For a while I have been referring to this popular answer when setting up my Node.js web servers.
However, there's this one seemingly important comment that I wish to raise a question about:
If I add my Node.js start script to /etc/rc.local, won't it be executed as root on system boot? That would defeat the purpose of the port 80 redirect.
If I run the forever package as root, does forever in turn run its processes also as root? I can't find any information regarding this point in the npm documentation. If forever does run processes as root when forever is also root, then it truly does defeat the purpose and that answer should be updated accordingly.
The real question here is how can I start a nodejs script at startup as a regular user ?, because you realy do not want to start your server as root, mainly for security reasons.
And I don't think you'll find any interesting advices on npm documentation as this has not very much to do with npm.
The response to the comment you quote, by the author of the mentioned answer is pretty clear:
If you start your node.js script from /etc/rc.local it will run as root. However, security best practices are to never run a server as root
Do not start pm2 as root.
If some other process are launch by pm2, except special treatment, there will be launch as root as well.
When I read
Add your Node.js start script to the file you edited for port redirection, /etc/rc.local.
I understand make a script that launch your nodejs script at start up, and make this script launch it as a standard/dedicated user.
Maybe this answer could give you ideas for how to do it: https://askubuntu.com/a/20238
To conclude, the answer still usefull and do not have to be updated as this solution is in fact great to reach a port by a regular user (as the first 1024 ports are restricted to the root user only on linux)