The Hayon backend is a Node.js/Express API server written in TypeScript. It connects to MongoDB, Redis, and RabbitMQ at startup and exposes a REST API on port 5000 by default (configurable via the PORT environment variable).
Complete the prerequisites before continuing. MongoDB, Redis, and RabbitMQ must be running. Clone the repository
git clone https://github.com/devxtra-community/hayon.git
cd hayon
hayon/
├── backend/ # Express API server
├── frontend/ # Next.js application
└── schemas/ # Shared Zod validation schemas
Install dependencies
Install all workspace dependencies from the repository root:
This installs dependencies for all packages (backend, frontend, and schemas) in a single pass.
If you want to install only the backend dependencies, navigate to backend/ and run pnpm install from there.
.env file in the backend/ directory. All variables listed below are required unless stated otherwise — the server will throw an error on startup if any required variable is missing.
cp backend/.env.example backend/.env
# Then edit backend/.env with your values
# Application
NODE_ENV=development
PORT=5000
FRONTEND_URL=http://localhost:3000
BACKEND_URL=https://dev.hayon.site:5000
# Database
MONGODB_URI=mongodb://localhost:27017/hayon
# Authentication
ACCESS_TOKEN_SECRET=your-access-token-secret
REFRESH_TOKEN_SECRET=your-refresh-token-secret
JWT_EXPIRES_IN=7d
# Google OAuth
GOOGLE_CLIENT_ID=your-google-client-id
GOOGLE_CLIENT_SECRET=your-google-client-secret
GOOGLE_CALLBACK_URL=http://localhost:5000/api/auth/google/callback
# Redis
REDIS_HOST=localhost
REDIS_PORT=6379
REDIS_PASSWORD=
# RabbitMQ
RABBITMQ_URL=amqp://localhost:5672
# AWS S3
AWS_ACCESS_KEY_ID=your-access-key-id
AWS_SECRET_ACCESS_KEY=your-secret-access-key
AWS_REGION=us-east-1
AWS_S3_BUCKET_NAME=your-bucket-name
# Stripe
STRIPE_SECRET_KEY=sk_test_xxx
STRIPE_PUBLISHABLE_KEY=pk_test_xxx
STRIPE_WEBHOOK_SECRET=whsec_xxx
STRIPE_PRO_PRICE_ID=price_xxx
# Email (Gmail)
[email protected]
EMAIL_PASS=your-gmail-app-password
# AI
GEMINI_API_KEY=your-gemini-api-key
# Social platform OAuth
META_APP_ID=your-meta-app-id
META_APP_SECRET=your-meta-app-secret
META_REDIRECT_URI=http://localhost:5000/api/platform/meta/callback
THREADS_APP_ID=your-threads-app-id
THREADS_APP_SECRET=your-threads-app-secret
THREADS_REDIRECT_URI=http://localhost:5000/api/platform/threads/callback
TUMBLR_CONSUMER_KEY=your-tumblr-consumer-key
TUMBLR_CONSUMER_SECRET=your-tumblr-consumer-secret
MASTODON_CLIENT_KEY=your-mastodon-client-key
MASTODON_CLIENT_SECRET=your-mastodon-client-secret
MASTODON_CALLBACK_URL=http://localhost:5000/api/platform/mastodon/callback
MASTODON_INSTANCE_URL=https://mastodon.social
# Monitoring
BETTER_STACK_TOKEN=your-better-stack-token
Firebase service account
Hayon uses Firebase Admin SDK for push notifications. You need to place a service account key file at:
backend/src/serviceAccountKey.json
- Go to the Firebase Console.
- Select your project (or create one).
- Navigate to Project Settings > Service accounts.
- Click Generate new private key and download the JSON file.
- Rename the file to
serviceAccountKey.json and place it at backend/src/serviceAccountKey.json.
Never commit serviceAccountKey.json to version control. Ensure it is listed in .gitignore.
Start the development server
pnpm run dev --filter backend
# From the repo root
cd backend
pnpm run dev
- Connects to MongoDB (with automatic retry on failure)
- Connects to Redis
- Connects to RabbitMQ
- Initialises the analytics cron job
- Starts listening on the configured
PORT
You should see output similar to:
MongoDB is connected
Redis Client Connected
✅ Connected to RabbitMQ
Development Server running on port 5000
Verify the server is running
The backend exposes a health check endpoint:
curl http://localhost:5000/health
{
"success": true,
"message": "Server is running"
}
Available scripts
| Script | Command | Description |
|---|
| Development server | pnpm run dev | Starts the server with nodemon and hot reload |
| Build | pnpm run build | Compiles TypeScript to dist/ |
| Production server | pnpm run start | Runs the compiled output from dist/app.js |
| Background worker | pnpm run worker | Starts the RabbitMQ consumer worker |
| Analytics trigger | pnpm run trigger-analytics | Manually triggers the analytics cron job |
| Lint | pnpm run lint | Runs ESLint on all .ts files |
| Format | pnpm run format | Runs Prettier on all files |
API routes
All API routes are mounted under the /api prefix:
| Prefix | Description |
|---|
/api/auth | Authentication (signup, login, Google OAuth, OTP) |
/api/posts | Post creation, scheduling, and management |
/api/platform | Social platform OAuth connections |
/api/generate | AI caption generation (Gemini) |
/api/analytics | Usage and post analytics |
/api/payments | Stripe subscriptions and billing |
/api/profile | User profile management |
/api/notifications | In-app notifications |
/api/admin | Admin user and analytics management |
/api/firebase | Firebase push notification endpoints |
Production deployment
Hayon’s backend is designed to run on AWS EC2 behind an Nginx reverse proxy.
Build the TypeScript source
cd backend
pnpm run build
backend/dist/.Set production environment variables
On your EC2 instance, set NODE_ENV=production and all other required variables. Use a process manager like PM2 to manage the server process:npm install -g pm2
pm2 start dist/app.js --name hayon-backend
pm2 save
pm2 startup
Configure Nginx as a reverse proxy
Install Nginx and create a server block:server {
listen 80;
server_name api.yourdomain.com;
location / {
proxy_pass http://localhost:5000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_cache_bypass $http_upgrade;
}
}
Enable HTTPS with Let's Encrypt
sudo apt-get install certbot python3-certbot-nginx
sudo certbot --nginx -d api.yourdomain.com
Configure the Stripe webhook
Update your Stripe webhook endpoint URL to https://api.yourdomain.com/api/payments/webhook in the Stripe Dashboard. Update STRIPE_WEBHOOK_SECRET with the new signing secret.
In production, the trust proxy setting is enabled automatically when NODE_ENV=production. This is required for correct IP detection when running behind Nginx.
