Remote access to GPIO from internet

Hi!

I am new to Node-Red and have managed to control a led via a gpio pin on my raspberry pi. My problem is that I can only control it if the device that I am using to control is connected to the same wifi connection as my pi.

How can I control the gpio pin on the pi from a device that is connected to a different wifi network (so that I can control the gpio remotely)?

Thanks a lot and sorry for the noob question!

Some ways to do this would be use twitter, or another messaging app, so you look for a message from a person or with a certain keyword to trigger the flow.

If you mean " i want to connect Node-RED to the internet" it comes with security warnings, but there is a guide here https://github.com/node-red/cookbook.nodered.org/wiki/How-to-safely-expose-Node-RED-to-the-Internet

Thanks a lot for you answer!
I thought it would be much more straight forward that that… :frowning:

The link you sent is very informative though so I’ll try to work it out!

You will need to run node-red on the pi that has the GPIO pins. Then the question is how to tell that instance of node-red what to do from somewhere remote. As ukmoose has suggested, using a messaging app is a good way to do that without exposing the pi to the internet, which is fraught with danger. Telegram is used by many as the messaging app.

It’s been shown that a new device (like your RPi) attached directly to the internet will be located and probed within 15-30 seconds of being connected… thus the hoops you need to jump through to ensure that others are not able to take over the device and potentially have access to other devices (or smart control systems!) on your local network.

So, if you really do need to access the node-red editor from the internet, please be safe and follow the directions – if you just want to send and receive msgs from your running flows, then twitter, email, and telegram are good (and safer) solutions for most people. Good luck!

Roger that.

Thank you all for the feedback! It is greatly appreciated!

i will reinforce the message given by others. The relatively easy way to expose your system across the Internet is to use something like Telegram. This is probably the easiest of the secure messaging apps on which to build the “bot” interface you need and there are a couple of contributed sets of nodes to help you along the way.

It is possible to build up quite a sophisticated interface if you need to - for example if the rest of your family need to use it :slight_smile:. There are plenty of examples available for you, check the flows site or do a Google search. If you get stuck, there are plenty of people who will help you untangle what you’ve started.

2 Likes

Something to consider is that recent releases of Raspbian for the Pi include the RealVNC server https://www.realvnc.com/en/. You get a personal-use license and limited access to their cloud service. You can configure the client (VNC Viewer) on your computer or phone for remote (internet) access to the Pi desktop, where you can run a browser connected to Node-RED, either the editor, dashboard, or both. Performance for editing flows is not great, and obviously you have to run the desktop version of Raspbian, but for pushing a dashboard button connected to a gpio pin it should be fine.

1 Like

I implemented the access of buttons and feedback via telegram using a telegram bot. Works fast and reliable. Go to the telegram site for more information.

1 Like

Certainly another way to do it - again though, make absolutely certain that you've secured it properly if exposing over the Internet.

I can never remember whether RealVNC encrypts sessions by default?

VNC also has the double disadvantage that it:

  1. Requires x-windows and a window manager to run on your Pi. Lots of resources tied up unnecessarily.
  2. Is relatively slow since lots of parts of a window have to be calculated and redrawn regularly.

Yes, RealVNC is encrypted by default. Encryption can be turned off for LAN sessions, but never over the internet.

I agree, it is much too slow and resource intensive for routine control or monitoring of home automation. (I happily use Telegram for that.) Where I do use it is on one RPi that monitors and logs data from my other (headless) machines. That host has a fairly light load, and VNC allows me to modify its NR flows remotely. More important, I can ssh from the machine running VNC into the other hosts on the LAN and do a variety of housekeeping or troubleshooting tasks. Clearly, I'm putting security in the hands of the RealVNC folks, but I suspect theirs are more competent than mine.

Lets hope more so than Microsoft who have had a long list of security failings on their equivalent RDP protocol including one last week! :slight_smile:

If you can, it is worth restricting allowing incoming connections to known networks.