Add: new candidate release (2.1.0-RC3)

.github/git-release-tool/git-release-tool.sh

@@ -1,352 +0,0 @@
-#!/bin/bash
-set -e
-
-# git-release-tool
-# This script is used to manually cut releases for the TIP OpenWIFI CloudSDK 2.x repos
-# For other details, see "usage" function or simply run script
-
-# Constants
-export PAGER=cat
-
-# Internal vars
-LOG_VERBOSITY_NUMBER=0
-REPO_TAGS_ARRAY=()
-
-# Helper functions
-## Logging functions
-log_notice() {
-  echo "[Notice] "$1
-}
-
-log_error() {
-  if [[ "$LOG_VERBOSITY_NUMBER" -ge 0 ]]; then
-    echo "[Error] "$1 >/dev/stderr
-  fi
-}
-
-log_info() {
-  if [[ "$LOG_VERBOSITY_NUMBER" -ge 1 ]]; then
-    echo "[Info] "$1
-  fi
-}
-
-log_debug() {
-  if [[ "$LOG_VERBOSITY_NUMBER" -ge 2 ]]; then
-    echo "[Debug] "$1
-  fi
-}
-
-## Usage info
-usage() {
-  echo
-  log_notice "$0 - script to cut releases for TIP OpenWIFI CloudSDK 2.x repos"
-  log_notice
-  log_notice "This script requires configuration file 'repositories.yaml' near the script and list of environment variables to work"
-  log_notice
-  log_notice "repositories.yaml file format:"
-  echo "deploy_repo_url: git@github.com:Telecominfraproject/wlan-cloud-ucentral-deploy.git # modify if repo name changes"
-  echo "repositories:"
-  echo "  - name: owgw-ui # should be the same as in image repository in helm values (i.e. tip-tip-wlan-cloud-ucentral.jfrog.io/owgw-ui)"
-  echo "    url: git@github.com:Telecominfraproject/wlan-cloud-owprov-ui.git # it's up to you to use SSH or HTTPS format and setup credentials for push/pull"
-  echo "    docker_compose_name: OWPROVUI # name of environment variable in docker-compose .env file containing image tag for the service"
-  log_notice
-  log_notice "List of required environment variables:"
-  log_notice "- RELEASE_VERSION - release version that should be applied to repositories. Should comply release nameing policy (valid example - 'v2.0.0')"
-  log_notice "- TAG_TYPE - type of tag that should be created for release (supported values - RC / FINAL)"
-  log_notice "- GIT_PUSH_CONFIRMED - confirmation that any changes should be pushed to git (dry-run if unset, set to 'true' to enable)"
-  log_notice
-  log_notice "You may increase log verbosity by setting environment variable LOG_VERBOSITY to required level (ERROR/INFO/DEBUG)"
-#
-}
-
-## Setting functions
-set_log_verbosity_number() {
-  # Log verbosity levels:
-  # 0 - ERROR
-  # 1 - INFO
-  # 2 - DEBUG
-  case $LOG_VERBOSITY in
-    ERROR )
-      LOG_VERBOSITY_NUMBER=0
-    ;;
-    INFO )
-      LOG_VERBOSITY_NUMBER=1
-    ;;
-    DEBUG )
-      LOG_VERBOSITY_NUMBER=2
-    ;;
-    * )
-      log_notice "Setting LOG_VERBOSITY to INFO by default"
-      LOG_VERBOSITY_NUMBER=1
-    ;;
-  esac
-}
-
-## Git manipulation functions
-modify_deploy_repo_values() {
-  NEW_RELEASE_TAG=$1
-  log_debug "NEW_RELEASE_TAG - $NEW_RELEASE_TAG"
-  REPOSITORIES_AMOUNT=$(cat ../repositories.yaml | yq ".repositories[].name" -r | wc -l)
-  for REPO_INDEX in $(seq 0 $(expr $REPOSITORIES_AMOUNT - 1)); do
-    REPO_URL=$(cat ../repositories.yaml | yq ".repositories[$REPO_INDEX].url" -r)
-    REPO_NAME_SUFFIXED=$(echo $REPO_URL | awk -F '/' '{print $NF}')
-    REPO_NAME_WITHOUT_SUFFIX=${REPO_NAME_SUFFIXED%.git}
-    REPO_DOCKER_COMPOSE_NAME=$(cat ../repositories.yaml | yq ".repositories[$REPO_INDEX].docker_compose_name" -r)
-    SERVICE_TAG="${REPO_TAGS_ARRAY[$REPO_INDEX]}"
-    log_debug "REPO_NAME_WITHOUT_SUFFIX - $REPO_NAME_WITHOUT_SUFFIX"
-    sed "s/$REPO_DOCKER_COMPOSE_NAME=.*/$REPO_DOCKER_COMPOSE_NAME=$SERVICE_TAG/" -i docker-compose/.env
-    sed "s/$REPO_DOCKER_COMPOSE_NAME=.*/$REPO_DOCKER_COMPOSE_NAME=$SERVICE_TAG/" -i docker-compose/.env.letsencrypt
-    sed "s/$REPO_DOCKER_COMPOSE_NAME=.*/$REPO_DOCKER_COMPOSE_NAME=$SERVICE_TAG/" -i docker-compose/.env.selfsigned
-    sed "/${REPO_NAME_WITHOUT_SUFFIX#*/}@/s/ref=.*/ref=$SERVICE_TAG\"/g" -i chart/Chart.yaml
-  done
-  if [[ "$(git diff | wc -l)" -eq "0" ]]; then
-    log_info "No changes in microservices found, new release is not required"
-  else
-    sed 's/^version: .*/version: '${NEW_RELEASE_TAG#v}'/' chart/Chart.yaml -i
-    if [[ "$GIT_PUSH_CONFIRMED" == "true" ]]; then
-      log_info "Updating helm dependencies:"
-      cd chart
-      helm dependency update
-      cd ..
-    else
-      log_info "Skipping helm charts update due to GIT_PUSH_CONFIRMED not being set to 'true'"
-    fi
-  fi
-  git diff
-}
-
-modify_values() {
-  NEW_RELEASE_TAG=$1
-  if [[ "$(basename $PWD)" == "deploy" ]]; then
-    modify_deploy_repo_values $NEW_RELEASE_TAG
-  else
-    sed "/repository: tip-tip-wlan-cloud-ucentral.jfrog.io\/$(basename $PWD)/!b;n;s/tag: .*/tag: $NEW_RELEASE_TAG/" -i helm/values.yaml
-  fi
-  if [[ "$LOG_VERBOSITY_NUMBER" -ge 2 ]]; then
-    log_debug "Diff to me commited:"
-    git diff
-  fi
-  git add .
-  git commit -m"Chg: update image tag in helm values to $NEW_RELEASE_TAG"
-}
-
-push_changes() {
-  CURRENT_RELEASE=$(git rev-parse --abbrev-ref HEAD)
-  if [[ "$GIT_PUSH_CONFIRMED" == "true" ]]; then
-    log_info "Pushing branch changes and tags:"
-    git push -u origin $CURRENT_RELEASE
-    git push --tags
-  else
-    log_info "Skipping pushing of branch and tags due to GIT_PUSH_CONFIRMED not being set to 'true'"
-  fi
-}
-
-create_tag() {
-  CURRENT_RELEASE_VERSION=$(git rev-parse --abbrev-ref HEAD | awk -F 'release/' '{print $2}')
-  TAG_TYPE_LOWERED=$(echo $TAG_TYPE | tr '[:upper:]' '[:lower:]')
-  if [[ "$TAG_TYPE_LOWERED" == "final" ]]; then
-    log_debug "Creating final tag"
-    modify_values $CURRENT_RELEASE_VERSION
-    git tag $CURRENT_RELEASE_VERSION
-    push_changes
-    REPO_TAGS_ARRAY+=($CURRENT_RELEASE_VERSION)
-  else
-    log_debug "Checking if there are tags in the current release branch"
-    LATEST_RELEASE_TAG=$(git tag | grep $CURRENT_RELEASE_VERSION | tail -1)
-    log_debug "Latest release tag found - '$LATEST_RELEASE_TAG'"
-    if [[ -z "$LATEST_RELEASE_TAG" ]]; then
-      log_info "There are no tags in the release branch, creating the first one"
-      NEW_RELEASE_TAG=$CURRENT_RELEASE_VERSION-RC1
-      log_debug "New tag - $NEW_RELEASE_TAG"
-      modify_values $NEW_RELEASE_TAG
-      git tag $NEW_RELEASE_TAG
-      push_changes
-      REPO_TAGS_ARRAY+=($NEW_RELEASE_TAG)
-    else
-      if [[ "$(basename $PWD)" == "deploy" ]]; then
-        NEW_RC=$(echo $LATEST_RELEASE_TAG | awk -F 'RC' '{print $2}')
-        NEW_RC=$(expr $NEW_RC + 1)
-        log_debug "New RC to create - $NEW_RC"
-        NEW_RELEASE_TAG=$CURRENT_RELEASE_VERSION-RC$NEW_RC
-        modify_deploy_repo_values $NEW_RELEASE_TAG
-        if [[ "v$(cat chart/Chart.yaml | yq '.version' -r)" == "$NEW_RELEASE_TAG" ]]; then
-          git add .
-          git commit -m"Chg: update image tag in helm values to $NEW_RELEASE_TAG"
-          git tag $NEW_RELEASE_TAG
-          push_changes
-          log_info "New tag $NEW_RELEASE_TAG was created and pushed"
-          REPO_TAGS_ARRAY+=($NEW_RELEASE_TAG)
-        else
