search

janvda / balena-node-red-mqtt-nginx-TIG-stack

Composite docker application with "8" containers (2x Node-RED, 2x MQTT broker, Telegraf, InfluxDb, Grafana, Nginx) for deployment on Raspberry Pi through Balena.
Eclipse Public License 2.0
58 stars 42 forks source link

Not able to secure node-red editors - node-red-admin module not installed #15

Closed leowise closed 5 years ago

leowise commented 5 years ago

Tried to secure both node-red UIs but so far no luck. Looking at node-red website instructions and using their suggestion to use: node -e "console.log(require('bcryptjs').hashSync(process.argv[1], 8));" your-password-here, but that didn't work (password apparently is not updated). Attempted to use node-red-admin module, but found out that it is not installed. I am investigating this issue, will report back findings. BTW, great work! I am planning to use this in a project I am working on, thanks!

janvda commented 5 years ago

Hi Oscar,

This is indeed a very valuable point.

I just managed to install node-red-admin by executing the following command in a terminal window for the node-red service using balenaCloud dashboard:

sudo npm install -g node-red-admin

but if you do that it will print an endless loop of below warnings which you can stop with -c . Allthough it has printed all those warnings it has successfully installed node-red-admin. You can then create a hashed password by entering the command node-red-admin hash-pw in the same terminal window.

I hope this works for you. kr Jan

Here below a snapshot of the endless list (unless interrupted) of warnings.

gyp WARN EACCES attempting to reinstall using temporary dev dir "/usr/local/lib/node_modules/node-red-admin/node_modules/bcrypt/.node-gyp"
gyp WARN EACCES user "root" does not have permission to access the dev dir "/usr/local/lib/node_modules/node-red-admin/node_modules/bcrypt/.node-gyp/8.1.3"
gyp WARN EACCES attempting to reinstall using temporary dev dir "/usr/local/lib/node_modules/node-red-admin/node_modules/bcrypt/.node-gyp"
gyp WARN EACCES user "root" does not have permission to access the dev dir "/usr/local/lib/node_modules/node-red-admin/node_modules/bcrypt/.node-gyp/8.1.3"
gyp WARN EACCES attempting to reinstall using temporary dev dir "/usr/local/lib/node_modules/node-red-admin/node_modules/bcrypt/.node-gyp"
gyp WARN EACCES user "root" does not have permission to access the dev dir "/usr/local/lib/node_modules/node-red-admin/node_modules/bcrypt/.node-gyp/8.1.3"
gyp WARN EACCES attempting to reinstall using temporary dev dir "/usr/local/lib/node_modules/node-red-admin/node_modules/bcrypt/.node-gyp"
gyp WARN EACCES user "root" does not have permission to access the dev dir "/usr/local/lib/node_modules/node-red-admin/node_modules/bcrypt/.node-gyp/8.1.3"
gyp WARN EACCES attempting to reinstall using temporary dev dir "/usr/local/lib/node_modules/node-red-admin/node_modules/bcrypt/.node-gyp"
gyp WARN EACCES user "root" does not have permission to access the dev dir "/usr/local/lib/node_modules/node-red-admin/node_modules/bcrypt/.node-gyp/8.1.3"
gyp WARN EACCES attempting to reinstall using temporary dev dir "/usr/local/lib/node_modules/node-red-admin/node_modules/bcrypt/.node-gyp"
gyp WARN EACCES user "root" does not have permission to access the dev dir "/usr/local/lib/node_modules/node-red-admin/node_modules/bcrypt/.node-gyp/8.1.3"
gyp WARN EACCES attempting to reinstall using temporary dev dir "/usr/local/lib/node_modules/node-red-admin/node_modules/bcrypt/.node-gyp"
gyp WARN EACCES user "root" does not have permission to access the dev dir "/usr/local/lib/node_modules/node-red-admin/node_modules/bcrypt/.node-gyp/8.1.3"
gyp WARN EACCES attempting to reinstall using temporary dev dir "/usr/local/lib/node_modules/node-red-admin/node_modules/bcrypt/.node-gyp"
gyp WARN EACCES user "root" does not have permission to access the dev dir "/usr/local/lib/node_modules/node-red-admin/node_modules/bcrypt/.node-gyp/8.1.3"
gyp WARN EACCES attempting to reinstall using temporary dev dir "/usr/local/lib/node_modules/node-red-admin/node_modules/bcrypt/.node-gyp"
gyp WARN EACCES user "root" does not have permission to access the dev dir "/usr/local/lib/node_modules/node-red-admin/node_modules/bcrypt/.node-gyp/8.1.3"
gyp WARN EACCES attempting to reinstall using temporary dev dir "/usr/local/lib/node_modules/node-red-admin/node_modules/bcrypt/.node-gyp"
gyp WARN EACCES user "root" does not have permission to access the dev dir "/usr/local/lib/node_modules/node-red-admin/node_modules/bcrypt/.node-gyp/8.1.3"
gyp WARN EACCES attempting to reinstall using temporary dev dir "/usr/local/lib/node_modules/node-red-admin/node_modules/bcrypt/.node-gyp"
janvda commented 5 years ago

FYI I have also created the following issue https://github.com/node-red/node-red-admin/issues/7 but this should not block you. The solution described in previous comment should work for you.

janvda commented 5 years ago

Hi, I got an update on issue https://github.com/node-red/node-red-admin/issues/7

You should NOT run command

sudo npm install -g  node-red-admin

but command:

sudo npm install -g --unsafe-perm node-red-admin

This should properly install node-red-admin without an endless list of warnings.

janvda commented 5 years ago

I have update the 2 node-red docker files (see commit 126b5768d7f720b69b11aed83ea29733db11a29e and the one before) with the command:

sudo npm install -g --unsafe-perm node-red-admin

So I consider this issue closed.

leowise commented 5 years ago

Yes, thanks for the info. The docker file update should do the trick!

Get Outlook for iOShttps://aka.ms/o0ukef

From: janvda notifications@github.com Sent: Thursday, August 15, 2019 4:01:28 PM To: janvda/balena-node-red-mqtt-nginx-TIG-stack balena-node-red-mqtt-nginx-TIG-stack@noreply.github.com Cc: Oscar Mendoza leowise@hotmail.com; Author author@noreply.github.com Subject: Re: [janvda/balena-node-red-mqtt-nginx-TIG-stack] Not able to secure node-red editors - node-red-admin module not installed (#15)

I have update the 2 node-red docker files (see commit 126b576https://github.com/janvda/balena-node-red-mqtt-nginx-TIG-stack/commit/126b5768d7f720b69b11aed83ea29733db11a29e and the one before) with the command:

sudo npm install -g --unsafe-perm node-red-admin

So I consider this issue closed.

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHubhttps://github.com/janvda/balena-node-red-mqtt-nginx-TIG-stack/issues/15?email_source=notifications&email_token=AAG7OZMWIAULUUBMPZSBRXTQEWYZRA5CNFSM4IL2FBOKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOD4M26QI#issuecomment-521776961, or mute the threadhttps://github.com/notifications/unsubscribe-auth/AAG7OZOA6HJLJLGOQEKYGBTQEWYZRANCNFSM4IL2FBOA.