Clients/Buellton/Node-RED MQTT Bridge.md

Content

# Buellton — Node-RED MQTT Bridge

## Server Info

| Detail | Value |
|--------|-------|
| **Hostname** | `mqtt` |
| **IP (SCADA LAN)** | 10.0.0.99 (eth1) |
| **IP (Server LAN)** | 10.1.10.9 (eth0) |
| **Tailscale IP** | 100.70.221.47 |
| **SSH** | `autosys@10.0.0.99` / `@ut0sys!` |
| **OS** | Ubuntu 24.04.3 LTS, x86_64 |
| **Node-RED** | v4.1.4 on Node.js v18.20.8 |
| **Node-RED UI** | http://10.0.0.99:1880 |
| **Admin Auth** | Disabled (commented out in settings.js) |
| **Flows** | /home/autosys/.node-red/flows.json |
| **Service** | systemd `nodered.service` (enabled, runs as `autosys`) |
| **Disk** | 9.4% of 61GB used |
| **RAM** | ~52% used |

## Architecture

```
PLCs → Kepware (OPC UA, 10.0.0.50) → Node-RED (10.0.0.99) → MQTT → ThingsBoard (89.167.31.76:1883)
```

- **Kepware OPC UA server** runs on the SCADA server (10.0.0.50)
- **Node-RED** connects to Kepware via OPC UA client, reads ~25 tags
- **MQTT broker** is on the Hetzner ThingsBoard server (89.167.31.76:1883), NOT on this VM
- **ThingsBoard** receives MQTT data and displays on dashboards
- GeoSCADA alarm relay: GeoSCADA → system call → HTTP endpoint in Node-RED → ThingsBoard

## Network Interfaces

- **eth0** (10.1.10.9/24) — Server LAN (same subnet as SCADA server, gateway)
- **eth1** (10.0.0.99/24) — SCADA LAN (same subnet as PLCs, Kepware)
- **tailscale0** (100.70.221.47) — Remote access

## Known Issues

- OPC UA client timeouts observed March 3-5, 2026 (`BadConnectionClosed`, transaction timeouts)
- Likely caused by Kepware service restarts — connection recovers automatically
- Server has pending restart required (kernel update)

## Systemd Service

```ini
[Unit]
Description=Node-RED
After=network.target

[Service]
Type=simple
User=autosys
WorkingDirectory=/home/autosys
ExecStart=/usr/bin/node-red
Restart=on-failure
RestartSec=10
```

## Deployed

- **2026-01-28:** Initial setup — VM created, Node-RED installed, Kepware OPC UA bridge configured
- **2026-02-02:** ThingsBoard dashboards, alarm relay from GeoSCADA
- **2026-02-26:** Node-RED updated, customers/dashboards migrated to TB CE

Extracted Entities

Type	Key	Value	Confidence	Evidence
credential	SCADA Login	username: autosys / password: @ut0sys!	100%	\| SSH \| `autosys@10.0.0.99` / `@ut0sys!` \|
server	Node-RED SCADA LAN IP	10.0.0.99	100%	\| IP (SCADA LAN) \| 10.0.0.99 (eth1) \|
server	Node-RED Server LAN IP	10.1.10.9	100%	\| IP (Server LAN) \| 10.1.10.9 (eth0) \|
server	Node-RED Tailscale IP	100.70.221.47	100%	\| Tailscale IP \| 100.70.221.47 \|
server	Kepware OPC UA Server IP	10.0.0.50	100%	Kepware OPC UA server runs on the SCADA server (10.0.0.50)
server	MQTT Broker IP and Port	89.167.31.76:1883	100%	MQTT broker is on the Hetzner ThingsBoard server (89.167.31.76:1883)
server	Node-RED UI URL	http://10.0.0.99:1880	100%	\| Node-RED UI \| http://10.0.0.99:1880 \|
server	Node-RED Hostname	mqtt	100%	\| Hostname \| `mqtt` \|
system	Operating System	Ubuntu 24.04.3 LTS, x86_64	100%	\| OS \| Ubuntu 24.04.3 LTS, x86_64 \|
system	Node-RED Version	v4.1.4 on Node.js v18.20.8	100%	\| Node-RED \| v4.1.4 on Node.js v18.20.8 \|

File: Clients/Buellton/Node-RED MQTT Bridge.md
Updated: 2026-03-18 19:41:15.407390