-          log_info "New tag for deploy repo is not required, saving existing one ($LATEST_RELEASE_TAG)"
-          REPO_TAGS_ARRAY+=($LATEST_RELEASE_TAG)
-        fi
-      else
-        log_debug "Checking if the latest tag is on the latest commit"
-        LATEST_REVISION=$(git rev-parse HEAD)
-        LATEST_RELEASE_TAG_REVISION=$(git rev-parse $LATEST_RELEASE_TAG)
-        log_debug "Latest revision ----- $LATEST_REVISION"
-        log_debug "Latest tag revision - $LATEST_RELEASE_TAG_REVISION"
-        if [[ "$LATEST_REVISION" == "$LATEST_RELEASE_TAG_REVISION" ]]; then
-          log_info "Existing tag $LATEST_RELEASE_TAG is pointing to the latest commit in the release branch"
-          REPO_TAGS_ARRAY+=($LATEST_RELEASE_TAG)
-        else
-          NEW_RC=$(echo $LATEST_RELEASE_TAG | awk -F 'RC' '{print $2}')
-          NEW_RC=$(expr $NEW_RC + 1)
-          log_debug "New RC to create - $NEW_RC"
-          NEW_RELEASE_TAG=$CURRENT_RELEASE_VERSION-RC$NEW_RC
-          modify_values $NEW_RELEASE_TAG
-          git tag $NEW_RELEASE_TAG
-          push_changes
-          log_info "New tag $NEW_RELEASE_TAG was created and pushed"
-          REPO_TAGS_ARRAY+=($NEW_RELEASE_TAG)
-        fi
-      fi
-    fi
-  fi
-}
-
-check_final_tag() {
-  CURRENT_RELEASE_VERSION=$(git rev-parse --abbrev-ref HEAD | awk -F 'release/' '{print $2}')
-  log_debug "Amount of final tags found - $(git tag | grep -x $CURRENT_RELEASE_VERSION | wc -l)"
-  if [[ "$(git tag | grep -x $CURRENT_RELEASE_VERSION | wc -l)" -gt "0" ]]; then
-    log_error "Final tag $CURRENT_RELEASE_VERSION already exists in release branch"
-    exit 1
-  fi
-}
-
-check_git_tags() {
-  CURRENT_RELEASE_VERSION=$(git rev-parse --abbrev-ref HEAD | awk -F 'release/' '{print $2}')
-  RELEASE_TAGS_AMOUNT=$(git tag | grep $CURRENT_RELEASE_VERSION | wc -l)
-  log_debug "Amount of tags linked with the release - $RELEASE_TAGS_AMOUNT"
-  if [[ "$RELEASE_TAGS_AMOUNT" -gt "0" ]]; then
-    check_final_tag
-  fi
-  create_tag
-}
-
-check_release_branch() {
-  RELEASE_BRANCH=$1
-  git checkout $RELEASE_BRANCH -q
-  check_git_tags
-}
-
-create_release_branch() {
-  git checkout -b release/$RELEASE_VERSION -q
-  check_release_branch release/$RELEASE_VERSION
-}
-
-check_if_release_branch_required() {
-  LATEST_RELEASE_BRANCH=$(git branch -r | grep 'release/' | tail -1 | xargs)
-  log_debug "Latest release branch available - $LATEST_RELEASE_BRANCH"
-  if [[ -z "$LATEST_RELEASE_BRANCH" ]]; then
-    log_info "Could not find a single release branch, creating it"
-    create_release_branch $RELEASE_VERSION
-  else
-    LAST_RELEASE_DIFF_LINES_AMOUNT=$(git diff $LATEST_RELEASE_BRANCH ':(exclude)helm/values.yaml' | wc -l)
-    if [[ "$LAST_RELEASE_DIFF_LINES_AMOUNT" -eq "0" ]]; then
-      log_info "There are no changes in project since the latest release branch $LATEST_RELEASE_BRANCH so we will use tag from it"
-      LATEST_RELEASE=$(echo $LATEST_RELEASE_BRANCH | awk -F 'origin/' '{print $2}')
-      LATEST_RELEASE_TAG=$(git tag | grep -x $LATEST_RELEASE | tail -1)
-      if [[ -z "$LATEST_RELEASE_TAG" ]]; then
-        log_info "Could not find any tags for $LATEST_RELEASE release, creating it"
-        check_release_branch $LATEST_RELEASE
-      else
-        log_info "Latest release tag found - $LATEST_RELEASE_TAG"
-        REPO_TAGS_ARRAY+=($LATEST_RELEASE_TAG)
-      fi 
-    else
-      create_release_branch $RELEASE_VERSION
-    fi
-  fi
-}
-
-create_repo_version() {
-  CWD=$PWD
-  REPO_NAME=$1
-  REPO_URL=$2
-  rm -rf $REPO_NAME
-  git clone -q $REPO_URL $REPO_NAME
-  cd $REPO_NAME
-  DEFAULT_BRANCH=$(git rev-parse --abbrev-ref HEAD)
-  RELEASE_BRANCH=$(git branch -r | grep $RELEASE_VERSION | awk -F 'origin/' '{print $2}' | xargs)
-  log_debug "Release branch to check - '$RELEASE_BRANCH'"
-  if [[ ! -z "$RELEASE_BRANCH" ]]; then
-    log_info "Release branch $RELEASE_BRANCH exists in the repository, checking if it has tags"
-    check_release_branch $RELEASE_BRANCH
-  else
-    log_info "Release branch does not exists in the repository, checking if we need to create it"
-    check_if_release_branch_required $DEFAULT_BRANCH
-  fi
-  log_info "Release commit info:"
-  git show
-  cd $CWD
-  rm -rf $REPO_NAME
-}
-
-# Log level setup
-set_log_verbosity_number
-
-# Check system requirements
-if ! command -v yq &> /dev/null; then
-    log_error "Command yq could not be found"
-    usage
-    exit 2
-fi
-if ! command -v sed &> /dev/null; then
-    log_error "Command sed could not be found"
-    usage
-    exit 2
-fi
-if ! command -v helm &> /dev/null; then
-    log_error "Command helm could not be found"
-    usage
-    exit 2
-fi
-if [[ "$(helm plugin list | grep -wP '(helm-git|diff)' | wc -l)" -ne "2" ]]; then
-    log_error "Helm plugins (helm-git and/or diff) are missing"
-    usage
-    exit 2
-fi
-
-# Check variables
-log_debug "Release version: ${RELEASE_VERSION}"
-[ -z ${RELEASE_VERSION+x} ] && echo "RELEASE_VERSION is unset" && usage && exit 3
-echo "${RELEASE_VERSION}" | grep -xP "v(\d)+\.(\d)+\.\d+" >/dev/null || (log_error "RELEASE_VERSION is not in the right notation (correct example - v2.2.0)" && usage && exit 3)
-log_debug "Tag type: ${TAG_TYPE}"
-[ -z ${TAG_TYPE+x} ] && echo "TAG_TYPE is unset" && usage && exit 3
-echo "${TAG_TYPE}" | tr '[:upper:]' '[:lower:]' | grep -xP "(rc|final)" >/dev/null || (log_error "TAG_TYPE is not in the supported values ('rc' or 'final', case insensitive)" && usage && exit 3)
-
-# Main body
-REPOSITORIES_AMOUNT=$(cat repositories.yaml | yq ".repositories[].name" -r | wc -l)
-DEPLOY_REPO_URL=$(cat repositories.yaml | yq ".deploy_repo_url" -r)
-log_debug "DEPLOY_REPO_URL - $DEPLOY_REPO_URL"
-
-log_info "Checking repositories"
-log_info "Found $REPOSITORIES_AMOUNT repos to process"
-for REPO_INDEX in $(seq 0 $(expr $REPOSITORIES_AMOUNT - 1)); do
-  echo
-  REPO_NAME=$(cat repositories.yaml | yq ".repositories[$REPO_INDEX].name" -r)
-  REPO_URL=$(cat repositories.yaml | yq ".repositories[$REPO_INDEX].url" -r)
-  REPO_DOCKER_COMPOSE_NAME=$(cat repositories.yaml | yq ".repositories[$REPO_INDEX].docker_compose_name" -r)
-  log_debug "REPO_NAME - $REPO_NAME"
-  log_debug "REPO_URL - $REPO_URL"
-  log_debug "REPO_DOCKER_COMPOSE_NAME - $REPO_DOCKER_COMPOSE_NAME"
-  log_info "Processing repository '$REPO_NAME'"
-  create_repo_version $REPO_NAME $REPO_URL
-done
-log_debug "Tags per project: ${REPO_TAGS_ARRAY[*]}"
-
-echo
-log_info "Preparing changes in deploy repo"
-create_repo_version "deploy" $DEPLOY_REPO_URL
-
-echo
-log_info "Services versions:"
-for REPO_INDEX in $(seq 0 $(expr $REPOSITORIES_AMOUNT - 1)); do
-  REPO_NAME=$(cat repositories.yaml | yq ".repositories[$REPO_INDEX].name" -r)
-  log_info "- $REPO_NAME - ${REPO_TAGS_ARRAY[$REPO_INDEX]}"
-done
-log_info "Deployment repo version - ${REPO_TAGS_ARRAY[-1]}"
-if [[ "$GIT_PUSH_CONFIRMED" != "true" ]]; then
-  log_info "To apply changes described above, set GIT_PUSH_CONFIRMED to 'true' and rerun this script"
-fi

