Use https with letscryptcert instead ngrok service
Closed this issue · 3 comments
Hello,
When config my node-red with custom cert with letsencrypt service with this node https://github.com/bartbutenaers/node-red-contrib-letsencrypt or by generating cert with the terminal.
And enable in settings.js the https functionallity
https: { key: require("fs").readFileSync('/data/privkey.pem'), cert: require("fs").readFileSync('/data/cert.pem') }
Node-red its OK
Mission Control is OK
GraphQL internal connection not OK
Error in console:
--- ApolloError: Network error: request to http://0.0.0.0:1880/graphql failed, reason: socket hang up
2 Feb 16:03:26 - [error] [mc-graphql:6b8a9a77b66002ec]
at /data/node_modules/apollo-client/bundle.umd.js:1483:29
at /data/node_modules/apollo-client/bundle.umd.js:1588:34
at new ApolloError (/data/node_modules/apollo-client/bundle.umd.js:92:26)
at /data/node_modules/apollo-client/bundle.umd.js:2008:15
at Set.forEach ()
at /data/node_modules/apollo-client/bundle.umd.js:2006:26
at Map.forEach ()
at QueryManager.broadcastQueries (/data/node_modules/apollo-client/bundle.umd.js:2004:20)
at processTicksAndRejections (node:internal/process/task_queues:96:5) {
graphQLErrors: [],
networkError: FetchError: request to http://0.0.0.0:1880/graphql failed, reason: socket hang up
at ClientRequest. (/data/node_modules/node-fetch/lib/index.js:1505:11)
at ClientRequest.emit (node:events:527:28)
at Socket.socketOnEnd (node:_http_client:478:9)
at Socket.emit (node:events:539:35)
at endReadableNT (node:internal/streams/readable:1345:12)
at processTicksAndRejections (node:internal/process/task_queues:83:21) {
type: 'system',
errno: 'ECONNRESET',
code: 'ECONNRESET'
extraInfo: undefined
--------------------- GraphQL Error (id: 6b8a9a77b66002ec) ---------------------
}
},
(empty array)
Thanks for all
Thanks for the feedback, that might take a while to debug.
Is this in production? If it's the production stack and you can install Docker can I suggest a different approach (or workaround)?
I think Node-red should do the node-red and ssl certificates / authentication / etc is a concern for another layer in the stack.
In production I generally use nginx as reverse proxy and nginx is handling all the ssl stuff, web sockets proxying and authentication etc.
Also in this way node-red is running the same way as development
Nginx is hard to configure but with this
https://github.com/NginxProxyManager/nginx-proxy-manager?utm_source=nginx-proxy-manager
It's really a pleasure to use, it handles automatically the letsencrypt thing (also renewals)
You can host multiple node-reds in the same host.
If you're interested I can share some details
Thanks for the feedback, that might take a while to debug.
Is this in production? If it's the production stack and you can install Docker can I suggest a different approach (or workaround)?
I think Node-red should do the node-red and ssl certificates / authentication / etc is a concern for another layer in the stack. In production I generally use nginx as reverse proxy and nginx is handling all the ssl stuff, web sockets proxying and authentication etc. Also in this way node-red is running the same way as development Nginx is hard to configure but with this
https://github.com/NginxProxyManager/nginx-proxy-manager?utm_source=nginx-proxy-manager
It's really a pleasure to use, it handles automatically the letsencrypt thing (also renewals) You can host multiple node-reds in the same host.
If you're interested I can share some details
What you are talking about is what I need. What you are talking about is a better solution.
Can you give me more information please?
Ok, just wrote these instructions
https://www.notion.so/redbot/Deploying-RedBot-with-Nginx-844c4fe1497845f198db27d82ecb97a5
Let me know if it's clear or they need some improvements