Open hanjo opened 1 year ago
Hi,
I noticed that it is not possible to use privileged ports such as 80 and 443, since the app is not started as root (which is good).
An error message such as this will be created:
Error: listen EACCES: permission denied 0.0.0.0:443 at Server.setupListenHandle [as _listen2] (node:net:1855:21) at listenInCluster (node:net:1920:12) at doListen (node:net:2069:7) at process.processTicksAndRejections (node:internal/process/task_queues:83:21) Emitted 'error' event on Server instance at: at emitErrorNT (node:net:1899:8) at process.processTicksAndRejections (node:internal/process/task_queues:82:21) { code: 'EACCES', errno: -13, syscall: 'listen', address: '0.0.0.0', port: 443
It is possible to add the capability by doing this as root within the container:
apk --no-cache add libcap setcap 'cap_net_bind_service=+ep' `which node` apk del libcap
I'd like to suggest to add the capability to the node binary in the docker container by default.
Thanks!
Hi,
I noticed that it is not possible to use privileged ports such as 80 and 443, since the app is not started as root (which is good).
An error message such as this will be created:
It is possible to add the capability by doing this as root within the container:
I'd like to suggest to add the capability to the node binary in the docker container by default.
Thanks!