Node.js and npm Installation: Complete Production Guide

Introduction

Node.js is a powerful JavaScript runtime built on Chrome's V8 engine that enables server-side JavaScript execution. Combined with npm (Node Package Manager), it has become the foundation for modern web development, powering everything from simple APIs to complex full-stack applications. This guide provides comprehensive instructions for installing and configuring Node.js and npm for production environments.

What You'll Learn

  • Multiple methods for installing Node.js and npm
  • Version management with nvm (Node Version Manager)
  • Installing from official repositories
  • Building from source for custom configurations
  • Global and local package management with npm
  • Security best practices
  • Performance optimization
  • Troubleshooting common issues

Why Node.js?

  • JavaScript Everywhere: Use same language for frontend and backend
  • High Performance: Non-blocking I/O and event-driven architecture
  • Large Ecosystem: npm provides access to millions of packages
  • Scalability: Handles thousands of concurrent connections efficiently
  • Active Community: Strong community support and regular updates
  • Modern Development: Essential for React, Vue, Angular, and modern tooling

Prerequisites

  • Ubuntu 20.04+, Debian 10+, CentOS 8+, or Rocky Linux 8+
  • Root or sudo access
  • At least 1GB RAM (2GB+ recommended)
  • 10GB free disk space
  • Basic command line knowledge

Installation

Method 1: Using Node Version Manager (nvm) - Recommended

nvm allows you to install and manage multiple Node.js versions simultaneously.

Install nvm

# Download and install nvm
curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.7/install.sh | bash

# Or using wget
wget -qO- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.7/install.sh | bash

# Load nvm into current session
export NVM_DIR="$HOME/.nvm"
[ -s "$NVM_DIR/nvm.sh" ] && \. "$NVM_DIR/nvm.sh"
[ -s "$NVM_DIR/bash_completion" ] && \. "$NVM_DIR/bash_completion"

# Verify installation
nvm --version

Install Node.js using nvm

# List available Node.js versions
nvm list-remote

# Install latest LTS version (recommended for production)
nvm install --lts

# Install specific version
nvm install 18.19.0
nvm install 20.11.0

# Install latest version
nvm install node

# List installed versions
nvm list

# Use specific version
nvm use 18.19.0

# Set default version
nvm alias default 18.19.0

# Verify Node.js installation
node --version
npm --version

Method 2: Official NodeSource Repository

Ubuntu/Debian Installation

# Install prerequisites
sudo apt update
sudo apt install -y curl ca-certificates gnupg

# Setup Node.js 20.x repository
curl -fsSL https://deb.nodesource.com/setup_20.x | sudo -E bash -

# Install Node.js and npm
sudo apt install -y nodejs

# Verify installation
node --version
npm --version

# Install build tools (needed for some npm packages)
sudo apt install -y build-essential

For Node.js 18.x (LTS):

curl -fsSL https://deb.nodesource.com/setup_18.x | sudo -E bash -
sudo apt install -y nodejs

CentOS/Rocky Linux Installation

# Setup Node.js 20.x repository
curl -fsSL https://rpm.nodesource.com/setup_20.x | sudo bash -

# Install Node.js and npm
sudo dnf install -y nodejs

# Install development tools
sudo dnf groupinstall -y "Development Tools"

# Verify installation
node --version
npm --version

Method 3: From Distribution Repositories

Ubuntu/Debian

# Install Node.js from default repositories
sudo apt update
sudo apt install -y nodejs npm

# Note: This usually installs an older version
node --version

CentOS/Rocky Linux

# Enable EPEL repository
sudo dnf install -y epel-release

# Install Node.js
sudo dnf module install nodejs:18

# Verify installation
node --version
npm --version

Method 4: Building from Source

For custom configurations or latest versions:

# Install build dependencies
sudo apt install -y python3 g++ make

# Download Node.js source
cd /tmp
wget https://nodejs.org/dist/v20.11.0/node-v20.11.0.tar.gz

# Extract
tar -xzf node-v20.11.0.tar.gz
cd node-v20.11.0

# Configure and compile
./configure
make -j$(nproc)

# Install
sudo make install

# Verify installation
node --version
npm --version

Configuration

npm Configuration

Set npm Defaults

# Set default author information
npm config set init-author-name "Your Name"
npm config set init-author-email "[email protected]"
npm config set init-author-url "https://yourwebsite.com"
npm config set init-license "MIT"