.github/git-release-tool/repositories.yaml

@@ -1,20 +0,0 @@
-deploy_repo_url: https://github.com/Telecominfraproject/wlan-cloud-ucentral-deploy.git
-repositories:
-  - name: owgw
-    url: https://github.com/Telecominfraproject/wlan-cloud-ucentralgw.git
-    docker_compose_name: OWGW_TAG
-  - name: owsec
-    url: https://github.com/Telecominfraproject/wlan-cloud-ucentralsec.git
-    docker_compose_name: OWSEC_TAG
-  - name: owfms
-    url: https://github.com/Telecominfraproject/wlan-cloud-ucentralfms.git
-    docker_compose_name: OWFMS_TAG
-  - name: owgw-ui
-    url: https://github.com/Telecominfraproject/wlan-cloud-ucentralgw-ui.git
-    docker_compose_name: OWGWUI_TAG
-#  - name: owprov-ui
-#    url: https://github.com/Telecominfraproject/wlan-cloud-owprov-ui.git
-#    docker_compose_name: OWPROVUI_TAG
-#  - name: owprov
-#    url: https://github.com/Telecominfraproject/wlan-cloud-owprov.git
-#    docker_compose_name: OWPROV_TAG

.github/workflows/clustersysteminfo_image_ci.yml

@@ -1,67 +0,0 @@
-name: Build cluster systeminfo checker image
-
-on:
-  push:
-    branches:
-      - main
-    tags:
-      - 'v*'
-  # TODO delete after tests
-  pull_request:
-    branches:
-      - main
-
-defaults:
-  run:
-    shell: bash
-
-jobs:
-  docker:
-    runs-on: ubuntu-20.04
-    env:
-      DOCKER_REGISTRY_URL: tip-tip-wlan-cloud-ucentral.jfrog.io
-      DOCKER_REGISTRY_USERNAME: ucentral
-    steps:
-    - uses: actions/checkout@v2
-
-    - name: Build Docker image
-      working-directory: chart/docker
-      run: docker build -t wlan-cloud-clustersysteminfo:${{ github.sha }} .
-
-    - name: Tag Docker image
-      run: |
-        TAGS="${{ github.sha }}"
-
-        if [[ ${GITHUB_REF} == "refs/heads/"* ]]
-        then
-          CURRENT_TAG=$(echo ${GITHUB_REF#refs/heads/} | tr '/' '-')
-          TAGS="$TAGS $CURRENT_TAG"
-        else
-          if [[ ${GITHUB_REF} == "refs/tags/"* ]]
-          then
-            CURRENT_TAG=$(echo ${GITHUB_REF#refs/tags/} | tr '/' '-')
-            TAGS="$TAGS $CURRENT_TAG"
-          else # PR build
-            CURRENT_TAG=$(echo ${GITHUB_HEAD_REF#refs/heads/} | tr '/' '-')
-            TAGS="$TAGS $CURRENT_TAG"
-          fi
-        fi
-
-        echo "Result tags: $TAGS"
-
-        for tag in $TAGS; do
-          docker tag wlan-cloud-clustersysteminfo:${{ github.sha }} ${{ env.DOCKER_REGISTRY_URL }}/clustersysteminfo:$tag
-        done
-
-    - name: Log into Docker registry
-      if: startsWith(github.ref, 'refs/tags/') || startsWith(github.ref, 'refs/pull/') || github.ref == 'refs/heads/main'
-      uses: docker/login-action@v1
-      with:
-        registry: ${{ env.DOCKER_REGISTRY_URL }}
-        username: ${{ env.DOCKER_REGISTRY_USERNAME }}
-        password: ${{ secrets.DOCKER_REGISTRY_PASSWORD }}
-
-    - name: Push Docker images
-      if: startsWith(github.ref, 'refs/tags/') || startsWith(github.ref, 'refs/pull/') || github.ref == 'refs/heads/main'
-      run: |
-        docker images | grep ${{ env.DOCKER_REGISTRY_URL }}/clustersysteminfo | awk -F ' ' '{print $1":"$2}' | xargs -I {} docker push {}

.github/workflows/enforce-jira-issue-key.yml

@@ -1,22 +0,0 @@
-name: Ensure Jira issue is linked
-
-on:
-  pull_request:
-    types: [opened, edited, reopened, synchronize]
-
-jobs:
-  check_for_issue_key:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout actions repo
-        uses: actions/checkout@v2
-        with:
-          repository: Telecominfraproject/.github
-          path: github
-
-      - name: Run JIRA check
-        uses: ./github/composite-actions/enforce-jira-issue-key
-        with:
-          jira_base_url: ${{ secrets.TIP_JIRA_URL }}
-          jira_user_email: ${{ secrets.TIP_JIRA_USER_EMAIL }}
-          jira_api_token: ${{ secrets.TIP_JIRA_API_TOKEN }}

.github/workflows/git-release.yml

@@ -1,59 +0,0 @@
-name: Create new release for OpenWIFI 2.x services
-
-on:
-  workflow_dispatch:
-    inputs:
-      release_version:
-        description: 'Release version to create (i.e. v2.4.0)'
-        required: true
-      tag_type:
-        default: 'rc'
-        description: 'Tag type to create (final OR rc)'
-        required: true
-      push_confirm:
-        default: ''
-        description: 'Set to "true" if changes should be pushed (dry-run enabled by default)'
-        required: false
-      log_level:
-        default: 'INFO'
-        description: 'Log level for the script (ERROR/INFO/DEBUG)'
-        required: false
-
-defaults:
-  run:
-    shell: bash
-
-jobs:
-  create_release:
-    runs-on: ubuntu-latest
-    steps:
-    - name: Checkout repo
-      uses: actions/checkout@v2
-      with:
-        path: wlan-cloud-ucentral-deploy
-
-    - name: Install system dependencies
-      run: |
-        pip3 install yq
-        helm plugin install https://github.com/databus23/helm-diff
-        helm plugin install https://github.com/aslafy-z/helm-git
-        ls ~/.local/share/helm/plugins/helm-git/helm-git-plugin.sh || true
-        sed 's/--skip-refresh //' -i ~/.local/share/helm/plugins/helm-git/helm-git-plugin.sh
-
-    - name: Run release creation script
-      working-directory: wlan-cloud-ucentral-deploy/.github/git-release-tool
-      run: |
-        export RELEASE_VERSION=${{ github.event.inputs.release_version }}
-        export TAG_TYPE=${{ github.event.inputs.tag_type }}
-        export GIT_PUSH_CONFIRMED=${{ github.event.inputs.push_confirm }}
-        export LOG_VERBOSITY=${{ github.event.inputs.log_level }}
-        mkdir -p ~/.ssh
-        chmod -R 700 ~/.ssh
-        ssh-keyscan -H github.com >> ~/.ssh/known_hosts
-        echo https://tip-automation:${{ secrets.GIT_PUSH_PAT }}@github.com > ~/.git-credentials
-        git config --global credential.helper store
-        git config --global user.email "tip-automation@telecominfraproject.com"
-        git config --global user.name "TIP Automation User"
-        helm repo add bitnami https://charts.bitnami.com/bitnami
-        helm repo update
-        ./git-release-tool.sh

.github/workflows/release.yml

@@ -74,15 +74,3 @@ jobs:
         with:
           body_path: wlan-cloud-ucentral-deploy/chart/release.txt
           files: wlan-cloud-ucentral-deploy/chart/dist/*
-
-  trigger-testing:
-    runs-on: ubuntu-latest
-    needs: helm-package
-    steps:
-    - name: Trigger testing of release
-      uses: peter-evans/repository-dispatch@v1
-      with:
-        token: ${{ secrets.WLAN_TESTING_PAT }}
-        repository: Telecominfraproject/wlan-testing
-        event-type: new-ap-release
-        client-payload: '{"ref": "${GITHUB_REF#refs/tags/}", "sha": "${{ github.sha }}"}'

.gitignore

@@ -1,5 +1,8 @@
 *.swp
 chart/charts/*
+!chart/charts/.gitkeep
 /docker-compose/certs/
-/docker-compose/*_data
-/docker-compose/owls/*_data
+/docker-compose/*-data/data/
+/docker-compose/*-data/uploads/
+/docker-compose/.env
+/docker-compose/.env_*

README.md

@@ -15,6 +15,6 @@ This is a short version of [uCentral branching model](https://telecominfraprojec
 
 1. Create release branch with next Chart version (check Git tags for the latest version - for example if latest tag was `v0.1.0`, create release branch `release/v0.1.1`), set required microservices tags in refs in Chart.yaml (for example, if we want to have this version to be tied to ucentralgw release version `v2.0.0`, we should set it’s repository to `"git+https://github.com/Telecominfraproject/wlan-cloud-ucentralgw@helm?ref=v2.0.0"`).
 2. Increase Helm version in [Chart.yaml](./chart/Chart.yaml) to the same version as Git tag (for example if the latest git tag is `v0.1.0`, set version `0.1.1` (**without v in it**) in Chart.yaml).
-3. Also increase the microservice image tags used by the Docker Compose deployments according to the release in the 'Image tags' section of the `docker-compose/.env`, `docker-compose/.env.selfsigned` and `docker-compose/.env.letsencrypt` files.
+3. Also increase the microservice image tags used by the Docker Compose deployment according to the release in the [.env](./docker-compose/.env) file.
 4. Create new git tag from release branch. The Git tag should have the same name as the intended release version. Once the tag is pushed to the repo, Github will trigger a build process that will create an assembly Helm chart bundle with all version fixed to the release equal to the Git tag name and will publish it to the public Artifactory and as GitHub release asset.
 5. Release to the QA namespace using the packaged Helm assembly chart to verify there are no issues related to the deployment.

chart/Chart.lock

@@ -1,27 +1,21 @@
 dependencies:
-- name: owgw
-  repository: git+https://github.com/Telecominfraproject/wlan-cloud-ucentralgw@helm?ref=master
+- name: ucentralgw
+  repository: git+https://github.com/Telecominfraproject/wlan-cloud-ucentralgw@helm?ref=v2.1.0-RC3
   version: 0.1.0
-- name: owsec
-  repository: git+https://github.com/Telecominfraproject/wlan-cloud-ucentralsec@helm?ref=main
+- name: ucentralsec
+  repository: git+https://github.com/Telecominfraproject/wlan-cloud-ucentralsec@helm?ref=v2.1.0-RC1
   version: 0.1.0
-- name: owfms
-  repository: git+https://github.com/Telecominfraproject/wlan-cloud-ucentralfms@helm?ref=main
+- name: ucentralfms
+  repository: git+https://github.com/Telecominfraproject/wlan-cloud-ucentralfms@helm?ref=v2.1.0-RC1
   version: 0.1.0
-- name: owprov
-  repository: git+https://github.com/Telecominfraproject/wlan-cloud-owprov@helm?ref=main
-  version: 0.1.0
-- name: owgwui
-  repository: git+https://github.com/Telecominfraproject/wlan-cloud-ucentralgw-ui@helm?ref=main
-  version: 0.1.0
-- name: owprovui
-  repository: git+https://github.com/Telecominfraproject/wlan-cloud-owprov-ui@helm?ref=main
+- name: ucentralgwui
+  repository: git+https://github.com/Telecominfraproject/wlan-cloud-ucentralgw-ui@helm?ref=v2.1.0-RC1
   version: 0.1.0
 - name: rttys
-  repository: git+https://github.com/Telecominfraproject/wlan-cloud-ucentralgw-rtty@chart?ref=main
+  repository: git+https://github.com/Telecominfraproject/wlan-cloud-ucentralgw-rtty@chart?ref=v0.1.0
   version: 0.1.0
 - name: kafka
   repository: https://charts.bitnami.com/bitnami
   version: 13.0.2
-digest: sha256:3de20b44745484d6e2980d34b3d9e95c92b93537facb2a0bb62c75e583ef444f
-generated: "2021-10-26T16:27:32.319129019+03:00"
+digest: sha256:dd01079e0cd254744f00f3f85259ebd0c9893b965c9724819e40c4c912be20e4
+generated: "2021-09-08T13:12:25.763485669+03:00"

