Digital ocean one click apps
Question
In digital ocean, when you are creating a new droplet, is it wise to create it with the one-click apps? Let's say you would need nodejs for example to be there. Then instead of creating an empty linux first, and installing the node by yourself, you can easily just choose node as the one-click apps, and then you will have linux droplet with node preinstalled. So why not to do it?
Well, I've been thinking. Let's say part of your deployment procedure would include installing npm packages and launching a node server. Now because the nodejs was preinstalled, it was probably installed with root privileges. And this would then require, that you would also run the node with root privileges, or else there might be some permission problems. I have read from many places that you should never install nodejs with root permissions (like using sudo). But if the nodejs is preinstalled in the one-click apps, then isn't it very likely installed with root priviledges, which would be a bad thing?
Because then you might need to run your app also as root, which is considered a security risk. Or then first install your dependencies as sudo, then switch user, and launch the app. But that feels wrong, there must be a better way. Any ideas?
1 answers
solution1
1 2016-05-07 20:44:20
Every click-to-deploy solution is created with best practices in mind. From OS layer to your application to networking. If something is not a good practice, you won't find that in such a solution.
Your concern that it installs node as root, is not a good practice. Try deploying a small server, SSH into it and check for yourself. I am sure you will find it consistent with all the best practices.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.