NederlandsKlik deze knop voor de Nederlandstalige website

IoT server: Mosquitto and Node Red on Raspberry Pi

Setting up your own local, private and secure ‘Internet of Things’ (IoT) server is easy with Mosquitto, Node Red and a Raspberry Pi. Sometimes this route is preferable to a cloud-based IoT solution. Because ‘the cloud‘ is just someone else’s computer, and you never know where your data will end up or when they will alter or terminate their services.

In this tutorial we will set up a basic server/broker using a Raspberry Pi (any model), Mosquitto and Node Red.

Mosquitto MQTT broker

MQTT (Message Queue Telemetry Transport) is a machine-to-machine messaging protocol for use on top of the TCP/IP protocol. It is designed to provide lightweight publish/subscribe communication to “Internet of Things” devices. It is commonly used for geo-tracking fleets of vehicles, home automation, sensor networks, and utility-scale data collection.

Mosquitto is a popular MQTT server (‘broker’) that has great community support and is easy to install and configure.

Node Red

Node-RED is a programming tool developed by IBM for wiring together hardware devices, APIs and online services. It provides a browser-based editor that makes it easy to wire together flows using a wide range of nodes that can be deployed to its runtime in a single click.

 

Preparing the Raspberry Pi

Download Raspbian Lite and write the image to your SD card. Install the SD card in the Raspberry Pi and boot the system. Log in to your Pi locally with the username ‘pi‘ and password ‘raspberry‘.
Start the configuration tool ‘raspi-config’:
sudo raspi-config

Mosquitto and Node Red on Raspberry Pi: screenshot of raspi-config
Mosquitto and Node Red on Raspberry Pi: screenshot of raspi-config
  • Change the username and password
  • Change the hostname
  • Go to ‘interfacing options’ > ‘SSH’ and  enable SSH
  • Enabe I2C and SPI if you want to use the GPIO pins

Exit the configuration tool and reboot the Pi:
sudo reboot
After rebooting, you can log in remotely using SSH and update the Raspbian package lists:
sudo apt-get update

Installing the Mosquitto MQTT broker

Download and install the required packages:
sudo apt-get install mosquitto mosquitto-clients

The MQTT broker is now operating on your Pi’s TCP port 1883.

If you are using the Chrome browser, you can test Mosquitto by installing the ‘MQTT Lens’ extension for Google Chrome.

Mosquitto and Node Red on Raspberry Pi: screenshot of the MQTT Lens Chrome extension
Mosquitto and Node Red on Raspberry Pi: screenshot of the MQTT Lens Chrome extension

Securing MQTT with passwords

By default, Mosquitto will allow anonymous access. We will now set Mosquitto up to require usernames and passwords from clients before they can connect. Use the utility mosquitto_passwd to generate the passwords file /etc/mosquitto/passwd:

sudo mosquitto_passwd -c /etc/mosquitto/passwd yourusernamehere

Replace ‘yourusernamehere’ with your new username. Then create a new (empty) configuration file which tells Mosquitto to use the passwords file:

sudo nano /etc/mosquitto/conf.d/default.conf

In the file, copy and paste the following two lines:

allow_anonymous false
password_file /etc/mosquitto/passwd

Save the file and restart the broker:

sudo systemctl restart mosquitto

You can now test Mosquitto again with MQTT Lens. It will be unable to connect to the broker unless you configure it to use your username and password.

 

Installing Node Red

Install the latest node.js, the run-time environment for executing JavaScript code server-side:

sudo apt-get install nodejs

Install Node Red:

sudo apt-get install nodered

Make Node Red start automatically when the Pi boots:

sudo systemctl enable nodered.service

Start Node Red:

sudo node-red

Now you can find the browser-based GUI of Node Red at http://<IP address of your Pi>:1880

Mosquitto and Node Red on Raspberry Pi: screenshot of the Node Red GUI
Mosquitto and Node Red on Raspberry Pi: screenshot of the Node Red GUI

Installing the Node Red dashboard

The dashboard extension for Node Red can be installed using either the Node Red GUI or using the shell. Using the shell commands in your Node-RED user directory (typically ~/.node-red):

sudo apt-get install npm
sudo npm i -g npm@2.x
sudo npm install node-red-dashboard
A restart of Node Red may be required.

Or using the Node Red GUI:

  • Enter the main menu (horizontal bars, top right)
  • Select “Manage palette”
  • Select the “Install” tab
  • Enter “node-red-dashboard” in the search box
  • Click the “install” button
  • After installing is done, click the ‘done’ buton
  • Reload the Node Red GUI in the browser (press F5)
  • You will find the tab “dashboard” on the right hand side

The dashboard is available at http://<IP address of your Pi>:1880/ui

Mosquitto and Node Red on Raspberry Pi: screenshot of node-red-dashboard
Mosquitto and Node Red on Raspberry Pi: screenshot of node-red-dashboard

Securing the Node Red GUI with a password

The security settings for Node Red can be found in the file /home/pi/.node-red/settings.js:

You need to uncomment the adminAuth sectiom, change the username and password hash.

To generate a new password hash, install the ‘node-red-admin’ tool:
sudo npm install -g node-red-admin
And generate a new hash:
node-red-admin hash-pw

Then edit the adminAuth sectiom to look like this:

Do not forget to insert your new username and password hash. Next time when you access the Node Red GUI, you will be asked for your username and password.

Mosquitto and Node Red on Raspberry Pi: screenshot of the Node Red GUI login screen
Mosquitto and Node Red on Raspberry Pi: screenshot of the Node Red GUI login screen

See also the next blog post: “IoT server: secure MQTT communication using TLS“.

This post is also available in Dutch.

4 Comments

Add a Comment

Your email address will not be published. Required fields are marked *