chart/Chart.yaml

@@ -1,38 +1,27 @@
 apiVersion: v2
-name: openwifi
+name: wlan-cloud-ucentral
 appVersion: "1.0"
 description: A Helm chart for Kubernetes
-version: 0.1.0
+version: 2.1.0-RC3
 dependencies:
-- name: owgw
-  repository: "git+https://github.com/Telecominfraproject/wlan-cloud-ucentralgw@helm?ref=master"
+- name: ucentralgw
+  repository: "git+https://github.com/Telecominfraproject/wlan-cloud-ucentralgw@helm?ref=v2.1.0-RC3"
   version: 0.1.0
-- name: owsec
-  repository: "git+https://github.com/Telecominfraproject/wlan-cloud-ucentralsec@helm?ref=main"
+- name: ucentralsec
+  repository: "git+https://github.com/Telecominfraproject/wlan-cloud-ucentralsec@helm?ref=v2.1.0-RC1"
   version: 0.1.0
-- name: owfms
-  repository: "git+https://github.com/Telecominfraproject/wlan-cloud-ucentralfms@helm?ref=main"
+- name: ucentralfms
+  repository: "git+https://github.com/Telecominfraproject/wlan-cloud-ucentralfms@helm?ref=v2.1.0-RC1"
   version: 0.1.0
-- name: owprov
-  repository: "git+https://github.com/Telecominfraproject/wlan-cloud-owprov@helm?ref=main"
-  version: 0.1.0
-- name: owgwui
-  repository: "git+https://github.com/Telecominfraproject/wlan-cloud-ucentralgw-ui@helm?ref=main"
-  version: 0.1.0
-- name: owprovui
-  repository: "git+https://github.com/Telecominfraproject/wlan-cloud-owprov-ui@helm?ref=main"
+- name: ucentralgwui
+  repository: "git+https://github.com/Telecominfraproject/wlan-cloud-ucentralgw-ui@helm?ref=v2.1.0-RC1"
   version: 0.1.0
+  condition: ucentralgwui.enabled
 - name: rttys
-  repository: "git+https://github.com/Telecominfraproject/wlan-cloud-ucentralgw-rtty@chart?ref=main"
+  repository: "git+https://github.com/Telecominfraproject/wlan-cloud-ucentralgw-rtty@chart?ref=v0.1.0"
   version: 0.1.0
+  condition: rttys.enabled
 - name: kafka
   repository: https://charts.bitnami.com/bitnami
   version: 13.0.2
-- name: owls
-  repository: "git+https://github.com/Telecominfraproject/wlan-cloud-owls@helm?ref=main"
-  version: 0.1.0
-  condition: owls.enabled
-- name: owlsui
-  repository: "git+https://github.com/Telecominfraproject/wlan-cloud-owls-ui@helm?ref=master"
-  version: 0.1.0
-  condition: owlsui.enabled
+  condition: kafka.enabled

chart/README.md

@@ -1,6 +1,6 @@
-# openwifi
+# ucentralgw
 
-This Helm chart helps to deploy OpenWIFI Cloud SDK with all required dependencies to the Kubernetes clusters. Purpose of this chart is to setup correct connections between other microservices and other dependencies with correct Values and other charts as dependencies in [chart definition](Chart.yaml)
+This Helm chart helps to deploy uCentral with all required dependencies to the Kubernetes clusters. Purpose of this chart is to setup correct connections between other microservices and other dependencies with correct Values and other charts as dependencies in [chart definition](Chart.yaml)
 
 ## TL;DR;
 
@@ -10,11 +10,9 @@ This Helm chart helps to deploy OpenWIFI Cloud SDK with all required dependencie
 $ helm install .
 ```
 
-Then change the default password as described in [owsec docs](https://github.com/Telecominfraproject/wlan-cloud-ucentralsec/tree/main#changing-default-password).
-
 ## Introduction
 
-This chart bootstraps the OpenWIFI Cloud SDK on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager.
+This chart bootstraps an uCentral on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager.
 
 Current dependencies may be found in [chart definition](Chart.yaml) and list will be extended when new services will be introduced.
 
@@ -26,7 +24,7 @@ To install the chart with the release name `my-release`:
 $ helm install --name my-release git+https://github.com/Telecominfraproject/wlan-cloud-ucentral-deploy/@chart?ref=main
 ```
 
-The command deploys the OpenWIFI Cloud SDK on the Kubernetes cluster in the default configuration. The [configuration](#configuration) section lists the parameters that will be overwritten above default values from dependent charts.
+The command deploys ucentralgw on the Kubernetes cluster in the default configuration. The [configuration](#configuration) section lists the parameters that will be overwritten above default values from dependent charts.
 
 > **Tip**: List all releases using `helm list`
 
@@ -36,10 +34,6 @@ If you need to update your release, it could be required to update your helm cha
 helm dependency update
 ```
 
-#### Required password changing on the first startup
-
-One important action that must be done before using the deployment is changing password for the default user in owsec as described in [owsec docs](https://github.com/Telecominfraproject/wlan-cloud-ucentralsec/tree/main#changing-default-password). Please use these docs to find the actions that must be done **after** the deployment in order to start using your deployment.
-
 ## Uninstalling the Chart
 
 To uninstall/delete the `my-release` deployment:
@@ -56,12 +50,10 @@ The following table lists the configurable parameters that overrides microservic
 
 | Parameter | Type | Description | Default |
 |-----------|------|-------------|---------|
-| `owgw.configProperties."openwifi\.kafka\.enable"` | string | Configures OpenWIFI Gateway to use Kafka for communication | `'true'` |
-| `owgw.configProperties."openwifi\.kafka\.brokerlist"` | string | Sets up Kafka broker list for OpenWIFI Gateway to the predictable Kubernetes service name (see `kafka.fullnameOverride` option description for details) | `'kafka:9092'` |
-| `owsec.configProperties."openwifi\.kafka\.enable"` | string | Configures OpenWIFI Security to use Kafka for communication | `'true'` |
-| `owsec.configProperties."openwifi\.kafka\.brokerlist"` | string | Sets up Kafka broker list for OpenWIFI Security to the predictable Kubernetes service name (see `kafka.fullnameOverride` option description for details) | `'kafka:9092'` |
-| `owfms.configProperties."openwifi\.kafka\.enable"` | string | Configures OpenWIFI Firmware to use Kafka for communication | `'true'` |
-| `owfms.configProperties."openwifi\.kafka\.brokerlist"` | string | Sets up Kafka broker list for OpenWIFI Firmware to the predictable Kubernetes service name (see `kafka.fullnameOverride` option description for details) | `'kafka:9092'` |
+| `ucentralgw.configProperties."ucentral\.kafka\.enable"` | string | Configures uCentralGW to use Kafka for communication | `'true'` |
+| `ucentralgw.configProperties."ucentral\.kafka\.brokerlist"` | string | Sets up Kafka broker list for uCentralGW to the predictable Kubernetes service name (see `kafka.fullnameOverride` option description for details) | `'kafka:9092'` |
+| `ucentralsec.configProperties."ucentral\.kafka\.enable"` | string | Configures uCentralSec to use Kafka for communication | `'true'` |
+| `ucentralsec.configProperties."ucentral\.kafka\.brokerlist"` | string | Sets up Kafka broker list for uCentralSec to the predictable Kubernetes service name (see `kafka.fullnameOverride` option description for details) | `'kafka:9092'` |
 | `rttys.enabled` | boolean | Enables [rttys](https://github.com/Telecominfraproject/wlan-cloud-ucentralgw-rtty) deployment | `True` |
 | `rttys.config.token` | string | Sets default rttys token |  |
 | `kafka.enabled` | boolean | Enables [kafka](https://github.com/bitnami/charts/blob/master/bitnami/kafka/) deployment | `True` |
@@ -70,6 +62,7 @@ The following table lists the configurable parameters that overrides microservic
 | `kafka.image.repository` | string | Kafka Docker image repository | `'bitnami/kafka'` |
 | `kafka.image.tag` | string | Kafka Docker image tag | `'2.8.0-debian-10-r43'` |
 | `kafka.minBrokerId` | number | Sets Kafka minimal broker ID (useful for multi-node Kafka installations) | `100` |
+| `ucentralgwui.enabled` | boolean | Enables [uCentralGW-UI](https://github.com/Telecominfraproject/wlan-cloud-ucentralgw-ui) deployment | `True` |
 
 If required, further overrides may be passed. They will be merged with default values from this chart and other subcharts with priority to values you'll pass.
 
@@ -77,11 +70,11 @@ Specify each parameter using the `--set key=value[,key=value]` argument to `helm
 
