I'm using PM2 to start the application and I pass PORT=443 as a parameter while starting the app. However, it returns with an error saying "PORT 443 requires elevated privileges". Though I have generated the certificate and key using openssl and referenced in the code. Appreciate your support
#!/usr/bin/env node
var app = require('../app');
var debug = require('debug')('ls-templates-server:server');
var https = require('https');
var fs = require('fs');
/**
* Get port from environment and store in Express.
*/
var port = normalizePort(process.env.PORT || '3000');
app.set('port', port);
var options = {
key: fs.readFileSync('/home/admin/cert/server.key'),
cert: fs.readFileSync('/home/admin/cert/server.cert')
};
var httpsServer = https.createServer(options, app);
/* for https (production stage) */
httpsServer.listen(port, "0.0.0.0");
httpsServer.on('error', onError);
httpsServer.on('listening', onListening);
/**
* Normalize a port into a number, string, or false.
*/
function normalizePort(val) {
var port = parseInt(val, 10);
if (isNaN(port)) {
// named pipe
return val;
}
if (port >= 0) {
// port number
return port;
}
return false;
}
/**
* Event listener for HTTP server "listening" event.
*/
function onListening() {
var addr = httpsServer.address();
var bind = typeof addr === 'string'
? 'pipe ' + addr
: 'port ' + addr.port;
debug('Listening on ' + bind);
}
Option 1 .
Run PM2 as sudo
If it doesn't work, achieve it using authbind
sudo apt-get install authbind
sudo touch /etc/authbind/byport/443
sudo chown %user% /etc/authbind/byport/443
sudo chmod 755 /etc/authbind/byport/443
Edit ~/.bashrc file and add
+alias pm2='authbind --deep pm2'
at the end of the file, and run
source ~/.bashrc
Finally ensure that pm2 is updated with authbind:
authbind --deep pm2 update
Option 2
Use a different PORT and use Nginx to reverse proxy your application
Eg : change your PORT to 3000
In Nginx , create a server block which forwards the request to your application.
Server Block Eg :
server {
#listen [::]:80;
server_name your-domain.com
#root /var/www/example.com;
#index index.html;
client_max_body_size 20M;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-NginX-Proxy true;
proxy_pass http://localhost:3000;
proxy_redirect off;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_connect_timeout 500000;
proxy_send_timeout 500000;
proxy_read_timeout 500000;
send_timeout 500000;
}
listen 443 ssl;
ssl_certificate /home/admin/cert/server.cert;
ssl_certificate_key /home/admin/cert/server.key;
if ($scheme = http) {
return 301 https://$server_name$request_uri;
}
}
It's best to use Nginx / Authbind method, It's good to run as little as possible as a privileged user, as you want to restrict the potential damage in case someone exploits your program. You don't want to run your Node code as root unless you absolutely have to.
refer https://pm2.keymetrics.io/docs/usage/specifics/#listening-on-port-80-w-o-root
Collected from the Internet
Please contact [email protected] to delete if infringement.
Comments