update to install as a different user for RPM

[dgoo2308]

install for an alternative systemd user

why

As it is recommended to run web applications as a regular user, one would like to take a dedicated user, without sudo and as a fresh user who is not entangled as the power user who administer the RPM Linux box.

To accomplish this we need to do the install as a user(sudoer) or root and target a different user, this is what this change is about, also when the user does not exist, this user is created.

For Linux RPM installs by default it might not be running on low memory hardware, the script comment this in the systemd service file resulting in e.g. /etc/systemd/system/nodered.service

...
[Service]
Type=simple
# Run as normal pi user - change to the user name you wish to run Node-RED as
User=nodered
Group=nodered
WorkingDirectory=/home/nodered

#Environment="NODE_OPTIONS=--max_old_space_size=512"
# define an optional environment file in Node-RED's user directory to set custom variables externally
EnvironmentFile=-/etc/node-red/environment
# uncomment and edit next line if you need an http proxy
#Environment="HTTP_PROXY=my.httpproxy.server.address"
# uncomment the next line for a more verbose log output
#Environment="NODE_RED_OPTIONS=-v"
# uncomment next line if you need to wait for time sync before starting
#ExecStartPre=/bin/bash -c '/bin/journalctl -b -u systemd-timesyncd | /bin/grep -q "systemd-timesyncd.* Synchronized to time server"'

ExecStart=/usr/bin/env node-red-pi $NODE_OPTIONS $NODE_RED_OPTIONS

All environment options can now be set in the /etc/node-red/environment which should not be in the user .node-red directory, which contains the commented out options:

# Node-RED EnvironmentFile for Systemd Service
#  after edit this file   to reload Node-red with the new options

# uncomment and edit if running on low memory resource hardware
#NODE_OPTIONS=--max_old_space_size=512

# uncomment next line and edit if you need an http proxy
#HTTP_PROXY=my.httpproxy.server.address

# uncomment the next line for a more verbose log output
#NODE_RED_OPTIONS=-v

Ussing the EnvironmentFile is recommended as it does not require a sudo systemctl daemon-reload and can with done with the single command sudo systemctl restart nodered.

overview of the changes

• [x] install for another user by setting environment variable e.g. NODERED_USER=test
• [x] suggest user nodered during install when environment variable NODERED_USER is not set.
• [x] comment out the low memory NODE OPTIONS
• [x] correct environmentFile, to /etc/node-red/environment
• [x] add some color to differentiate users
• [x] can be started as root or normal user, will prompt for password for sudo
• [x] cleanup non global node-red npm install, we should not have the code in the user environment.
• [x] add a title screen for the script and highlight the questions and intended users

examples usage

with NODERED_USER set as regular user or root

NODERED_USER=test bash <(curl -sL https://raw.githubusercontent.com/node-red/linux-installers/master/rpm/update-nodejs-and-nodered)

as root user

sudo bash <(curl -sL https://raw.githubusercontent.com/node-red/linux-installers/master/rpm/update-nodejs-and-nodered)

OR => follow the advice to use the nodered user

as regular user, target user the not existing nodered user for systemd service

bash <(curl -sL https://raw.githubusercontent.com/node-red/linux-installers/master/rpm/update-nodejs-and-nodered)

OR don't follow the advice to use the nodered user and install as the user who started the script

[linux-foundation-easycla[bot]]

The committers are authorized under a signed CLA.

• :white_check_mark: Danny Goossen (3be6ae01407bee4655263a8bfeb669ce9737d3b1)

[dceejay]

Why set the user as an environment variable ? would it be simpler to pass in as a command line parameter (as the deb version does for all its options) ?

(but yes the other changes are fine)

[dgoo2308]

@dceejay I found it easier to invoke the script in combination with a bash <(curl ....) to prepend a it with variable in this first iteration.

But yes maybe we should standardize in line with the deb installer, I just found curl http://foo.com/script.sh | bash -s arg1 arg2.

Or we do this on next iteration change that I planned to be able to run also without any interaction:

install_node-red [options]
options:
  --help                    display this help and exits
  --nodered-user <user> specify the user to run as e.g. --nodered-user=nodered
  --confirm-root      install as root without asking confirmation
  --enable_firewall   adding firewall rules for node-red port 1880 (default no Firewall rules added)
  --confirm-install   confirm the installation without asking a confirmation

please advise.

[dceejay]

If you are enhancing further then I'm happy to wait - the options look good.

[dceejay]

Hi @dgoo2308 - did you ever "finish" this... were there further updates you wanted to make ?

[dgoo2308]

@dceejay just did added the command line options for rpm based install, please review.

Usage:  update-nodejs-and-nodered [options]

options:
  --help                display this help and exits.
  --nodered-user=<user> specify the user to run as e.g. '--nodered-user=nodered'.
  --open-firewall       adding public firewall rule for node-red port 1880.
  --confirm-root        install as root without asking confirmation.
  --confirm-install     confirm the installation without asking a confirmation.

[dceejay]

Excellent - many thanks.