Node Red IP Address and Published Ports

[GACHAPO]

Hi Graham,

I can no longer browse to the Node Red console as when I look in portainer the IP Address and Published Ports are blank. Can you explain how I get back to the 1880 port and a reason why this may have occurred please?

Thanks

[gcgarner]

Did you change the nework_mode to host? Are you sure that nodered is running? Are there any logs that indicate an error(either via portainer or 'docker logs nodered' in the terminal)

Have you changed the env file to change the subfolder?

[GACHAPO]

Thanks for coming back to me Graham,

It is running. I didn't change network_mode that I'm aware of

Only changes I believe I did was;

1. Load Icecast2
2. Set up DuckDNS through Hassio addon

When I look in portainer I noted that the IOTStack network did not have node red. I stopped it from running, added it to the IOTStack network and started it running again.

It fails to start as below

Thanks

[gcgarner]

The error Error: spawn ffmpeg ENOENT looks quite odd. Did you add any nodes that would have caused that?

What you can do to get node red back up into its 'default state` is the following (note that any your old flows wont be available, they can be recovered later)

(run from the IOTstack folder)

docker-compose stop nodered
sudo mv ./volumes/nodered/ ./volumes/nodered_bu/ 
docker-compose up -d

what this will do is rename your nodered volume directory and let docker recreate a blank one for you. If you do this does node red start now?

[GACHAPO]

Yes, node red now starts.

However, I have now lost portainer?

I had previously loaded Icecast2 outside docker, so I installed in docker. I don't think it liked it because port 8000 (its port) was already taken. I stopped the first version from running and since then portainer has not responded.

I think it might be best to start again and ensure I only use docker containers and I set up duckdns using your method, not within Hassio.

If I use your method do all containers then become https?

[gcgarner]

I dont know what port the duckdns service uses in hassio, could be a conflict

portainer should be on port 9000, you can run docker logs portainer there could possibly be and error message that will give you more info

what you can do is verify the contents of your docker-compose.yml file. make sure that you have portainer and nodered. You can reassign the ports as you need with portainer and nodered.

go the the service section in the docker-compose.yml under Portainer there should be

    ports:
      - 9000:9000

This is the formate -host_port:container_port, you would leave the container port on 9000 and change the host port to whatever you need

a docker-compose up -d will apply the change

Just a note I use a holding file called service.yml in the appropriate services/ directory. If you want your change to be applied the next build you will need to change that service.yml file to reflect what you changed

another note, you should be able to do netstat | grep 8000 in the terminal to see if the port is already used

[GACHAPO]

Thanks Graham,

I reloaded from the top as your script makes it so easy and I wasn't deep into the project.

a couple of points;

This time I haven't used Hassio duckdns, but have followed your wiki. I got the ok and set up the cron job, but I can't access (say hassio) by my usual https://NAME.duckdns.org:8123 - Am I missing something in the setup?

This time I installed icecast2 in docker using;

docker run -p 8000:8000 -e ICECAST_SOURCE_PASSWORD=aaaa -e ICECAST_ADMIN_PASSWORD=bbbb -e ICECAST_PASSWORD=cccc -e ICECAST_RELAY_PASSWORD=dddd moul/icecast

However it refuses to start and won't gel to a network?

Apologies, this thread has move a little away from a node red issue now.

[GACHAPO]

It would appear that https://github.com/moul/docker-icecast is ARM64 specific, hence the error

[gcgarner]

Not a prblem.

I assume that you have forwarded your port 8123 in your router. Most home routers wont allow you to connect to a dns entry like that from inside your own network (has to do with self reflection/ hairpin nat)

If you log into duckdns.org where you setup your token do you see your Public IP as assigned to your router? ( you can google "my ip" to see it) If you have an external connection you can try using nmap -p 8123 name.duckdns.org

I dont think that the forwarding is https though, have you tried just http?

[gajpchapo]

Ah, http works

Does that mean it's not secure?

Hassio uses https.

[gcgarner]

Yes it means that it is insecure.

I am not familiar with how hassio works but typically you would need to setup a reverse proxy and expose port 433 to the web so that the reverse proxy does the https on your behalf.

I'm working on getting a reverse proxy up using letsencrypt (on a project branch) and hassio requires a dedicated subdomain

[gajpchapo]

Hassio uses letsencrypt, similar to what you're looking to do, typically;

{ "lets_encrypt": { "accept_terms": true, "certfile": "fullchain.pem", "keyfile": "privkey.pem" }, "token": "sdfj-2131023-dslfjsd-12321", "domains": ["my-domain.duckdns.org"], "seconds": 300 }

so, at the moment am I best to encrypt through Hassio to allow external access and not expose, node red, lorraine, etc to the internet until you're successful with letsencrypt?

[gcgarner]

I've been useing Zerotier recently to connect to my Pi from outside my network. Found it really handy. best thing is it requires no exposing ports to the web. however it requires that all your devices have the zerotier engine running and are connected.

I have the letsenrypt container working on my system however i need to write a good writeup on the web for the average user to be able to get it working.

Hopefully i can get it pushed by the weekend

[GACHAPO]

Great - I'll await your write up, I'll be your guinea pig and you can test if Mr stupid here gets stuck!