If you want to know how to use systemd with Node-RED, check out my alternate installer repo on GitHub as that has an annotated example file showing what you can do.
@TotallyInformation Thanks! I'll look at that during the weekend. Edit: I wanted to download the example file to know that I had it before the weekend, but I'm not sure what file that is...
Well, to be fair, it is buried fairly deep
Just bear in mind that it is configured to work with my installer which installs Node-RED locally rather than globally. So you will need to adjust a few things if you want it to work with a more standard installation. I prefer to install Node-RED to a known master folder so that I always know exactly where everything is and have full control over it. It also lets me install multiple different versions of Node-RED should I need to. Testing new versions or retaining a legacy flow on an old version for example. Backups can be a little easier as well if you want the specific version of Node-RED backed-up with the data.
I have read through it and I can't see how this will help me run another systemd service than Node-RED without sudo, which was what I was trying to do. Anyway, I gave up on it, and I'm running it sudo from the exec node.
You can run any long-running application from systemd and as indicated on lines 554/55, you can set any user as the "owning" user for that service.
You then need to make sure that the user belongs to the appropriate groups that have the appropriate access to the resources that service uses. This is the "right" way to manage secure services on a UNIX-like platform.
While running things as root (which is what sudo does) is fine for isolated systems you are only using for yourself, as you connect that system to others and to the wider world, you increase the risk of a cascading security failure.
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.