Node-RED with the INSTAR Cloud Webhook

• Node-RED HTTP/2 Webproxy
  • Configuring NGINX
  • Starting NGINX
• Configuring the INSTAR Cloud
• Next Steps

Node-RED HTTP/2 Webproxy

I already secured Node-RED with a User Login but I want to add HTTPS TLS encryption on top. For this I am going to setup an NGINX Ingress for my Docker Cluster using the latest NGINX Docker image:

docker pull nginx:1.21.6-alpine

Configuring NGINX

You can use this Github Repository to get started with the NGINX configuration. Use Git to clone the repository or simply download the ZIP file from Github and unzip it into the /opt directory of your server:

git clone https://github.com/mpolinowski/nginx_docker_ingress.git /opt/nginx_docker_ingress

This repository already brings everything we need. We only need to edit the default server configuration file:

nano /opt/nginx_docker_ingress/conf.d/default.conf

Delete it's content and replace it with:

server {
    listen 80;
    listen [::]:80;

    server_name my.server.address;

    return 301 https://$server_name$request_uri;
}


server {SQL-Logging
    listen 443 ssl http2 default_server;
    listen [::]:443 ssl;
    # ssl_certificate /opt/letsencrypt/live/my.domain.com/fullchain.pem;
    # ssl_certificate_key /opt/letsencrypt/live/my.domain.com/privkey.pem;
    include ssl/self-signed.conf; # Replace with the 2 lines above when using CA Cert
    include ssl/ssl-params.conf;
    include /etc/nginx/conf.d/header.conf;

    server_name my.server.address;


    location / {
      proxy_pass http://nodered:1880/;
    }


    error_page  404 /404.html;
    error_page  500 502 503 504 /50x.html;
    location = /50x.html {
    root   /usr/share/nginx/html;
  }
}

There are a two changes that you will have to make here:

1. Change both my.server.address with your servers domain name or IP address.
2. The repository comes with a Self-signed Certificate that is included from ssl/self-signed.conf. You can use this certificate to get started. It will work with the INSTAR Cloud Webhook function. But, you will either want to replace it with your own self-signed certificate or use Let's Encrypt to get a proper certificate and include it instead of the self-signed certificate.

Starting NGINX

We now have to start this container with the following flags:

• open ports 443 (HTTPS) and 80 (HTTP)
• a volume mount for /opt/nginx_docker_ingress
• the container must be on the same virtual network as Node-RED, e.g. smart

docker run -d -p 443:443 -p 80:80 -v /opt/nginx_docker_ingress:/etc/nginx --network=smart --name ingress nginx:1.21.6-alpine

Verify that the Node-RED user interface is now accessible via HTTPS:

https://my.server.address:443/

When you are using a self-signed certificate you will see a warning that the certificate is self-signed - accept to continue:

Are you able to access Node-RED through your NIGNX ingress? If yes, continue with re-configuring your INSTAR Cloud account.

Configuring the INSTAR Cloud

All that needs to be changed here is the port - it is now 443 instead of 1880. And you have to set the protocol to secure - that's it:

Next Steps

• The INSTAR Cloud Webhook
  • Installing Node-RED v2 with Docker
  • Node-RED GET Webhook
  • Node-RED POST Webhook