I'm looking into the best way to setup an enviornment whereby multiple users (e.g. students) can run Node-RED on a remote server (e.g. ubuntu on an Oracle Cloud) and was wondering what the current thinking is on this. I've looked at postings on the Forum on this subject but they all seem to be a year or so old. In view of the enhancements made to Node-RED in the last year, I wondered what the current thinking is.
Ideally, I'd like the students to be able to login with a username and not have to bother with entering command line options and a port address.
If you want to do it yourself, I'd use NGINX to provide the outer shell. You can use its scripting capabilities to automate creation of new Node-RED instances and to reset existing ones if needed. Then you can use its reverse proxy capabilities to convert the individual Node-RED ports into URL folders to make it easier for students.
i would concur, however if you want to go down your own path, i would deploy a stack in docker
which has
a nginx/nginx proxy manager (if you are not that familiar) as the front door and reverse proxy
a authentication service that would allow for user management (i use authentik)
a series of node red instances configured with oidc user access
there is some work needed to update the node red settings.js file with the correct users per instance
this is all doable and i would think a solid days worth of work to get set up however the wheel is round , i would use flow fuse - you may need to pay to get the capability for user auth, i am not that close to flow fuse
I'd go for almost the same setup as above...
Except with a small detail, that I think would make the life of OP easier...
I would go for running in docker too. One container per user. Each one with their own directory on the server to store the flows.
The default docker container will do. No need to change anything in the settings.js.
Then, protect everything with traefik: Traefik Proxy Documentation - Traefik
Each student would have his/her own entry point like https://student1.yourdomain.com...
HTTPS is ended on traefik and nodered runs on the usual 1880. No authentication in NR. Done on traefik.
Initial setup a bit hard, then, adding X users easy-peasy.
Nice, the only advantage of using oidc would be you could give different users different access
That is you could give some students read only access to another instance - if that granularity is not required then traefik would be a good soln ( replaces both nginx and authentik)