 ```bash
 $ helm install --name my-release \
-  --set owgw.replicaCount=1 \
+  --set ucentralgw.replicaCount=1 \
     .
 ```
 
-The above command sets that only 1 instance of OpenWIFI Gateway to be running
+The above command sets that only 1 instance of ucentralgw to be running
 
 Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example,
 

chart/docker/Dockerfile

@@ -1,46 +0,0 @@
-FROM alpine:latest AS base
-
-RUN apk add curl git jq bash
-
-WORKDIR /cli
-
-# OWGW
-ARG OWGW_VERSION=master
-RUN git clone https://github.com/Telecominfraproject/wlan-cloud-ucentralgw.git owgw \
-  && cd owgw \
-  && git checkout $OWGW_VERSION \
-  && cd /cli \
-  && cp owgw/test_scripts/curl/cli owgw_cli \
-  && rm -rf owgw
-
-# OWSEC
-ARG OWSEC_VERSION=main
-RUN git clone https://github.com/Telecominfraproject/wlan-cloud-ucentralsec.git owsec \
-  && cd owsec \
-  && git checkout $OWSEC_VERSION \
-  && cd /cli \
-  && cp owsec/test_scripts/curl/cli owsec_cli \
-  && rm -rf owsec
-
-# OWFMS
-ARG OWFMS_VERSION=main
-RUN git clone https://github.com/Telecominfraproject/wlan-cloud-ucentralfms.git owfms \
-  && cd owfms \
-  && git checkout $OWFMS_VERSION \
-  && cd /cli \
-  && cp owfms/test_scripts/curl/cli owfms_cli \
-  && rm -rf owfms
-
-# OWPROV
-ARG OWPROV_VERSION=main
-RUN git clone https://github.com/Telecominfraproject/wlan-cloud-owprov.git owprov \
-  && cd owprov \
-  && git checkout $OWPROV_VERSION \
-  && cd /cli \
-  && cp owprov/test_scripts/curl/cli owprov_cli \
-  && rm -rf owprov
-
-COPY clustersysteminfo clustersysteminfo
-COPY change_credentials change_credentials
-
-ENTRYPOINT ["/cli/clustersysteminfo"]

chart/docker/change_credentials

@@ -1,68 +0,0 @@
-#!/bin/bash
-# Constants
-export DEFAULT_CHECK_RETRIES=10
-
-# Usage function
-usage () {
-  echo;
-  echo "- OWSEC - owsec endpoint to make requests to (i.e. openwifi.wlan.local:16001)";
-  echo "- OWSEC_DEFAULT_USERNAME - default owsec username from properties";
-  echo "- OWSEC_DEFAULT_PASSWORD - default owsec password (in cleartext) from properties";
-  echo "- OWSEC_NEW_PASSWORD - new owsec password (in cleartext) that should be set for login";
-}
-
-# Check if required environment variables were passed
-## Login specifics
-[ -z ${OWSEC+x} ] && echo "OWSEC is unset" && usage && exit 1
-[ -z ${OWSEC_DEFAULT_USERNAME+x} ] && echo "OWSEC_DEFAULT_USERNAME is unset" && usage && exit 1
-[ -z ${OWSEC_DEFAULT_PASSWORD+x} ] && echo "OWSEC_DEFAULT_PASSWORD is unset" && usage && exit 1
-[ -z ${OWSEC_NEW_PASSWORD+x} ] && echo "OWSEC_NEW_PASSWORD is unset" && usage && exit 1
-
-# Check credentials
-export result_file=result.json
-
-# Try logging in with default credentials
-payload="{ \"userId\" : \"${OWSEC_DEFAULT_USERNAME}\" , \"password\" : \"${OWSEC_DEFAULT_PASSWORD}\" }"
-curl ${FLAGS} -X POST "https://${OWSEC}/api/v1/oauth2" \
-    -H "Content-Type: application/json" \
-    -d "$payload" > ${result_file}
-errorCode=$(cat ${result_file} | jq -r '.ErrorCode')
-# If ErrorCode == 1, we must change password
-if [[ "${errorCode}" == "1" ]]
-then
-    payload="{ \"userId\" : \"${OWSEC_DEFAULT_USERNAME}\" , \"password\" : \"${OWSEC_DEFAULT_PASSWORD}\", \"newPassword\" : \"${OWSEC_NEW_PASSWORD}\" }"
-    curl ${FLAGS} -X POST "https://${OWSEC}/api/v1/oauth2" \
-        -H "Content-Type: application/json" \
-        -d "$payload" > ${result_file}
-    # Check if password was changed correctly
-    token=$(cat ${result_file} | jq -r '.access_token')
-    if [[ "${token}" == "null" ]] || [[ "${token}" == "" ]] || [[ ! -s ${result_file} ]]
-    then
-        echo "Could not change credentials:"
-        jq < ${result_file}
-        exit 1
-    else
-        echo "Login credentials were changed:"
-    fi
-# If ErrorCode == 2 then new credentials were applied already OR user was deleted OR credentials are wrong
-elif [[ "${errorCode}" == "2" ]]
-then
-    # Let's try logging in using new credentials
-    payload="{ \"userId\" : \"${OWSEC_DEFAULT_USERNAME}\" , \"password\" : \"${OWSEC_NEW_PASSWORD}\" }"
-    curl ${FLAGS} -X POST "https://${OWSEC}/api/v1/oauth2" \
-            -H "Content-Type: application/json" \
-            -d "$payload" > ${result_file}
-    token=$(cat ${result_file} | jq -r '.access_token')
-    # TODO check if there are any response
-    if [[ "${token}" == "null" ]] || [[ "${token}" == "" ]] || [[ ! -s ${result_file} ]]
-    then
-        echo "Could not login with new credentials. Probably new login credentials are wrong OR user was deleted. Since we cannot check if user is really deleted, skipping this issue:"
-    else
-        echo "Logged in with new credentials:"
-    fi
-else
-    echo "Credentials check failed with unexpected ErrorCode, please review the responce body:"
-    jq < ${result_file}
-    exit 2
-fi
-jq < ${result_file}

chart/docker/clustersysteminfo

@@ -1,106 +0,0 @@
-#!/bin/bash
-
-# Constants
-export DEFAULT_CHECK_RETRIES=30
-
-# Check dependencies
-[[ "$(which jq)" == "" ]] && echo "You need the package jq installed to use this script." && exit 1
-[[ "$(which curl)" == "" ]] && echo "You need the package curl installed to use this script." && exit 1
-
-# Check if required environment variables were passed
-[[ -z ${OWSEC+x} ]] && echo "You must set the variable OWSEC in order to use this script. Something like" && echo "OWSEC=security.isp.com:16001" && exit 1
-[[ -z ${OWSEC_DEFAULT_USERNAME+x} ]] && echo "You must set the variable OWSEC_DEFAULT_USERNAME in order to use this script. Something like" && echo "OWSEC_DEFAULT_USERNAME=tip@ucentral.com" && exit 1
-[[ -z ${OWSEC_DEFAULT_PASSWORD+x} ]] && echo "You must set the variable OWSEC_DEFAULT_PASSWORD in order to use this script. Something like" && echo "OWSEC_DEFAULT_PASSWORD=openwifi" && exit 1
-[[ -z ${OWSEC_NEW_PASSWORD+x} ]] && echo "You must set the variable OWSEC_NEW_PASSWORD in order to use this script. Something like" && echo "OWSEC_NEW_PASSWORD=NewPass123%" && exit 1
-
-[[ "${CHECK_RETRIES}" == "" ]] && [[ "${CHECK_RETRIES}" -eq "${CHECK_RETRIES}" ]] && echo "Environment variable CHECK_RETRIES is not set or is not number, setting it to the default value (${DEFAULT_CHECK_RETRIES})" && export CHECK_RETRIES=$DEFAULT_CHECK_RETRIES
-
-# Make sure owsec is resolvable
-export OWSEC_FQDN=$(echo $OWSEC | awk -F ':' '{print $1}')
-echo "Waiting for OWSEC FQDN ($OWSEC_FQDN) to be resolvable"
-exit_code=1
-until [[ "$exit_code" -eq "0" ]]
-do
-  getent hosts $OWSEC_FQDN
-  exit_code=$?
-  sleep 1
-done
-echo
-
-# Change/check password for owsec AND set owsec credentials
-export CHANGE_CHECK_RETRIES=${CHECK_RETRIES}
-until ./change_credentials || [[ "${CHANGE_CHECK_RETRIES}" -eq "0" ]]
-do
-  echo "Change/check failed"
-  let "CHANGE_CHECK_RETRIES-=1"
-  echo "Retries left - $CHANGE_CHECK_RETRIES"
-  echo
-  sleep 5
-done
-
-if [[ "${CHANGE_CHECK_RETRIES}" -eq "0" ]]
-then
-  echo "Run out of retries to change/check login credentials"
-  exit 3
-fi
-
-# Adapt scripts for the security credentials
-# -> Username
-sed '/^username/s/username=.*/username="'$OWSEC_DEFAULT_USERNAME'"/' owsec_cli -i
-sed '/^username/s/username=.*/username="'$OWSEC_DEFAULT_USERNAME'"/' owgw_cli -i
-sed '/^username/s/username=.*/username="'$OWSEC_DEFAULT_USERNAME'"/' owfms_cli -i
-sed '/^username/s/username=.*/username="'$OWSEC_DEFAULT_USERNAME'"/' owprov_cli -i
-# -> Password
-sed '/^password/s/password=.*/password="'$OWSEC_NEW_PASSWORD'"/' owsec_cli -i
-sed '/^password/s/password=.*/password="'$OWSEC_NEW_PASSWORD'"/' owgw_cli  -i
-sed '/^password/s/password=.*/password="'$OWSEC_NEW_PASSWORD'"/' owfms_cli -i
-sed '/^password/s/password=.*/password="'$OWSEC_NEW_PASSWORD'"/' owprov_cli -i
-
-echo "Running systeminfo checks for all components until all of them are available OR check tries are exausted ($CHECK_RETRIES)"
-exit_code_sum=1
-until [[ "$exit_code_sum" -eq "0" ]] || [[ "${CHECK_RETRIES}" -eq "0" ]]
-do
-  exit_code_sum=0
-  ./owsec_cli systeminfo
-  let "exit_code_sum+=$?"
-  if [[ ! -s result.json ]]
-  then
-    let "exit_code_sum+=1"
-  fi
-  let "exit_code_sum+=$(grep ErrorCode result.json | wc -l)"
-  sleep 1
-
-  ./owgw_cli systeminfo
-  let "exit_code_sum+=$?"
-  if [[ ! -s result.json ]]
-  then
-    let "exit_code_sum+=1"
-  fi
-  let "exit_code_sum+=$(grep ErrorCode result.json | wc -l)"
-  sleep 1
-
-  ./owfms_cli systeminfo
-  let "exit_code_sum+=$?"
-  if [[ ! -s result.json ]]
-  then
-    let "exit_code_sum+=1"
-  fi
-  let "exit_code_sum+=$(grep ErrorCode result.json | wc -l)"
-  sleep 1
-
-  ./owprov_cli systeminfo
-  let "exit_code_sum+=$?"
-  if [[ ! -s result.json ]]
-  then
-    let "exit_code_sum+=1"
-  fi
-  let "exit_code_sum+=$(grep ErrorCode result.json | wc -l)"
-  sleep 1
-
-  let "CHECK_RETRIES-=1"
-  echo "Exit code sum: $exit_code_sum"
-  echo "Left retries: $CHECK_RETRIES"
-  sleep 5
-  echo
-done
-exit $exit_code_sum

chart/templates/_helpers.tpl

@@ -2,7 +2,7 @@
 {{/*
 Expand the name of the chart.
 */}}
-{{- define "openwifi.name" -}}
+{{- define "wlanclouducentral.name" -}}
 {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
 {{- end -}}
 
@@ -11,7 +11,7 @@ Create a default fully qualified app name.
 We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
 If release name contains chart name it will be used as a full name.
 */}}
-{{- define "openwifi.fullname" -}}
+{{- define "wlanclouducentral.fullname" -}}
 {{- if .Values.fullnameOverride -}}
 {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
 {{- else -}}
@@ -27,6 +27,6 @@ If release name contains chart name it will be used as a full name.
 {{/*
 Create chart name and version as used by the chart label.
 */}}
-{{- define "openwifi.chart" -}}
+{{- define "wlanclouducentral.chart" -}}
 {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
 {{- end -}}

chart/templates/job-clustersysteminfo.yaml

@@ -1,86 +0,0 @@
-{{- $root := . -}}
-{{- if .Values.clustersysteminfo.enabled }}
----
-apiVersion: batch/v1
-kind: Job
-metadata:
-  name: {{ include "openwifi.fullname" . }}-clustersysteminfo-check
-  annotations:
