Trying to run node-red on root

#1

Hi using Proxmox , with Ubuntu Container

i am trying to setup node-red to run on startup
using the below guide

but i think my issue is that i am root user on this container, i really don't want to get into users and permissions
is there any way to make node red jump on start as root

0 Likes

#2

It is virtually always a bad move to run things as root - especially on Internet facing systems.

Really, there is a reason that users/groups are there and you need to make use of them unless you want to join the many people running compromised systems.

1 Like

#3

agree but this is only a testing env for me moving from windows to linux
want to see if all my stuff work...

if you can tell me how to create a user? or give me some guide?

0 Likes

#4

Urm, no, it is an Internet facing server.

No sorry, I'll not be doing that. The Internet has enough compromised machines. Please learn how to do it properly or use a device on a private network.

0 Likes

#5

:slight_smile: thanks for the concern, i rather do it also the good way,
can anyone tell me what exactly i need to do?
i have a container with only root user, and node already installed

0 Likes

#6

Maybe a good read of the docs would help ? https://nodered.org/docs/hardware/raspberrypi
Although written for pi, Ubuntu is also Debian based, so it all applies the same. Particularly the section on running as a different user

1 Like

#7

ok so i did a little reading and created a new user and installed node red on it
now i am trying to setup this script but with no luck at all

[Unit]
Description=Node-RED
After=syslog.target network.target

[Service]
ExecStart=node-red
Restart=on-failure
KillSignal=SIGINT

# log output to syslog as 'node-red'
SyslogIdentifier=node-red
StandardOutput=syslog

# non-root user to run as
WorkingDirectory=/home/newuser/
User=newuser
Group=newuser

[Install]
WantedBy=multi-user.target

i dont have this node red PI folder so i replaced it with the "node-red"
ExecStart=node-red
not sure what i am doing wrong please help

0 Likes

#8

this is my error
root@CT104:~# sudo journalctl -f -u nodered -o cat
Started Node-RED graphical event wiring tool.
nodered.service: Main process exited, code=exited, status=217/USER
nodered.service: Unit entered failed state.
nodered.service: Failed with result 'exit-code'.
nodered.service: Service hold-off time over, scheduling restart.
Stopped Node-RED graphical event wiring tool.
nodered.service: Start request repeated too quickly.
Failed to start Node-RED graphical event wiring tool.
nodered.service: Unit entered failed state.
nodered.service: Failed with result 'start-limit-hit'.

0 Likes

#9

from the command line (as the user of your choosing) - can you just run node-red ? and does it work ?

0 Likes

#10

yes it works this way

how can i check what is the command i need for ExecStart= per my install ?

0 Likes

#11

OK, here is my service file:

# See https://gist.github.com/Belphemur/3f6d3bf211b0e8a18d93
#     http://www.freedesktop.org/wiki/Software/systemd/
#
# If changing this file, run:
# sudo systemctl daemon-reload && sudo systemctl enable nrlive

[Unit]
Description=Node-Red Home Automation production (live) service
Documentation=file:///home/pi/nrlive/README.md http://nodered.org/docs
After=syslog.target network.target
Wants=mosquitto.service influxdb.service

[Service]
Type=simple

#Environment="NODE_OPTIONS=--max-old-space-size=128" "NODE_RED_OPTIONS=--userDir /home/pi/nrlive/.data -v"
#Environment="NODE_RED_OPTIONS=-v"

# Environment variables file, overrides the Environment settings
# @See https://www.freedesktop.org/software/systemd/man/systemd.exec.html#EnvironmentFile=
EnvironmentFile=/home/pi/nrlive/.data/envFile.txt

# No path available here so make sure absolute folders specified
ExecStart=/usr/bin/node $NODE_OPTIONS /home/pi/nrlive/node_modules/node-red/red.js $NODE_RED_OPTIONS

WorkingDirectory=/home/pi/nrlive

# User/Group that launches node-RED (it's advised to create a new user for Node-RED)
# You can do : sudo useradd node-red then change the User=root by User=node-red
User=pi
Group=pi

Nice=10

SyslogIdentifier=NRlive
StandardOutput=syslog

# Make Node-RED restart if it fails
Restart=on-failure

#Restart=always
#RestartSec=100

# Node-RED need a SIGINT to be notified to stop
KillSignal=SIGINT

# Prevent this service changing the OS or /etc
# @See https://www.freedesktop.org/software/systemd/man/systemd.exec.html#ProtectSystem=
ProtectSystem=full

[Install]
WantedBy=multi-user.target

Note some things that I use in mine however that you may or may not want. First note that I don't run Node-RED from the standard global installation (mine is installed to /home/pi/nrlive/) nor do I use the standard location for the userDir (~/.node-red, mine is in /home/pi/nrlive/.data/).

I also wait for mosquitto and InfluxDB to start before I start Node-RED. In addition, my environment settings are in a file /home/pi/nrlive/.data/envFile.txt:

# Environment variables file for running nrlive under SystemD
# Each line is a separate variable that will be available to the ExecStart
# and to the running process.
# @see https://www.freedesktop.org/software/systemd/man/systemd.exec.html#EnvironmentFile=
#
# Called from /etc/systemd/system/multi-user.target.wants/nrlive.service
# Which is linked from /home/pi/nrlive/systemd/nrlive.service

NODE_OPTIONS=--max_old_space_size=256
NODE_RED_OPTIONS=--userDir /home/pi/nrlive/.data -v

Also note the name of the service and any other comments in the file. While this is on a Pi (actually I use 2 Pi's each with similar settings), it translates just fine to Ubuntu.

0 Likes

#12

Hi thanks i was able to make it work with pm2 manger

0 Likes