I’d like to generate a websocket connection using node red websocket nodes
(this is nothing related to the websocket connection to home assistant itself, which works perfectly for me). Node Red websocket nodes assume an URL path relative to /endpoint on the node red server.
But the node red server is in a container, and URLs to it pass through the ingress mechanism.
Is there any way on the home assistant side to direct a specific URL to node-red for handling?
When Node-RED is installed as a Home Assistant add-on, the native Node-RED access for NR dashboard and inbound traffic (80/tcp) is still provided on port 1880 as usual, providing direct access. HA itself is exposed on port 8123.
The NR exposed port can be changed in the add-on UI config settings. Access still requires HA authorisation, but I believe that this can be turned off using the ‘leave_front_door_open’ option under the “Show unused optional configuration options” section. Not that this is ever recommended due to the inherent security risks involved, so I have never tested it myself.
As noted, Node-RED traffic can be received directly on port 1880 (by default) on the Home Assistant host, so you can connect to your websocket there. However, any URL path outside of /endpoint will require Home Assistant authentication in order to be accessed. If you’d like the websocket to be reachable without authentication, your options are:
Configure the websocket path to be under /endpoint.
Enable the leave_front_door_open configuration option in the add-on settings (not recommended as this will also leave the Node-RED editor accessible without authentication).
Install and use the Node-RED Plus add-on which will let you access paths outside of /endpoint without authentication while still keeping your editor secure.