-    "helm.sh/hook": post-install,post-upgrade
-    "helm.sh/hook-weight": "10"
-    "helm.sh/hook-delete-policy": before-hook-creation
-  labels:
-    app.kubernetes.io/name: {{ include "openwifi.name" . }}
-    helm.sh/chart: {{ include "openwifi.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-spec:
-  {{- with .Values.clustersysteminfo.activeDeadlineSeconds }}
-  activeDeadlineSeconds: {{ . }}
-  {{- end }}
-  {{- with .Values.clustersysteminfo.backoffLimit }}
-  backoffLimit: {{ . }}
-  {{- end }}
-  template:
-    metadata:
-      name: {{ include "openwifi.fullname" . }}-clustersysteminfo-check
-      labels:
-        app.kubernetes.io/name: {{ include "openwifi.name" . }}
-        helm.sh/chart: {{ include "openwifi.chart" . }}
-        app.kubernetes.io/instance: {{ .Release.Name }}
-        app.kubernetes.io/managed-by: {{ .Release.Service }}
-    spec:
-      initContainers:
-        - name: delay
-          image: "alpine:latest"
-          command: ["/bin/sleep","{{ default 60 .Values.clustersysteminfo.delay }}"]
-      containers:
-        - name: clustersysteminfo-check
-          image: "{{ .Values.clustersysteminfo.images.clustersysteminfo.repository }}:{{ .Values.clustersysteminfo.images.clustersysteminfo.tag }}"
-          imagePullPolicy: {{ .Values.clustersysteminfo.images.clustersysteminfo.pullPolicy }}
-
-          env:
-            - name: KUBERNETES_DEPLOYED
-              value: "{{ now }}"
-          {{- range $key, $value := .Values.clustersysteminfo.public_env_variables }}
-            - name: {{ $key }}
-              value: {{ $value | quote }}
-          {{- end }}
-          {{- range $key, $value := .Values.clustersysteminfo.secret_env_variables }}
-            - name: {{ $key }}
-              valueFrom:
-                secretKeyRef:
-                  name: {{ include "openwifi.fullname" $root }}-clustersysteminfo-env
-                  key: {{ $key }}
-          {{- end }}
-
-          {{- with .Values.clustersysteminfo.resources }}
-          resources:
-            {{- toYaml . | nindent 12 }}
-          {{- end }}
-
-      restartPolicy: {{ .Values.clustersysteminfo.restartPolicy }}
-
-      imagePullSecrets:
-      {{- range $image, $imageValue := .Values.clustersysteminfo.images }}
-        {{- if $imageValue.regcred }}
-      - name: {{ include "openwifi.fullname" $root }}-{{ $image }}-clustersysteminfo-regcred
-        {{- end }}
-      {{- end }}
-
-      {{- with .Values.clustersysteminfo.nodeSelector }}
-      nodeSelector:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
-
-      {{- with .Values.clustersysteminfo.affinity }}
-      affinity:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
-
-      {{- with .Values.clustersysteminfo.tolerations }}
-      tolerations:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
-
-{{- end }}

chart/templates/secret-clustersysteminfo-env.yaml

@@ -1,19 +0,0 @@
-{{- $root := . -}}
-{{- if .Values.clustersysteminfo.enabled }}
----
-apiVersion: v1
-metadata:
-  labels:
-    app.kuberentes.io/name: {{ include "openwifi.name" . }}
-    helm.sh/chart: {{ include "openwifi.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-  name: {{ include "openwifi.fullname" . }}-clustersysteminfo-env
-kind: Secret
-type: Opaque
-data:
-  # Secret env variables
-  {{- range $key, $value := .Values.clustersysteminfo.secret_env_variables }}
-  {{ $key }}: {{ $value | b64enc | quote }}
-  {{- end }}
-{{- end }}

chart/templates/secret-clustersysteminfo-regcred.yaml

@@ -1,20 +0,0 @@
-{{- $root := . -}}
-{{- if .Values.clustersysteminfo.enabled }}
-{{- range $image, $imageValue := .Values.clustersysteminfo.images }}
-{{- if $imageValue.regcred }}
----
-apiVersion: v1
-kind: Secret
-type: kubernetes.io/dockerconfigjson
-metadata:
-  labels:
-    app.kuberentes.io/name: {{ include "openwifi.name" $root }}
-    helm.sh/chart: {{ include "openwifi.chart" $root }}
-    app.kubernetes.io/instance: {{ $root.Release.Name }}
-    app.kubernetes.io/managed-by: {{ $root.Release.Service }}
-  name: {{ include "openwifi.fullname" $root }}-{{ $image }}-clustersysteminfo-regcred
-data:
-  .dockerconfigjson: {{ $imageValue.regcred | quote }}
-{{- end }}
-{{- end }}
-{{- end }}

chart/values.yaml

@@ -1,42 +1,26 @@
-# OpenWIFI Gateway (https://github.com/Telecominfraproject/wlan-cloud-ucentralgw/)
-owgw:
-  fullnameOverride: owgw
+# uCentralGW (https://github.com/Telecominfraproject/wlan-cloud-ucentralgw/)
+ucentralgw:
+  fullnameOverride: ucentralgw
 
   configProperties:
-    openwifi.kafka.enable: "true"
-    openwifi.kafka.brokerlist: kafka:9092
+    ucentral.kafka.enable: "true"
+    ucentral.kafka.brokerlist: kafka:9092
 
-# OpenWIFI Security (https://github.com/Telecominfraproject/wlan-cloud-ucentralsec)
-owsec:
-  fullnameOverride: owsec
+# uCentralSec (https://github.com/Telecominfraproject/wlan-cloud-ucentralsec)
+ucentralsec:
+  fullnameOverride: ucentralsec
 
   configProperties:
-    openwifi.kafka.enable: "true"
-    openwifi.kafka.brokerlist: kafka:9092
+    ucentral.kafka.enable: "true"
+    ucentral.kafka.brokerlist: kafka:9092
 
-# OpenWIFI Firmware (https://github.com/Telecominfraproject/wlan-cloud-ucentralfms)
-owfms:
-  fullnameOverride: owfms
+# uCentralFMS (https://github.com/Telecominfraproject/wlan-cloud-ucentralfms)
+ucentralfms:
+  fullnameOverride: ucentralfms
 
   configProperties:
-    openwifi.kafka.enable: "true"
-    openwifi.kafka.brokerlist: kafka:9092
-
-# OpenWIFI Provisioning (https://github.com/Telecominfraproject/wlan-cloud-owprov/)
-owprov:
-  fullnameOverride: owprov
-
-  configProperties:
-    openwifi.kafka.enable: "true"
-    openwifi.kafka.brokerlist: kafka:9092
-
-# OpenWIFI Web UI (https://github.com/Telecominfraproject/wlan-cloud-ucentralgw-ui/)
-owgwui:
-  fullnameOverride: owgwui
-
-# OpenWIFI Provisioning Web UI (https://github.com/Telecominfraproject/wlan-cloud-owprov-ui/)
-owprovui:
-  fullnameOverride: owprovui
+    ucentral.kafka.enable: "true"
+    ucentral.kafka.brokerlist: kafka:9092
 
 # rttys (https://github.com/Telecominfraproject/wlan-cloud-ucentralgw-rtty)
 rttys:
@@ -63,67 +47,8 @@ kafka:
   zookeeper:
     fullnameOverride: zookeeper
 
-# clustersysteminfo check
-clustersysteminfo:
-  enabled: false
-  #delay: 60 # number of seconds to delay clustersysteminfo execution
+# uCentral UI (https://github.com/Telecominfraproject/wlan-cloud-ucentralgw-ui/)
+ucentralgwui:
+  enabled: true
 
-  fullnameOverride: clustersysteminfo
-
-  images:
-    clustersysteminfo:
-      repository: tip-tip-wlan-cloud-ucentral.jfrog.io/clustersysteminfo
-      tag: main
-      pullPolicy: Always
-#      regcred:
-#        registry: tip-tip-wlan-cloud-ucentral.jfrog.io
-#        username: username
-#        password: password
-
-  resources: {}
-    # We usually recommend not to specify default resources and to leave this as a conscious
-    # choice for the user. This also increases chances charts run on environments with little
-    # resources, such as Minikube. If you do want to specify resources, uncomment the following
-    # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
-    # requests:
-    #  cpu: 100m
-    #  memory: 128Mi
-    # limits:
-    #  cpu: 100m
-    #  memory: 128Mi
-
-  nodeSelector: {}
-
-  tolerations: []
-
-  affinity: {}
-
-  public_env_variables:
-    FLAGS: "-s --connect-timeout 3"
-    OWSEC: sec:16001
-    CHECK_RETRIES: 30
-
-  secret_env_variables:
-    OWSEC_DEFAULT_USERNAME: tip@ucentral.com
-    OWSEC_DEFAULT_PASSWORD: openwifi
-    #OWSEC_NEW_PASSWORD: "" # Set this value in order for the check to work. Password must comply https://github.com/Telecominfraproject/wlan-cloud-ucentralsec/#authenticationvalidationexpression
-
-  activeDeadlineSeconds: 2400
-  backoffLimit: 5
-  restartPolicy: OnFailure
-
-# OpenWIFI Load Simulator (https://github.com/Telecominfraproject/wlan-cloud-owls)
-owls:
-  enabled: false
-
-  fullnameOverride: owls
-
-  configProperties:
-    openwifi.kafka.enable: "true"
-    openwifi.kafka.brokerlist: kafka:9092
-
-# OpenWIFI Load Simulator UI (https://github.com/Telecominfraproject/wlan-cloud-owls-ui)
-owlsui:
-  enabled: false
-
-  fullnameOverride: owlsui
+  fullnameOverride: ucentralgwui

docker-compose/.env

@@ -1,28 +1,8 @@
-# Image tags
-COMPOSE_PROJECT_NAME=openwifi
-OWGW_TAG=master
-OWGWUI_TAG=main
-OWSEC_TAG=main
-OWFMS_TAG=main
-OWPROV_TAG=main
-OWPROVUI_TAG=main
+COMPOSE_PROJECT_NAME=ucentral
+UCENTRALGW_TAG=v2.1.0-RC3
+UCENTRALGWUI_TAG=v2.1.0-RC1
+UCENTRALSEC_TAG=v2.1.0-RC1
+UCENTRALFMS_TAG=v2.1.0-RC1
 RTTYS_TAG=3.5.0
 KAFKA_TAG=latest
 ZOOKEEPER_TAG=latest
-POSTGRESQL_TAG=latest
-
-# Microservice root/config directories
-OWGW_ROOT=/owgw-data
-OWGW_CONFIG=/owgw-data
-OWSEC_ROOT=/owsec-data
-OWSEC_CONFIG=/owsec-data
-OWFMS_ROOT=/owfms-data
-OWFMS_CONFIG=/owfms-data
-OWPROV_ROOT=/owprov-data
-OWPROV_CONFIG=/owprov-data
-
-# Microservice hostnames
-INTERNAL_OWGW_HOSTNAME=owgw.wlan.local
-INTERNAL_OWSEC_HOSTNAME=owsec.wlan.local
-INTERNAL_OWFMS_HOSTNAME=owfms.wlan.local
-INTERNAL_OWPROV_HOSTNAME=owprov.wlan.local

docker-compose/.env.letsencrypt

@@ -1,40 +0,0 @@
-# Image tags
-COMPOSE_PROJECT_NAME=openwifi
-OWGW_TAG=master
-OWGWUI_TAG=main
-OWSEC_TAG=main
-OWFMS_TAG=main
-OWPROV_TAG=main
-OWPROVUI_TAG=main
-RTTYS_TAG=3.5.0
-KAFKA_TAG=latest
-ZOOKEEPER_TAG=latest
-ACMESH_TAG=latest
-TRAEFIK_TAG=latest
-
-# Microservice root/config directories
-OWGW_ROOT=/owgw-data
-OWGW_CONFIG=/owgw-data
-OWSEC_ROOT=/owsec-data
-OWSEC_CONFIG=/owsec-data
-OWFMS_ROOT=/owfms-data
-OWFMS_CONFIG=/owfms-data
-OWPROV_ROOT=/owprov-data
-OWPROV_CONFIG=/owprov-data
-
-# Microservice hostnames
-INTERNAL_OWGW_HOSTNAME=owgw.wlan.local
-INTERNAL_OWGWUI_HOSTNAME=owgw-ui.wlan.local
-INTERNAL_OWSEC_HOSTNAME=owsec.wlan.local
-INTERNAL_OWFMS_HOSTNAME=owfms.wlan.local
-INTERNAL_OWPROV_HOSTNAME=owprov.wlan.local
-INTERNAL_OWPROVUI_HOSTNAME=owprov-ui.wlan.local
-INTERNAL_RTTYS_HOSTNAME=rttys.wlan.local
-OWGW_HOSTNAME=
-OWGWUI_HOSTNAME=
-OWGWFILEUPLOAD_HOSTNAME=
-OWSEC_HOSTNAME=
-OWFMS_HOSTNAME=
-OWPROV_HOSTNAME=
