Installing Node-RED on a Work (Corporate) Laptop

Yes I tried this and it did not work.

I also tried to run the proxy commands to see if that would help, but that did not work either.

@jstou it isn't really for us to help you get around whatever security your corporate IT department have applied to your laptop. You should probably speak to them.

If you speak to them, they won't knowingly tell you how to get around their security. :slight_smile: This is usually just a blanket security to try to thwart people from installing "dangerous" software, that could cause a virus to be initiated or spread. We all know that Node-RED is not dangerous!! That is why I came to the forum for help.

Sounds like a proxy or firewall issue. Our IT at work is blocking all outside traffic. Http(s) is available via proxy only. But setting the proxy has worked for me.

I would suggest to speak to your admins. If it is a work project, then you could escalate it through your superior, so he can put pressure on them, too. :smiling_imp:

I have thought about doing this, and I may have to at the end of the day. The problem is that the IT people always hide behind the security policy - i.e., if you can't install it with our existing security in place, then you shouldn't be running the software on your laptop anyway.

I thought maybe there was a simple fix for this. Is there a way to install Node-RED by downloading a exe file instead of having to access the internet via the command prompt?

No, but you can install it on another machine (same OS, NodeJS and architecture) and copy the whole installation to your target machine with an USB stick (thumb drive). That's how I do it, works fine for Windows and Linux.

It's important to do a local install (no -g flag). Just run npm install node-red in an empty directory.

Ok let me try that and I will let you know how it works out.

Thanks,
Jim

Seems to me that if you are circumventing a company security policy you could end up in BIG trouble (i.e. out of a job or worse). If it is really important, go thru channels to get the IT guys help you out.

1 Like

I appreciate your concern, but I'm not really circumventing the policy if I can install it legally. It would only be a concern if I turned the firewall off! If I don't have any luck with the suggested methods, I will go to our IT people and ask for help.

1 Like

Well you could try an electron build like


or

Mine is more for running a flow with a dashboard as a standalone thing - but does include the editor. Sakazuki's is more the editor side.
Neither are officially supported or endorsed by the core project, but are there for use if required.

If you work for a decent enterprise, they likely have several things in place that may stop you.

  • They may prevent any applications from running that they haven't approved. This is called "Application Whitelisting" and it is undoubtedly the best security for any end user compute device. It stops nearly all malware from ever executing.
  • They may prevent you from accessing a command prompt. This really limits what you can achieve with NodeJS and Node-RED. This is a case where the Electron version of Node-RED might help.
  • Less likely, they may not allow access to the npmjs site. In that case, copying everything from another PC may work - if you are allowed to copy from an external source that is!

These are all features designed to keep the majority of people and resources safe. It is not wise to try to side-step such things and, despite your claim, you are trying to do that. If you end up causing an issue, you will be blamed and will get into trouble. I know because this is the world I live in.

So the correct approach is to do a quick write up of the benefits Node-RED would bring along with a brief history and a summary of who now maintains it (The JavaScript Foundation). You will also need to identify (realistically) the risks you may be introducing. If you want help with the risks, I'm sure this community will help, certainly I will.

Pass that onto your boss or their boss or whoever you think might support you. Once you have their buy-in, you can go back to IT with a proposal and request.

Remember that all change costs money, time and resources so you need to be patient, it is likely that the IT department is bombarded with requests and have little resource. A funded business case will likely go a long way to getting yourself taken seriously!

All IT change also carries risk, some of which you are probably not aware of so this kind of request is never a done deal.

Some organisations have a special category for users who need more flexibility, often classed as "Power Users" or "Developers", you might also try to see if that is possible and if so get your boss to sponsor that. Usually, such users will have some freedom to install software and use the command line.

3 Likes

Thank you for the words of caution. I really appreciate everyone trying to look out for me.

Let me give you some background. I am a R&D manager for my company, where I've been working for 23 years. I would not have lasted this long if I broke the rules all these years!! Because we do research, we typically have to install "non-conventional" software on our computers to get our projects done, i.e., non-company-approved software. This is very common with research projects in today's "open source" world. So on the one hand the company is telling us to do the work and be productive, and on the other hand, they tell us we can't load just any software on the computer (i.e., must be company-sponsored). Our IT people are contractors and will do whatever my company's IT management people tell them to do. This is why I am skeptical regarding going to the IT people, although I may ultimately need to go that route. The reality is that we researchers typically have to use a non-work laptop connected to a separate non-work network to use some of this specialized software. The irony is that we are still doing our jobs to do this!!

I hope that explains the situation a little better to everyone.

Thanks for the explanation, that does help put things in context. It is hard to know people's context of course so I personally try to err on the side of caution first. There are, unfortunately, a lot of people who don't understand at all the reasons that certain rules are in place and the impact of breaking them. So I apologise for explaining what you clearly already understood.

To put things in context, I've always worked in IT either within an IT team or as a contractor. I've never been one to accept the status-quo and I've always pushed the boundaries. But always with purpose and understanding rather than blindly. For example, the organisation I currently work for uses heavily locked down laptops which really wouldn't let me do my job well. So I use an unmanaged laptop. :smiley: In previous roles as a contractor/consultant, I've also often used my own kit to get the job done even when the role supposedly required a company device.

And as an IT person, I would also be sceptical of going to IT :rofl:

So I get where you are coming from and I certainly sympathise. Anyway, we've drifted off topic rather.

If application whitelisting is in use, there is no way you will be able to directly run Node-RED because you won't be able to run node.js. Nor would you be able to run an Electron version.

If whitelisting isn't in use and you can get to a command line, you can probably run node-red, especially if you use a local installation rather than the usual global one. If you can't get to the command line then try the Electron version of Node-RED.

If access to npmjs is blocked, download and pre-compile any nodes and dependencies on another similar system then copy them over manually on a stick or some other website that you have access to.

If you do manage to use one of these, I would still look for some cover from my manager just in case anyone gets uppity.

Above all, don't break anything!

1 Like

Thanks for all the suggestions. I can get to the command prompt and I was able to install node.js successfully.

Is there a link with detailed instructions on how to install node-red locally only? Or do "download and pre-compile any nodes and dependencies on another similar system then copy them over manually on a stick"? Unfortunately, I am not an IT/software person, so I need step-by-step instructions!!

I'm glad you asked :wink:

Oh, you will be!! Not quite step-by-step but hopefully enough. Feel free to shout out if needed.

Thanks for the link. Last/dumb question: What is the difference between this installer and the desktop version of Node-RED (which I just found out about via a different forum link!)?

The alternate installer gives you standard Node-RED experience (just in a different folder which is great for experimenting without mucking up main install)

The desktop version is an electron packaged version which deviates in a few ways from the way standard Node-RED works and is not quite as configurable either

1 Like

Ok so I am going through the installation process again on my work laptop. I installed node.js and npm successfully, but when I go to the command window (Run as Administrator), I am getting the following error message:

What does this mean? Do I need to run this in a specific window? I have never seen this error message with npm before.

Thanks in advance for any help.

Hi, the command that is failing is actually a PowerShell command and you are using cmd.exe in that window. That is strange because it works for me.

What version of node.js is installed and have you tried to manually update npm?

I have v12.13.0 of node.js installed. I was able to get the desktop version installed but I get a similar error when I try to install the dashboard node. Something is definitely broken and I'm starting to wonder if this is even enhanced security. I will keep playing around with it and see if I can figure it out.

Thanks