How to run Node RED in Docker when Home Assistant is also running in Docker?

When you’re running Home Assistant the “normal” way, i.e. not in a container, you can install Node Red using Add Ons within Home Assistant. But, when you are running Home Assistant in Docker, the Add Ons option does not exist in Home Assistant, so we can create a separate Docker container for Node Red.

Node Red Docker Setup

You can use this docker compose file and be done with it, but I will explain some additional security settings below:

services:
    node-red:
        container_name: mynodered
        image: nodered/node-red
        ports:
            - 1880:1880
        volumes:
            - node_red_data:/data
volumes:
    node_red_data:
        external: true
        name: node_red_data

However, I want to mount the volume on my host, so I will be using a bind mount, using this compose:

services:
    node-red:
	image: nodered/node-red
	container_name: mynodered
        env_file: stack.env
        ports:
            - 1880:1880
        volumes:
            - /your/path/here/:/data

If you’re using Portainer, add the line in purple so any environment variables you’ve defined can be pulled through.

Replace /your/path/here/ with the path on your host, and replace mynodered with a container name of your choice.

Because the node red container does not run as root, there is one additional step. Run this command on the host:

sudo chown -R 1000:1000 /your/path/here/

This will essentially give the non-root user node red runs as access to this folder.

To see what user the node red container runs as, bring up your compose, and run this command:

docker exec -it mynodered whoami


Securing Node Red

Node Red Credential Secret

By default, node red will generate its own secret to encrypt any credentials you might use in your flows, but it is advisable to rather generate your own secret that you can then back up.

On your host, go to /your/path/here/ and run this command:

nano settings.js

Find the line “module.exports” and add this line:

node red credential secret

You can then add an environment variable to your stack with your secret value. If you are using Portainer, just add an environment secret to the node red stack. Back this secret up and keep it secure.

You can read more here: https://nodered.org/docs/getting-started/docker

Adding a username and password to Node Red

By default, node red does not show a login page which means anyone on your network can access node red with having to log in.

Node Red supports pretty much all oAuth providers such as Google, Github, etc, but for my use case a simple admin user will suffice.

In order to generate the password for this admin user, which uses the BCrypt hashing algorithm, we need to connect to the node red container and generate the password. Run this command once connected to your node red container:

node-red admin hash-pw

It will ask you for a password and then provide you with the hash.

On your host, in settings.js, again under “module.exports” add this line:

adminAuth: {
        type: "credentials",
        users: [{
            username: "admin",
            password: "<the hash goes here>",
            permissions: "*"
        }]
    },

Now, when you load the node red page, it will prompt for the username and password. You will also see a user icon at the top right of the node red screen once logged in

Node Red prompting for username and password
User Icon top right once logged into node red


You can read more here: https://nodered.org/docs/user-guide/runtime/securing-node-red

How to integrate Node Red with Home Assistant

So Node Red and Home Assistant are both running in their own docker containers, and know nothing about each other. In this step we will integrate Node Red into Home Assistant so it can see our entities, devices, etc.

Step 1: Home Assistant Long Lived Access Token

In Home Assistant, generate a long lived access token. Copy the value and keep it safe, as the token will never be shown again:

Generate a Long Lived Access Token in Home Assistant


Step 2: Node Red Home Assistant module

In Node Red, click the hamburger menu and then “Manage Palete”

Node red manage palette

Click on Install and type in “home-assistant-” and install the websocket module. Make sure it is the one that has seen recent updates. Click install and wait a while.

Home Assistant Websocket module

Once installed, you will see a new palette on the right hand side, specifically to Home Assistant:

Home Assistant palette


Step 3: Link Node Red to Home Assistant

Now that we have the palette, we need to link it to our Home Assistant using that Long Lived Access Token. The easiest way to do this is to drag any Home Assistant node onto the canvas, double click it, and click the “+” icon next to “Add New Server

Add new home assistant server button

Enter your Home Assistant URL and port, and paste that long token:

Add new home assistant server details

If needed and depending on your config, you can tick these settings as well:

Additional home assistant server settings

At the top right click the deploy button:

Deploy button

To see if it all worked, drag another node to the canvas and see if it autocompletes your entities:

Autocomplete entities

necrolingus

Tech enthusiast and home labber