adminAuth and read-only file system?

[Glyn Hudson]

I'm running node-RED on a Raspberry Pi with a read-only file system. Node-red seems to work fine (obviously once the flows have been saved). However when adminAuth is enabled it's not possible to login to view the editor when the file system is in read-only mode, it just hangs at the login page. Presumably this is since adminAuth is saving a token file somewhere? Would it be possible to change the location of this token file to be on a /tmp or RW part of the filesystem? 

[Nicholas O'Leary]

Hi Glyn,

I've just pushed a fix that adds a new setting to put the localfilesystem storage plugin into read-only mode.

If you set readOnly to true in your settings file, the storage plugin won't do anything that writes to disk - the operations will silently fail, so the runtime will continue as normal, but nothing will be saved.

This will be in 0.12.4 which we'll release in the next day or so.

Nick

On 12 December 2015 at 10:41, Glyn Hudson <glyn....@gmail.com> wrote:

I'm running node-RED on a Raspberry Pi with a read-only file system. Node-red seems to work fine (obviously once the flows have been saved). However when adminAuth is enabled it's not possible to login to view the editor when the file system is in read-only mode, it just hangs at the login page. Presumably this is since adminAuth is saving a token file somewhere? Would it be possible to change the location of this token file to be on a /tmp or RW part of the filesystem? 

--
http://nodered.org
---
You received this message because you are subscribed to the Google Groups "Node-RED" group.
To unsubscribe from this group and stop receiving emails from it, send an email to node-red+u...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Glyn Hudson]

Awesome! Thanks so much :-D 

I've set a reminder to myself to try and update to 0.12.4 and test this in a couple of days.

We're rolling node-RED installed and configured as standard on our OpenEnergyMonitor emonPi Raspberry Pi based energy monitor: http://openenergymonitor.org/emon/node/11799.

Thanks again

--
http://nodered.org
---
You received this message because you are subscribed to a topic in the Google Groups "Node-RED" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/node-red/qC0PC0yTpLk/unsubscribe.
To unsubscribe from this group and all its topics, send an email to node-red+u...@googlegroups.com.

For more options, visit https://groups.google.com/d/optout.

--

Glyn Hudson

http://megni.co.uk
http://adventuresplusnorthwales.blogspot.com

[Glyn Hudson]

Hi Nick, 

Great! I've managed to update to 0.12.4 and set 

readOnly: true, in module.exports. 

All works as described. I can now login to the web editor when fs is RO. However since saving the flows fails quietly the user won't know that their flow creating work won't be saved upon deploy. 

To fix this I could move .node-red to a RW /data partition or symlink the flows file from the RW partition. How could this be done and would it have implications for future updates? 

[Nicholas O'Leary]

HI Glyn,

you can add a user to adminAuth that has 'read' permission - they will be able to login but any attempt to deploy will fail with a suitable message.

The user data directory can be wherever you want - when you start with --userDir you can point to where you want it to be. I've not tried hiding it behind a symlink.

Nick

--

[Glyn Hudson]

Using  --userDir to move user data to read-write partition worked well. Thanks 

For benefit of other users to make this change persistant at boot:

sudo nano /lib/systemd/system/nodered.service

and add line:

Environment="NODE_RED_OPTIONS=--userDir PATHTOFOLDER"