Estimated Reading time: 2 minutes | Last modified: 2022-10-19, 5:13:08 pm

Launch edge with a non-root user

1. Edge Admin

After we have installed the openresty-edge-admin package, change the directory permissions first (use the user nobody as an example):

sudo chown nobody -R /usr/local/oredge-admin

Set capability to listen to privileged ports on executable files:

sudo setcap 'cap_net_bind_service=+ep' /usr/local/openresty-plus/nginx/sbin/nginx

Start the Edge Admin service with the following command (use the user nobody as an example):

sudo mkdir -p /etc/systemd/system/oredge-admin.service.d/
echo -e '[Service]\nUser = nobody' | sudo tee /etc/systemd/system/oredge-admin.service.d/override.conf

You may see the following warning message, but you can ignore it safely:

nginx: [warn] the "user" directive makes sense only if the master process runs with super-user privileges, ignored in /usr/local/oredge-admin/conf/nginx.conf

Use the following command to set the service autostart on boot:

sudo systemctl enable oredge-admin

2. Edge Node

After we have installed the openresty-edge-node package, change the directory permissions first (use the user nobody as an example):

sudo chown nobody -R /usr/local/oredge-node

Set capability to listen to privileged ports on executable files:

sudo setcap 'cap_net_bind_service=+ep' /usr/local/openresty-plus/nginx/sbin/nginx

Start the Edge Node service with the following command (use the user nobody as an example):

sudo mkdir -p /etc/systemd/system/oredge-node.service.d/
echo -e '[Service]\nUser = nobody' | sudo tee /etc/systemd/system/oredge-node.service.d/override.conf

You may see the following warning message, but you can ignore it safely:

nginx: [warn] the "user" directive makes sense only if the master process runs with super-user privileges, ignored in /usr/local/oredge-node/conf/nginx.conf

Use the following command to set the service autostart on boot:

sudo systemctl enable oredge-node

3. Edge Log Server

After we have installed the openresty-edge-log-server package, change the directory permissions first (use the user nobody as an example):

sudo chown nobody -R /usr/local/oredge-log-server

Set capability to listen to privileged ports on executable files:

sudo setcap 'cap_net_bind_service=+ep' /usr/local/openresty-plus/nginx/sbin/nginx

Start the Edge Log Server service with the following command (use the user nobody as an example):

sudo mkdir -p /etc/systemd/system/oredge-log-server.service.d/
echo -e '[Service]\nUser = nobody' | sudo tee /etc/systemd/system/oredge-log-server.service.d/override.conf

You may see the following warning message, but you can ignore it safely:

nginx: [warn] the "user" directive makes sense only if the master process runs with super-user privileges, ignored in /usr/local/oredge-log-server/conf/nginx.conf

Use the following command to set the service autostart on boot:

sudo systemctl enable oredge-log-server