-OWPROVUI_HOSTNAME=
-RTTYS_HOSTNAME=

docker-compose/.env.selfsigned

@@ -1,32 +0,0 @@
-# Image tags
-COMPOSE_PROJECT_NAME=openwifi
-OWGW_TAG=master
-OWGWUI_TAG=main
-OWSEC_TAG=main
-OWFMS_TAG=main
-OWPROV_TAG=main
-OWPROVUI_TAG=main
-RTTYS_TAG=3.5.0
-KAFKA_TAG=latest
-ZOOKEEPER_TAG=latest
-ACMESH_TAG=latest
-TRAEFIK_TAG=latest
-
-# Microservice root/config directories
-OWGW_ROOT=/owgw-data
-OWGW_CONFIG=/owgw-data
-OWSEC_ROOT=/owsec-data
-OWSEC_CONFIG=/owsec-data
-OWFMS_ROOT=/owfms-data
-OWFMS_CONFIG=/owfms-data
-OWPROV_ROOT=/owprov-data
-OWPROV_CONFIG=/owprov-data
-
-# Microservice hostnames
-INTERNAL_OWGW_HOSTNAME=owgw.wlan.local
-INTERNAL_OWGWUI_HOSTNAME=owgw-ui.wlan.local
-INTERNAL_OWSEC_HOSTNAME=owsec.wlan.local
-INTERNAL_OWFMS_HOSTNAME=owfms.wlan.local
-INTERNAL_OWPROV_HOSTNAME=owprov.wlan.local
-INTERNAL_OWPROVUI_HOSTNAME=owprov-ui.wlan.local
-INTERNAL_RTTYS_HOSTNAME=rttys.wlan.local

docker-compose/.env_ucentralfms

@@ -0,0 +1,3 @@
+RUN_CHOWN=true
+UCENTRALFMS_ROOT=/ucentralfms-data
+UCENTRALFMS_CONFIG=/ucentralfms-data

docker-compose/.env_ucentralgw

@@ -0,0 +1,3 @@
+RUN_CHOWN=true
+UCENTRALGW_ROOT=/ucentralgw-data
+UCENTRALGW_CONFIG=/ucentralgw-data

docker-compose/.env_ucentralgw-ui

@@ -0,0 +1,2 @@
+DEFAULT_UCENTRALSEC_URL=https://ucentral.wlan.local:16001
+ALLOW_UCENTRALSEC_CHANGE=false

docker-compose/.env_ucentralsec

@@ -0,0 +1,3 @@
+RUN_CHOWN=true
+UCENTRALSEC_ROOT=/ucentralsec-data
+UCENTRALSEC_CONFIG=/ucentralsec-data

docker-compose/README.md

@@ -1,206 +1,20 @@
 # Docker Compose
-### Overview
-With the provided Docker Compose files you can instantiate a deployment of the OpenWifi microservices and related components. The repository contains a self-signed certificate and a TIP-signed gateway certificate which are valid for the `*.wlan.local` domain. You also have the possibility to either generate and use Letsencrypt certs or provide your own certificates. Furthermore the deployments are split by whether Traefik is used as a reverse proxy/load balancer in front of the microservices or if they are exposed directly on the host. The advantage of using the deployments with Traefik is that you can use Letsencrypt certs (automatic certificate generation and renewal) and you have the ability to scale specific containers to multiple replicas.  
-The repository also contains a separate Docker Compose deployment to set up the [OWLS microservice](https://github.com/Telecominfraproject/wlan-cloud-owls) and related components for running a load simulation test against an existing controller.
-- [Non-LB deployment with self-signed certificates](#non-lb-deployment-with-self-signed-certificates)
-- [Non-LB deployment with own certificates](#non-lb-deployment-with-own-certificates)
-- [Non-LB deployment with PostgreSQL](#non-lb-deployment-with-postgresql)
-- [LB deployment with self-signed certificates](#lb-deployment-with-self-signed-certificates)
-- [LB deployment with Letsencrypt certificates](#lb-deployment-with-letsencrypt-certificates)
-- [OWLS deployment with self-signed certificates](#owls-deployment-with-self-signed-certificates)
-### Configuration
-If you don't bind mount your own config files they are generated on every startup based on the environment variables in the microservice specific env files. For an overview of the supported configuration properties have a look into the microservice specific env files. For an explanation of the configuration properties please see the README in the respective microservice repository.  
-Be aware that the non-LB deployment exposes the generated config files on the host. So if you want to make configuration changes afterwards, please do them directly in the config files located in the microservice data directories.
-#### Required password changing on the first startup
-One important action that must be done before using the deployment is changing password for the default user in owsec as described in [owsec docs](https://github.com/Telecominfraproject/wlan-cloud-ucentralsec/tree/main#changing-default-password). Please use these docs to find the actions that must be done **after** the deployment in order to start using your deployment.
-### Ports
-Every OpenWifi service is exposed via a separate port either directly on the host or through Traefik. For an overview of the exposed ports have a look into the deployment specific Docker Compose file. If you use your own certificates or make use of the [Letsencrypt LB deployment](#lb-deployment-with-letsencrypt-certificates), you can also configure different hostnames for the microservices.  
-Please note that the OWProv-UI is exposed on port `8080(HTTP)/8443(HTTPS)` by default except for the Letsencrypt LB deployment, where the service listens on the default `80/443` HTTP(S) ports.
-### owsec templates and wwwassets
-On the startup of owsec directories for wwwassets and mailer templates are created from the base files included in Docker image. After the initial startup you may edit those files as you wish in the [owsec-data/persist](./owsec-data/persist) directory.
-## Non-LB deployment with self-signed certificates
+With the provided Docker Compose file you can instantiate a complete deployment of the uCentral microservices and related components for local development purposes. To spin up a local development environment:
 1. Switch into the project directory with `cd docker-compose/`.
-2. Add an entry for `openwifi.wlan.local` in your hosts file which points to `127.0.0.1` or whatever the IP of the host running the deployment is.
-3. Spin up the deployment with `docker-compose up -d`.
-4. Check if the containers are up and running with `docker-compose ps`.
-5. Add SSL certificate exceptions in your browser by visiting https://openwifi.wlan.local:16001, https://openwifi.wlan.local:16002, https://openwifi.wlan.local:16004 and https://openwifi.wlan.local:16005.
-6. Connect to your AP via SSH and add a static hosts entry in `/etc/hosts` for `openwifi.wlan.local`. This should point to the address of the host the Compose deployment runs on.
-7. Login to the UI `https://openwifi.wlan.local` and follow the instructions to change your default password.
-8. To use the curl test scripts included in the microservice repositories set the following environment variables:
+2. This repository contains a gateway certificate signed by TIP and a self-signed certificate for the REST API and other components which are used by default in the Compose deployment. The certificates are valid for the `*.wlan.local` domain and the Docker Compose uCentral microservice configs use `ucentral.wlan.local` as a hostname, so make sure you add an entry in your hosts file (or in your local DNS solution) which points to `127.0.0.1` or whatever the IP of the host running the deployment is. Be aware that by default only port `15002` (websocket) and `16003` (fileupload) are exposed on all interfaces and the rest only on localhost. Make sure to adapt that according to your needs.
+3. If you have your own certificates and want to use the deployment for anything other than local development copy your certs into the `certs/` directory and reference them in the appropriate sections of the microservice configuration files. Make sure to also adapt the sections which reference the hostname. For more information on certificates please see the [certificates section](https://github.com/Telecominfraproject/wlan-cloud-ucentralgw#certificates) of this README and/or [CERTIFICATES.md](https://github.com/Telecominfraproject/wlan-cloud-ucentralgw/blob/master/CERTIFICATES.md).
+4. Docker Compose pulls the microservice images from the JFrog repository. If you want to change the image tag or some of the image versions which are used for the other services, have a look into the `.env` file. You'll also find service specific `.env` files in this directory. Edit them if you want to change database passwords (highly recommended!) or other configuration data. Don't forget to adapt your changes in the application configuration files.
+5. Open `docker-compose/ucentralgw-data/ucentralgw.properties` to change [authentication data](https://github.com/Telecominfraproject/wlan-cloud-ucentralgw#default-username-and-password) for uCentralGW (again highly recommended!).
+6. Spin up the deployment with `docker-compose up -d`.
+7. Add the self-signed certificates to the system trust store of the containers with `./add-ca-cert.sh`.
+8. Add SSL certificate exceptions in your browser by visiting https://ucentral.wlan.local:16001, https://ucentral.wlan.local:16002 and https://ucentral.wlan.local:16004 (make sure to visit all and add the exceptions).
+9. Connect to your AP via SSH and add a static hosts entry in `/etc/hosts` for `ucentral.wlan.local` which points to the address of the host the Compose deployment runs on.
+10. Navigate to the UI `http://ucentral.wlan.local` and login with your uCentralGW authentication data.
+11. To use the [curl test script](https://github.com/Telecominfraproject/wlan-cloud-ucentralgw/blob/main/TEST_CURL.md) to talk to the API set the following environment variables:
 ```
-export OWSEC="openwifi.wlan.local:16001"
+export UCENTRALSEC="ucentral.wlan.local:16001"
 export FLAGS="-s --cacert <your-wlan-cloud-ucentral-deploy-location>/docker-compose/certs/restapi-ca.pem"
 ```
-⚠️**Note**: When deploying with self-signed certificates you can not make use of the trace functionality in the UI since the AP will throw a TLS error when uploading the trace to OWGW. Please use the Letsencrypt deployment or provide your own valid certificates if you want to use this function.
-## Non-LB deployment with own certificates
-1. Switch into the project directory with `cd docker-compose/`. Copy your websocket and REST API certificates into the `certs/` directory. Make sure to reference the certificates accordingly in the service config if you use different file names or if you want to use different certificates for the respective microservices.
-2. Adapt the following hostname and URI variables according to your environment:
