Trying to run node-red on root

Hi using Proxmox , with Ubuntu Container

i am trying to setup node-red to run on startup
using the below guide

but i think my issue is that i am root user on this container, i really don't want to get into users and permissions
is there any way to make node red jump on start as root

It is virtually always a bad move to run things as root - especially on Internet facing systems.

Really, there is a reason that users/groups are there and you need to make use of them unless you want to join the many people running compromised systems.

1 Like

agree but this is only a testing env for me moving from windows to linux
want to see if all my stuff work...

if you can tell me how to create a user? or give me some guide?

Urm, no, it is an Internet facing server.

No sorry, I'll not be doing that. The Internet has enough compromised machines. Please learn how to do it properly or use a device on a private network.

:slight_smile: thanks for the concern, i rather do it also the good way,
can anyone tell me what exactly i need to do?
i have a container with only root user, and node already installed

Maybe a good read of the docs would help ? https://nodered.org/docs/hardware/raspberrypi
Although written for pi, Ubuntu is also Debian based, so it all applies the same. Particularly the section on running as a different user

1 Like

ok so i did a little reading and created a new user and installed node red on it
now i am trying to setup this script but with no luck at all

[Unit]
Description=Node-RED
After=syslog.target network.target

[Service]
ExecStart=node-red
Restart=on-failure
KillSignal=SIGINT

# log output to syslog as 'node-red'
SyslogIdentifier=node-red
StandardOutput=syslog

# non-root user to run as
WorkingDirectory=/home/newuser/
User=newuser
Group=newuser

[Install]
WantedBy=multi-user.target

i dont have this node red PI folder so i replaced it with the "node-red"
ExecStart=node-red
not sure what i am doing wrong please help

this is my error
root@CT104:~# sudo journalctl -f -u nodered -o cat
Started Node-RED graphical event wiring tool.
nodered.service: Main process exited, code=exited, status=217/USER
nodered.service: Unit entered failed state.
nodered.service: Failed with result 'exit-code'.
nodered.service: Service hold-off time over, scheduling restart.
Stopped Node-RED graphical event wiring tool.
nodered.service: Start request repeated too quickly.
Failed to start Node-RED graphical event wiring tool.
nodered.service: Unit entered failed state.
nodered.service: Failed with result 'start-limit-hit'.

from the command line (as the user of your choosing) - can you just run node-red ? and does it work ?

yes it works this way

how can i check what is the command i need for ExecStart= per my install ?

OK, here is my service file:

# See https://gist.github.com/Belphemur/3f6d3bf211b0e8a18d93
#     http://www.freedesktop.org/wiki/Software/systemd/
#
# If changing this file, run:
# sudo systemctl daemon-reload && sudo systemctl enable nrlive

[Unit]
Description=Node-Red Home Automation production (live) service
Documentation=file:///home/pi/nrlive/README.md http://nodered.org/docs
After=syslog.target network.target
Wants=mosquitto.service influxdb.service

[Service]
Type=simple

#Environment="NODE_OPTIONS=--max-old-space-size=128" "NODE_RED_OPTIONS=--userDir /home/pi/nrlive/.data -v"
#Environment="NODE_RED_OPTIONS=-v"

# Environment variables file, overrides the Environment settings
# @See https://www.freedesktop.org/software/systemd/man/systemd.exec.html#EnvironmentFile=
EnvironmentFile=/home/pi/nrlive/.data/envFile.txt

# No path available here so make sure absolute folders specified
ExecStart=/usr/bin/node $NODE_OPTIONS /home/pi/nrlive/node_modules/node-red/red.js $NODE_RED_OPTIONS

WorkingDirectory=/home/pi/nrlive

# User/Group that launches node-RED (it's advised to create a new user for Node-RED)
# You can do : sudo useradd node-red then change the User=root by User=node-red
User=pi
Group=pi

Nice=10

SyslogIdentifier=NRlive
StandardOutput=syslog

# Make Node-RED restart if it fails
Restart=on-failure

#Restart=always
#RestartSec=100

# Node-RED need a SIGINT to be notified to stop
KillSignal=SIGINT

# Prevent this service changing the OS or /etc
# @See https://www.freedesktop.org/software/systemd/man/systemd.exec.html#ProtectSystem=
ProtectSystem=full

[Install]
WantedBy=multi-user.target

Note some things that I use in mine however that you may or may not want. First note that I don't run Node-RED from the standard global installation (mine is installed to /home/pi/nrlive/) nor do I use the standard location for the userDir (~/.node-red, mine is in /home/pi/nrlive/.data/).

I also wait for mosquitto and InfluxDB to start before I start Node-RED. In addition, my environment settings are in a file /home/pi/nrlive/.data/envFile.txt:

# Environment variables file for running nrlive under SystemD
# Each line is a separate variable that will be available to the ExecStart
# and to the running process.
# @see https://www.freedesktop.org/software/systemd/man/systemd.exec.html#EnvironmentFile=
#
# Called from /etc/systemd/system/multi-user.target.wants/nrlive.service
# Which is linked from /home/pi/nrlive/systemd/nrlive.service

NODE_OPTIONS=--max_old_space_size=256
NODE_RED_OPTIONS=--userDir /home/pi/nrlive/.data -v

Also note the name of the service and any other comments in the file. While this is on a Pi (actually I use 2 Pi's each with similar settings), it translates just fine to Ubuntu.

Hi thanks i was able to make it work with pm2 manger