Remote Access to Node-RED running on embedded controller for off-grid energy

Victron Energy provides software to the Node-RED community to let users program their off-grid power installations visually. Secure remote access to this was the next step.

About the project

Victron Energy is a manufacturer of off-grid power equipment. They also provide their powerful 'Venus' devices running Venus OS that allow users to control and monitor their installations, both locally and remotely through Victron Remote Monitoring (VRM). Though not officially supported, they provide a collection of Node-RED modules for their customers to use. This runs locally on a Venus device, and so needs local access. Especially because some of these off-grid installations are in hard to reach locations, how great would it be when this can also be done remotely, without the user needing to set up VPNs and such.

Venus OS can utilize SSH tunnels to make 'Remote Console' possible, which is a VNC viewer for the local GUI (graphical user interface). With that system already in place, we saw an opportunity to also make it possible to access the Node-RED application running remotely. Of course, this needs to be very secure, and scale well.

We considered C++/Qt an ideal language and library for this purpose. It's fast, and offers good resource management for a server application. We wrote an application that takes care of authentication, authorization, session management and proxying of the connections. Because of the importance of security in this project, we then joined forces with a security company for a full code audit and penetration testing.

This service is now running on a geo-distributed set of servers to give users in every part of the world fast access to their remote Node-RED flows.