# View npm configuration
npm config list

# View global configuration
npm config list -g

Configure npm Registry

# View current registry
npm config get registry

# Set custom registry (if using private registry)
npm config set registry https://registry.npmjs.org/

# Use yarn registry
npm config set registry https://registry.yarnpkg.com

Global npm Package Directory

By default, global packages require sudo. Configure user-level global directory:

# Create directory for global packages
mkdir -p ~/.npm-global

# Configure npm to use new directory
npm config set prefix '~/.npm-global'

# Add to PATH in ~/.bashrc or ~/.profile
echo 'export PATH=~/.npm-global/bin:$PATH' >> ~/.bashrc

# Reload configuration
source ~/.bashrc

# Now you can install global packages without sudo
npm install -g pm2

Multiple Node.js Versions with nvm

# Install multiple versions
nvm install 16.20.0
nvm install 18.19.0
nvm install 20.11.0

# List installed versions
nvm list

# Switch between versions
nvm use 16.20.0
nvm use 18.19.0

# Set default version
nvm alias default 18.19.0

# Use project-specific Node version
echo "18.19.0" > .nvmrc
nvm use

Node.js Environment Variables

# Set Node.js environment
export NODE_ENV=production

# Set memory limit (for large applications)
export NODE_OPTIONS="--max-old-space-size=4096"

# Add to .bashrc for persistence
echo 'export NODE_ENV=production' >> ~/.bashrc
echo 'export NODE_OPTIONS="--max-old-space-size=4096"' >> ~/.bashrc

Deployment

Installing npm Packages

Local Package Installation

# Create new project
mkdir my-app && cd my-app
npm init -y

# Install package locally
npm install express

# Install specific version
npm install [email protected]

# Install as dev dependency
npm install --save-dev nodemon

# Install from package.json
npm install

# Install all dependencies including dev
npm install --include=dev

Global Package Installation

# Install global packages
npm install -g pm2
npm install -g nodemon
npm install -g express-generator
npm install -g create-react-app
npm install -g typescript

# List global packages
npm list -g --depth=0

# Update global package
npm update -g pm2

# Uninstall global package
npm uninstall -g nodemon

Package Management

# Update packages
npm update

# Update specific package
npm update express

# Check for outdated packages
npm outdated

# View installed packages
npm list --depth=0

# Search for packages
npm search express

# View package information
npm view express

# Audit for security vulnerabilities
npm audit

# Fix vulnerabilities
npm audit fix

# Force fix (may introduce breaking changes)
npm audit fix --force

Using npx

npx executes packages without installing them globally:

# Run package without installing
npx create-react-app my-app

# Run specific version
npx [email protected] my-app

# Execute local package
npx nodemon app.js

Monitoring

Check Node.js and npm Status

# Node.js version
node --version

# npm version
npm --version

# Node.js installation path
which node

# npm installation path
which npm

# View Node.js configuration
node -p process.config

# View system information
node -p "os.cpus()"
node -p "os.totalmem()"

npm Cache Management

# View cache location
npm config get cache

# Verify cache integrity
npm cache verify

# Clean cache
npm cache clean --force

# View cache size
du -sh ~/.npm

Monitor Installed Packages

# List all installed packages
npm list

# List global packages
npm list -g --depth=0

# Check package license
npm license

# View package dependencies
npm view express dependencies

Troubleshooting

Common Issues and Solutions

EACCES Permission Errors

Issue: Permission denied when installing global packages

Solution:

# Option 1: Use nvm (recommended)
# Install Node.js via nvm as shown above

# Option 2: Change npm's default directory
mkdir ~/.npm-global
npm config set prefix '~/.npm-global'
echo 'export PATH=~/.npm-global/bin:$PATH' >> ~/.bashrc
source ~/.bashrc

# Option 3: Fix npm permissions (not recommended)
sudo chown -R $(whoami) $(npm config get prefix)/{lib/node_modules,bin,share}

npm Command Not Found

Solution:

# Check if npm is installed
which npm

# If not found, reinstall Node.js
curl -fsSL https://deb.nodesource.com/setup_18.x | sudo -E bash -
sudo apt install -y nodejs

# Or using nvm
nvm install --lts

Package Installation Fails

Solutions:

# Clear npm cache
npm cache clean --force

# Delete node_modules and reinstall
rm -rf node_modules package-lock.json
npm install

# Install with verbose logging
npm install --verbose

# Use legacy peer deps (for dependency conflicts)
npm install --legacy-peer-deps

Version Conflicts

Solution:

# Use nvm to switch versions
nvm use 18.19.0

# Or specify version in package.json
{
  "engines": {
    "node": ">=18.0.0",
    "npm": ">=9.0.0"
  }
}

# Install exact versions
npm install --save-exact express

Slow npm Installations

Solutions:

# Use different registry
npm config set registry https://registry.npmmirror.com

# Increase timeout
npm config set timeout 60000

# Use npm ci for faster installs (in CI/CD)
npm ci

# Use yarn as alternative
npm install -g yarn
yarn install

Security Best Practices

Keep Node.js and npm Updated

# Update Node.js using nvm
nvm install node --reinstall-packages-from=current

# Update npm
npm install -g npm@latest

# Check for outdated packages
npm outdated

# Update all packages
npm update

# Update package.json to latest versions
npx npm-check-updates -u
npm install

Security Auditing

# Audit dependencies
npm audit

# View detailed audit report
npm audit --json

# Fix vulnerabilities
npm audit fix

# Fix including breaking changes
npm audit fix --force

# Install specific security updates
npm install express@latest --save

Dependency Management

# Use package-lock.json
# Always commit package-lock.json to version control

# Install exact versions
npm install --save-exact

# Avoid installing untrusted packages
npm view package-name

# Check package reputation
npm view package-name downloads
npm view package-name repository

Environment Variables

# Never commit secrets
# Use .env files (add to .gitignore)

# Install dotenv
npm install dotenv

# Create .env file
cat > .env <<EOF
DATABASE_URL=postgresql://localhost:5432/mydb
API_KEY=your_api_key_here
EOF

# Add to .gitignore
echo ".env" >> .gitignore

Performance Optimization

Production Build Optimization

# Set production environment
export NODE_ENV=production

# Install production dependencies only
npm install --production

# Or using npm ci (faster, uses package-lock.json)
npm ci --production

# Prune dev dependencies
npm prune --production

Memory Management

# Increase Node.js memory limit
node --max-old-space-size=4096 app.js

# Set globally
export NODE_OPTIONS="--max-old-space-size=4096"

# For PM2
pm2 start app.js --node-args="--max-old-space-size=4096"

npm Install Optimization

# Use npm ci instead of npm install (in CI/CD)
npm ci

# Reduce package size
npm dedupe

# Analyze bundle size
npx webpack-bundle-analyzer

# Use .npmrc for project settings
cat > .npmrc <<EOF
package-lock=true
save-exact=true
fund=false
audit=false
EOF

Conclusion

You've successfully installed Node.js and npm with comprehensive configuration for production use. Whether using nvm for version management or installing from official repositories, you now have a solid foundation for Node.js development.

Key Takeaways

  • nvm is recommended for development environments and multiple version management
  • Official repositories provide stable versions for production
  • Global package directory configuration prevents permission issues
  • Security audits should be run regularly
  • npm ci is faster and more reliable for CI/CD than npm install

Best Practices

  1. Use nvm for development, official packages for production
  2. Always commit package-lock.json
  3. Run security audits regularly
  4. Keep Node.js and npm updated
  5. Use .npmrc for consistent project configuration
  6. Never commit node_modules to version control
  7. Use environment variables for sensitive data

Next Steps

  1. Install PM2 for production process management
  2. Set up a Node.js application with Express or your preferred framework
  3. Configure reverse proxy with Nginx
  4. Implement automated deployments
  5. Set up monitoring and logging
  6. Create backup and disaster recovery plans

Node.js and npm form the foundation of modern JavaScript development. With proper installation and configuration, you're ready to build and deploy powerful applications!

Happy coding!