Question

Is there anyway to assign specific port range to specific user?

What I am trying to do is create 5 users for nodejs application development. When they deploy the application, it runs on ip:port but is there anyway to run on ip/user:port? OR can I assign specific port range to specific user so that there won’t be issue of port?


Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Want to learn more? Join the DigitalOcean Community!

Join our DigitalOcean community of over a million developers for free! Get help and share knowledge in Q&A, subscribe to topics of interest, and get courses and tools that will help you grow as a developer and scale your project or business.

I don’t think you’ll be able to restrict a user to specific ports. However, a common solution here is to use Unix domain sockets (UDS) rather than TCP ports.

For example, if you’re running Nginx on ports 80/443, you’d have your users configure their nodejs apps to each listen on their own Unix domain sockets. Each Unix domain socket has a filesystem path and filesystem permissions, just like files. So, each user would configure their app to listen on a Unix domain socket under their home directory at something like /home/USER/run/app.sock with permissions set so that the socket is readable and writable by Nginx. Then you’d configure Nginx so that it talks to the correct Unix domain socket for each “server” you’ve configured in Nginx (a “server” is what each separate website is called in the Nginx configuration).

For permissions reasons, if you aren’t a filesystem permissions expert, you might have them use a path other than one under their home directory, too. It might be easier to use /var/run/USER/APPNAME.sock and you could make each /var/run/USER directory owned and writeable by USER and readable by the user Nginx runs as. That way, you don’t have to be allowing the Nginx user’s read access under each of your developer’s home directories.