I run node-red in a container (in raspian) but what I do I cant get it to accept only connection on the localhost. Either its world or its no one. Have tried enable the settings.js row
uiHost: "127.0.0.1",
but that makes it non accessible from anywhere.
The docker-compose have for node-red,
ports:
"127.0.0.1:1880:1880"
This is so strange. It seems what I do Inside uiHost matters more then that of docker
With UIhost commented and this line in compise I have world access...
I have tried with localhost also as uihost but the result is same. No one can access it
There's a way to make node-red only listen on localhost - I can't remember what it is off the top of my head. Normally the node-red express servers listen on 0.0.0.0 which allows external and internal access and you can change that to a specific address .
Ah, here we go. In settings.js:
/** By default, the Node-RED UI accepts connections on all IPv4 interfaces.
* To listen on all IPv6 addresses, set uiHost to "::",
* The following property can be used to listen on a specific interface. For
* example, the following would only allow connections from the local machine.
* This can be useful security when putting NR behind a reverse proxy on the same device.
*/
// uiHost: process.env.HOST || '127.0.0.1',
Good old docker. The uihost setting can restrict it to listening on just that network interface, but because it’s inside a container 127.0.0.1 is just the inside of that container so the browser running outside can’t get to it.
There is a way to tell docker to use only the host network (usually not advisable) or simpler don’t use docker.
I think the magic in compose is network_mode: “host”. But then that container will be fully exposed on the host network ( ie all ports etc)
