- Systemd: Bind to privileged port without altering upstream service file
· I’m using syncthing to sync files to all my devices. It comes with a webinterface accessable over port 8384. I don’t like websites which are not accessable over port 80 or 443. Normally I use nginx to proxy requests. For me that’s hassle free because I’m using ansible to spin up nginx installations. Yet it’s unnecessary overhead.
An unprivileged application usually can’t bind to ports below 1024. My syncthing installation runs with user privileges and is - as far as I know - not able to drop privileges like nginx.