Locations of node_modules - global vs. local

I just started to define the first flows and got confused by the different locations of node-red modules.
Using Linux Mint I installed nodejs, npm, node-red and some other modules globally. The location of these modules is /usr/lib/node_modules. Under the module node-red is another sub-directory node_modules with a lot of modules corresponding to the elements I can use in flows.
In the home directory of my user there is a directory .node-red with a subdirectory node_modules, again with mostly the same modules as under the /usr/lib/node_modules/node-red/node_modules.
Running node-red I realized that modules from both locations are beeing used. If I install additional modules using the palette inside the browser UI they end up in the node_modules directory under my user home.
I would prefer to hold all the modules globally and only the project and perhaps some settings should be local. Is that possible?
The problem behind is that I could not connect to a backend system and a possible cause could be that a certain module is not found although it exists in the global node_modules folder.

While that is possible - though you have to install manually and cannot use the palette manager - it isn't necessarily a good idea. Though it does also mean that node-red editors cannot remove nodes installed globally - though that can also be arranged when running locally too.

Node.js modules installed globally get different permissions as they are installed as root. While this protects them from casual interference from command-line users, it can often cause permissions issues within node-red. In addition, running node-red itself globally may not always be desirable.

Obviously, you must understand your own environment and requirements to decide where to install things.

But of note is that you can go the other way - as some of us do - and install node-red locally and use a local userDir. This puts everything in 1 place allowing for easy backup and recovery but still keeps permissions consistent and user-based rather than root-based. I mentioned that it is possible to protect installed nodes even when running everything locally. That's because anything installed into node-red's node_modules folders cannot be removed using the Editor web interface.

There should never be a problem running node-red and modules locally but there can be issues running as root. We've seen a lot of that over the years. Either way though, problems will be permissions related and can be sorted by thinking through different permissions required by different services.

Only 1 slight caveat about installing nodes under node-red's folder though - not all nodes will have been tested that way and some nodes do rely heavily on the filing system (most don't) and so might have unexpected results.