Here’s a set of instructions that can be used in conjunction with Richard Wenner’s tutorial:
How to Prepare and Secure Raspberry Pi for Node-Red
Richard Wenner Youtube: Node-Red Raspberry Pi Updating & Securing - YouTube
Install SD card image and configure RPI for headless operation. (Raspberry Pi configuration is probably not required with a functioning emonPi SD Image)
sudo raspi-config
Change RPi password
Change host name from raspberrypi to your hostname
Set boot to command line
Set localization options
Enable SSH
Expand file system
Exit and reboot
Update operating system
sudo apt-get -y update
sudo apt-get -y upgrade
sudo apt-get dist upgrade
Check node-red version
node -v
Install node packet manager and update node-red
bash <(curl -sL https://raw.githubusercontent.com/node-red/raspbian-deb-package/master/resources/update-nodejs-and-nodered)
Check error log
cat /var/log/nodered-install.log
Check node-red version
node -v
Check npm packet manager version
npm -v
Install ’n’ utility to check the latest version of node-red and upgrade for us
sudo npm install -g n
Upgrade to very latest version of node red
sudo n latest
Reboot
sudo shutdown -r now
Check node-red version
node -v
Check npm packet manager version
npm -v
Start node-red (hit ctrl-c to get the prompt, node-red will continue to run)
node-red-start
ctrl-c
Note the error with the serial port. This is well known and easy to fix
cd ~/.node-red
ls -la
node-red-stop
sudo npm rebuild
Start node-red - Confirm the error has beed fixed
node-red-start
ctrl-c
Could stop here but need to add an encrypted password and use https
First we need to stop node-red completely and reboot…
sudo systemctl disable nodered.service
node-red-stop
sudo shutdown -r 0
First, switch to https
Generate https self-certified certificate
cd ./node-red
ls -la
Check that we have these packages:
.config.json
package.json
settings.js
Generate a private key
openssl genrsa -out privatekey.pem 1024
openssl req -new -key privatekey.pem -out private-csr.pem
Country Name (2 letter code) [AU]: US
State or Province Name (full name) [Some-State]: New-Jersey
Locality Name (eg, city) []: (leave blank)
Organization Name (eg, company) [Internet Widgits Pty Ltd]: (leave blank)
Organizational Unit Name (eg, section) []: (leave blank)
Common Name (e.g. server FQDN or YOUR name) []: (enter the RPi IP address)
Email Address []: (enter your email address)
A challenge password []:Email Address []: (leave blank)
An optional company name []: (leave blank)
The prompt returns…
Signature confirmation
ls -la
Should now see:
privatekey.pem
certificate.pem
Edit settings.js
nano settings.js
Uncomment this line…
//var fs = require(“fs”);
Uncomment this section:
//https: {
** // key: fs.readFileSync(‘privatekey.pem’),**
** // cert: fs.readFileSync(‘certificate.pem’)**
** //},**
And change to:
https: {
** key: fs.readFileSync(’/home/pi/.node-red/privatekey.pem’),**
** cert: fs.readFileSync(’/home/pi/.node-red/certificate.pem’)**
** },**
Uncomment this section:
//adminAuth: {
// type: “credentials”,
// users: [{
// username: “admin”,
// password: "$2a$08$zZWtXTja0fB1pzD4sHCMyOCMYz2Z6dNbM6tl8sJogENOMcx$
// permissions: “*”
// }]
//},
Save and Exit
Note: To set a root password enter: sudo passwd root enter the password twice.
Need to encode the node-red password and need to install some encryption software. This is done with node-red
su
Password: (enter your password)
npm node-install -g node-red-admin
exit
Password: (enter password) (this is the password you will use to access node-red, your’s will be different)
$2a$08$LAD8pMesZ6f5akNxgXbOvO/KK400WRaa2J/DqnoV4JTrn4sJd1h62
Copy the password.
Re-open the settings.js file
Locate the adminAuth section and paste the copied password over the existing password
adminAuth: {
type: “credentials”,
users: [{
username: “admin”,
password: "$2a$08$zZWtXTja0fB1pzD4sHCMyOCMYz2Z6dNbM6tl8sJogENOMcxWV$
permissions: “*”
}]
},
Save and exit
Start node-red
node-red-start
ctrl-c
Go to your browser and enter:
https://(your raspberry pi IP address):1880
Make sure to trust your self-signed certificate (it’s safe to do this as you created the certificate. normally you would not accept certificates from unknown sources)
Enter: admin (for username, or whatever you like)
Enter your node-red password that you set above)
You will now see the node-red gui
Enable auto-start for node-red service on boot
sudo systemctl enable nodered.service
Now add some nodes that will be needed.
From the Manage Pallet Menu in Node-Red search for:
node-red-dashboard and install the nodes (Graphical GUI nodes)
Now make a backup of the Raspberry Pi SD Card image