

• request@2.88.0
  added 10 packages from 20 contributors, updated 1 package, moved 2 packages and audited 1502 packages in 5.847s
  found 23 vulnerabilities (10 low, 6 moderate, 6 high, 1 critical)
  run npm audit fix to fix them, or npm audit for details

npm install --save-dev grunt@1.0.3

audited 1654 packages in 14.185s
found 20 vulnerabilities (5 low, 11 moderate, 3 high, 1 critical)
run npm audit fix to fix them, or npm audit for detail

npm install --save-dev mocha@5.2.0

audited 1542 packages in 11.882s
found 24 vulnerabilities (9 low, 10 moderate, 5 high)
run npm audit fix to fix them, or npm audit for details

npm install forever@0.15.3

npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@1.2.4 (node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@1.2.4: wanted {"os":"darwin","arch":"any"} (current: {"os":
"linux","arch":"x64"})

• forever@0.15.3
  added 178 packages from 126 contributors, removed 2 packages, updated 2 packages, moved 1 package and audited 2615 packages in 39.498s
  found 27 vulnerabilities (10 low, 11 moderate, 5 high, 1 critical)
  run npm audit fix to fix them, or npm audit for details

npm install --save-dev html-minifier@3.5.21

audited 1478 packages in 8.16s
found 25 vulnerabilities (8 low, 11 moderate, 5 high, 1 critical)
run npm audit fix to fix them, or npm audit for details

It didn't suggest a fix for hoek so I found the latest version was 5.0.4 and did:
npm install hoek@5.0.4

npm WARN deprecated hoek@2.16.3: The major version is no longer supported. Please update to 4.x or newer

• hoek@5.0.4
  added 3 packages, updated 1 package and audited 1530 packages in 14.904s
  found 28 vulnerabilities (10 low, 11 moderate, 6 high, 1 critical)
  run npm audit fix to fix them, or npm audit for details

npm install tunnel-agent@0.6.0

• tunnel-agent@0.6.0
  added 1 package from 1 contributor, updated 1 package and audited 1531 packages in 3.9s
  found 28 vulnerabilities (10 low, 11 moderate, 6 high, 1 critical)
  run npm audit fix to fix them, or npm audit for details

This process didn't help. I've still got a crashed Dyno.
So.. for this total nub, what am I doing wrong?

[greggman]

It looks like the issue is your process doesn't have permission to use port 80. I don't know how to allow access on port 80 on heroku

It looks like you should somehow set HFT_PORT to PORT as in

HFT_PORT=$PORT
npm run start

or

HFT_PORT=$PORT npm run start

and that heroku automatically passes in a port that it forwards to port 80?

[Litteratus]

Okay I found this documentation on the Heroku site: https://help.heroku.com/P1AVPANS/why-is-my-node-js-app-crashing-with-an-r10-error

I tried using HFT_PORT = $PORT in their front-end but it doesn't work:

2018-11-01T14:50:01.014633+00:00 app[web.1]: net.js:1476
2018-11-01T14:50:01.014636+00:00 app[web.1]: throw new RangeError('"port" argument must be >= 0 and < 65536');
2018-11-01T14:50:01.014638+00:00 app[web.1]: ^
2018-11-01T14:50:01.014639+00:00 app[web.1]:
2018-11-01T14:50:01.014641+00:00 app[web.1]: RangeError: "port" argument must be >= 0 and < 65536
2018-11-01T14:50:01.014643+00:00 app[web.1]: at Server.listen (net.js:1476:13)

It seems I'd have to use it in code directly

[greggman]

Ok, here is how I got it to work on Heroku.

NOTE: You have to have a custom domain. You can NOT use the heroku domains

Steps

1. make an app on heroku
2. clone this repo git clone https://github.com/greggman/happyfuntimes.net.git
3. cd happyfuntimes.net
4. npm install
5. Install the heroku command line tools
6. login to heroku on the command line heroku login
7. run the heroku command to add a heroku to git heroku git:remote -a name-of-your-app
8. launch the app on heroku git push heroku master
9. add your custom domain heroku domains:add your.domain.com
10. go do your DNS provider (where you bought the domain) and add a CNAME record. Put your.domain.com and whatever domain the previous command told you to use
11. In your game set the rendezvous url to http://your.domain.com/api/inform2

run the game

In a browser window try to go to http://your.domain.com

note: at step 9 here's my example. My custom domain to test was heroku-test.happyfuntimes.net and so it told me for step 10 to create a CNAME record that points heroku-test.happyfuntimes.net to philosophical-mango-opni0ft89fzy5uny5mf2z8m1.herokudns.com

note: You need to update your git repo git pull origin master or start over as I added a Procfile for heroku to the repo as well as fixed all the warnings

[Litteratus]

This worked beautifully! Thank you very much Gregg! I'm still waiting on my Domain provider to activate my domain name, but the app is running.
I'm curious as to why HFT won't work with the heroku-generated domain?

[greggman]

Yes, it's because of https. The page served from happyfuntimes.net needs to try to connect to the game. the game is only running http. https pages are not allowed to talk to http pages. The browser enforces this. Getting the game to serve https is not impossible but it would require a certificate for each machine running the game so at the moment there is no inexpensive and non-techie friendly way to do it. And, there is no way to use the heroku domains as http (or at least no way I could find). https pages work via certificates and certificates are associated with domains so when you use your own domain things default to http unless you also supply a certificate.