Adding a Startup Process

In the Install Software Three Ways lab you started a plain Apache server and two application servers with custom code, but only Apache would stay running if you rebooted your VM. The Python and Node servers had to be started manually. In this lab you’ll re-create an application server and install it in a system directory. Then you’ll install a service definition so that your application starts automatically.

Class Lecture

In class I take these steps manually. Follow them in the lecture so you know conceptually what the task is. For the lab you’ll be doing the task with Ansible and Terraform.

Further Reading

The Running Your Node.js App With Systemd tutorial on NodeSource takes you through this proces.

Make a lab12 Directory

In your git repository, create copy the base directory to create a new directory for this lab.

$ cp -R base lab12
$ cd lab12

Source Code

The Node.js application is in the hello-nodejs directory of your cis-91 repository. Make sure you clone your own repo, we will be changing the Node.js source code in the next lab.

Create a User

You should never run server software as root. Doing so means that if an attacker is able to take over your server they have full control of the system. Running the Node.js server as an unprivileged system user doesn’t protect the server, but it protects the system in the event that the server is compromised.

Create a user called nodeuser.

Service Definition

Here’s a Systemd service definition:

[Unit]
Description=CIS-91 Lab 12
Documentation=https://example.com
After=network.target

[Service]
Environment=NODE_PORT=3000
Type=simple
User=nodeuser
ExecStart=/usr/bin/node /home/nodeuser/app.js
Restart=on-failure

[Install]
WantedBy=multi-user.target

Place these contents into a file called /lib/systemd/system/node_app.service

Change Things as Necessary

Check this file and change users and paths to match your configuration.

Test the Application

Use the sudo command to make sure you can run the command from ExecStart above exactly as you have it:

$ sudo -u nodeuser /usr/bin/node /home/nodeuser/app.js

Note that the -u nodeuser flag allows you to run the command as nodeuser.

Reboot and Verify

If your application is properly installed you should be able to reboot your VM and verify that it works.

Turn In

Turn in the following files:

  • main.tf

  • playbook.yaml

  • node_app.service