Configure Node-Red port

[Richard Tenney]

Hi. I'd like to be able to run Node-Red on two Beaglebone Blacks behind the same router and have both available to the outside world. I think this should be possible if I give one of them an unused port, say 2880 instead of 1880 and set the NAT to forward port 1880 to one BBB and 2880 to the other BBB.

To get started with this, on the second BBB, I've edited settings.js in the /root/.node-red directory (it's actually a link to /usr/local/lib/node_modules/node-red/settings.js). After editing, the relevant two lines are

//    uiPort: process.env.PORT || port,

      uiPort: 2880,

After saving the file, I reboot the BBB (thus guaranteeing that Node-Red restarts and presumably reads the edited file). Now neither port 1880 nor port 2880 responds on the second BBB. The BBB is accessible -- both port 80 and port 8080 respond on the second BBB. And if I restore the settings.js file to its original contents and reboot, Node-Red shows up on port 1880.

Anybody have some suggestion about what I'm doing wrong?

Many thanks,

Richard

P.S. The following observation may help explain things -- but not enough for me to figure this out. When using port 1880, node-red doesn't start until a browser actually accesses port 1880. Some daemon must be watching out for the first use of port 1880 and starting node-red. Where is that daemon, and how does it get its configuration?Maybe it's not from settings.js.

[Richard Tenney]

Solved...I never did find this discussed anywhere, so I don't really understand all the fine points, but here's what worked.

Find /lib/systemd/system/node-red.socket and edit it so that 

ListenStream=2880

Edit the original settings.js file to read 

var port = process.env.LISTEN_PID > 0 ? 'systemd' : 2880;

I.e., in both cases, simply change 1880 to 2880.

Reboot the BBB. It now works!

Process for finding the solution:

I looked on the BBB for files with node-red in their name and 1880 in their text. Running as root and using the command line

find / -name \*node-red\* -print -exec grep 1880 {} \; 2> /dev/null | more

and experimenting with the results.

I hope this helps someone else who tries to change the port that Node-Red uses. It is one of the techniques suggested for improving the security of Node-Red projects.

Richard

[Dave C-J]

Not sure why this makes it more secure ? Maybe just more obscure. But no matter. Good digging. Do you mind if I add some of this to the instal docs ?

--

Sent from phone.

[Colin Law]

On 20 March 2018 at 03:39, Richard Tenney <rlte...@gmail.com> wrote:
> ...

> P.S. The following observation may help explain things -- but not enough for
> me to figure this out. When using port 1880, node-red doesn't start until a
> browser actually accesses port 1880. Some daemon must be watching out for
> the first use of port 1880 and starting node-red. Where is that daemon, and
> how does it get its configuration?Maybe it's not from settings.js.

If that is correct is that not a disaster in some circumstances as it
means that one cannot run stuff in node-red which is required to run
independently of whether there is a browser connected or not?

Colin

[Dave C-J]

Colin, good spot... I'll get in touch with them and see what we can work out... The simple bodge for that right now is to add something to /etc/rc.local like

    

curl -m 1 -s localhost:1880/ > /dev/null

[Dave C-J]

Aha - no actually doing it properly works fine - the command on BBB is

sudo systemctl enable node-red.service

(and likewise disable to stop it autostarting everytime) 

I'll update the docs later

[Richard Tenney]

Hi  Dave C-J,

On Wednesday, March 21, 2018 at 3:25:41 AM UTC-4, Dave C-J wrote:

Not sure why this makes it more secure ? Maybe just more obscure.

Yes, obscurity. See <https://hoast.dk/wordpress/2015/10/24/securing-node-red/>.

 

But no matter. Good digging. Do you mind if I add some of this to the instal docs ?

Please do!

Thanks,

Richard

 

--

Sent from phone.