-### .env
-| Variable                   | Description                                                         |
-| -------------------------- | ------------------------------------------------------------------- |
-| `INTERNAL_OWGW_HOSTNAME`   | Set this to your OWGW hostname, for example `owgw.example.com`.     |
-| `INTERNAL_OWSEC_HOSTNAME`  | Set this to your OWSec hostname, for example `owsec.example.com`.   |
-| `INTERNAL_OWFMS_HOSTNAME`  | Set this to your OWFms hostname, for example `owfms.example.com`.   |
-| `INTERNAL_OWPROV_HOSTNAME` | Set this to your OWProv hostname, for example `owprov.example.com`. |
-### owgw.env
-| Variable                                 | Description                                                                         |
-| ---------------------------------------- | ----------------------------------------------------------------------------------- |
-| `FILEUPLOADER_HOST_NAME`                 | Set this to your OWGW fileupload hostname, for example `owgw.example.com`.          |
-| `FILEUPLOADER_URI`                       | Set this to your OWGW fileupload URL, for example `https://owgw.example.com:16003`. |
-| `SYSTEM_URI_PRIVATE`,`SYSTEM_URI_PUBLIC` | Set this to your OWGW REST API URL, for example `https://owgw.example.com:16002`.   |
-| `RTTY_SERVER`                            | Set this to your RTTY server hostname, for example `rttys.example.com`.             |
-| `SYSTEM_URI_UI`                          | Set this to your OWGW-UI URL, for example `https://owgw-ui.example.com`.            |
-### owgw-ui.env
-| Variable                  | Description                                                                |
-| ------------------------- | -------------------------------------------------------------------------- |
-| `DEFAULT_UCENTRALSEC_URL` | Set this to your OWSec URL, for example `https://owsec.example.com:16001`. |
-### owsec.env
-| Variable                                 | Description                                                                         |
-| ---------------------------------------- | ----------------------------------------------------------------------------------- |
-| `SYSTEM_URI_PRIVATE`,`SYSTEM_URI_PUBLIC` | Set this to your OWSec REST API URL, for example `https://owsec.example.com:16001`. |
-| `SYSTEM_URI_UI`                          | Set this to your OWGW-UI URL, for example `https://owgw-ui.example.com`.            |
-### owfms.env
-| Variable                                 | Description                                                                         |
-| ---------------------------------------- | ----------------------------------------------------------------------------------- |
-| `SYSTEM_URI_PRIVATE`,`SYSTEM_URI_PUBLIC` | Set this to your OWFms REST API URL, for example `https://owfms.example.com:16004`. |
-| `SYSTEM_URI_UI`                          | Set this to your OWGW-UI URL, for example `https://owgw-ui.example.com`.            |
-### owprov.env
-| Variable                                 | Description                                                                           |
-| ---------------------------------------- | ------------------------------------------------------------------------------------- |
-| `SYSTEM_URI_PRIVATE`,`SYSTEM_URI_PUBLIC` | Set this to your OWProv REST API URL, for example `https://owprov.example.com:16005`. |
-| `SYSTEM_URI_UI`                          | Set this to your OWGW-UI URL, for example `https://owgw-ui.example.com`.              |
-### owprov-ui.env
-| Variable                  | Description                                                                |
-| ------------------------- | -------------------------------------------------------------------------- |
-| `DEFAULT_UCENTRALSEC_URL` | Set this to your OWSec URL, for example `https://owsec.example.com:16001`. |
-3. Spin up the deployment with `docker-compose up -d`.
-4. Check if the containers are up and running with `docker-compose ps`.
-5. Login to the UI and and follow the instructions to change your default password.
-## Non-LB deployment with PostgreSQL
-1. Switch into the project directory with `cd docker-compose/`.
-2. Set the following variables in the env files and make sure to uncomment the lines. It is highly recommended that you change the DB passwords to some random string.
-### owgw.env
-| Variable                           | Value/Description |
-| ---------------------------------- | ----------------- |
-| `STORAGE_TYPE`                     | `postgresql`      |
-| `STORAGE_TYPE_POSTGRESQL_HOST`     | `postgresql`      |
-| `STORAGE_TYPE_POSTGRESQL_USERNAME` | `owgw`            |
-| `STORAGE_TYPE_POSTGRESQL_PASSWORD` | `owgw`            |
-| `STORAGE_TYPE_POSTGRESQL_DATABASE` | `owgw`            |
-### owsec.env
-| Variable                           | Value/Description |
-| ---------------------------------- | ----------------- |
-| `STORAGE_TYPE`                     | `postgresql`      |
-| `STORAGE_TYPE_POSTGRESQL_HOST`     | `postgresql`      |
-| `STORAGE_TYPE_POSTGRESQL_USERNAME` | `owsec`           |
-| `STORAGE_TYPE_POSTGRESQL_PASSWORD` | `owsec`           |
-| `STORAGE_TYPE_POSTGRESQL_DATABASE` | `owsec`           |
-### owfms.env
-| Variable                           | Value/Description |
-| ---------------------------------- | ----------------- |
-| `STORAGE_TYPE`                     | `postgresql`      |
-| `STORAGE_TYPE_POSTGRESQL_HOST`     | `postgresql`      |
-| `STORAGE_TYPE_POSTGRESQL_USERNAME` | `owfms`           |
-| `STORAGE_TYPE_POSTGRESQL_PASSWORD` | `owfms`           |
-| `STORAGE_TYPE_POSTGRESQL_DATABASE` | `owfms`           |
-### owprov.env
-| Variable                           | Value/Description |
-| ---------------------------------- | ----------------- |
-| `STORAGE_TYPE`                     | `postgresql`      |
-| `STORAGE_TYPE_POSTGRESQL_HOST`     | `postgresql`      |
-| `STORAGE_TYPE_POSTGRESQL_USERNAME` | `owprov`          |
-| `STORAGE_TYPE_POSTGRESQL_PASSWORD` | `owprov`          |
-| `STORAGE_TYPE_POSTGRESQL_DATABASE` | `owprov`          |
-### postgresql.env
-| Variable             | Value      |
-| -------------------- | ---------- |
-| `POSTGRES_PASSWORD`  | `postgres` |
-| `POSTGRES_USER`      | `postgres` |
-| `OWGW_DB`            | `owgw`     |
-| `OWGW_DB_USER`       | `owgw`     |
-| `OWGW_DB_PASSWORD`   | `owgw`     |
-| `OWSEC_DB`           | `owsec`    |
-| `OWSEC_DB_USER`      | `owsec`    |
-| `OWSEC_DB_PASSWORD`  | `owsec`    |
-| `OWFMS_DB`           | `owfms`    |
-| `OWFMS_DB_USER`      | `owfms`    |
-| `OWFMS_DB_PASSWORD`  | `owfms`    |
-| `OWPROV_DB`          | `owprov`   |
-| `OWPROV_DB_USER`     | `owprov`   |
-| `OWPROV_DB_PASSWORD` | `owprov`   |
-3. Depending on whether you want to use [self-signed certificates](#non-lb-deployment-with-self-signed-certificates) or [provide your own](#non-lb-deployment-with-own-certificates), follow the instructions of the according deployment model. Spin up the deployment with `docker-compose -f docker-compose.yml -f docker-compose.postgresql.yml up -d`. It is recommended to create an alias for this deployment model with `alias docker-compose-postgresql="docker-compose -f docker-compose.yml -f docker-compose.postgresql.yml"`.
-## LB deployment with self-signed certificates
-Follow the same instructions as for the self-signed deployment without Traefik. The only difference is that you have to spin up the deployment with `docker-compose -f docker-compose.lb.selfsigned.yml --env-file .env.selfsigned up -d`. Make sure to specify the Compose and the according .env file every time you're working with the deployment or create an alias, for example `alias docker-compose-lb-selfsigned="docker-compose -f docker-compose.lb.selfsigned.yml --env-file .env.selfsigned"`. You also have the possibility to scale specific services to a specified number of instances with `docker-compose-lb-selfsigned up -d --scale SERVICE=NUM`, where `SERVICE` is the service name as defined in the Compose file.
-## LB deployment with Letsencrypt certificates
-For the Letsencrypt challenge to work you need a public IP address. The hostnames which you set for the microservices have to resolve to this IP address to pass the HTTP-01 challenge (https://letsencrypt.org/docs/challenge-types/#http-01-challenge).
-1. Switch into the project directory with `cd docker-compose/`.
-2. Adapt the following hostname and URI variables according to your environment.
-### .env.letsencrypt
-| Variable                  | Description                                                                |
-| ------------------------- | -------------------------------------------------------------------------- |
-| `OWGW_HOSTNAME`           | Set this to your OWGW hostname, for example `owgw.example.com`.            |
-| `OWGWUI_HOSTNAME`         | Set this to your OWGW-UI hostname, for example `owgw-ui.example.com`.      |
-| `OWGWFILEUPLOAD_HOSTNAME` | Set this to your OWGW fileupload hostname, for example `owgw.example.com`. |
-| `OWSEC_HOSTNAME`          | Set this to your OWSec hostname, for example `owsec.example.com`.          |
-| `OWFMS_HOSTNAME`          | Set this to your OWFms hostname, for example `owfms.example.com`.          |
-| `OWPROV_HOSTNAME`         | Set this to your OWProv hostname, for example `owprov.example.com`.        |
-| `OWPROVUI_HOSTNAME`       | Set this to your OWProv-UI hostname, for example `owprov-ui.example.com`.  |
-| `RTTYS_HOSTNAME`          | Set this to your RTTYS hostname, for example `rttys.example.com`.          |
+The `--cacert` option is necessary since the REST API certificates are self-signed. Omit the option if you provide your own signed certificates.
 
-### owgw.env
-| Variable                 | Description                                                                         |
-| -----------------------  | ----------------------------------------------------------------------------------- |
-| `FILEUPLOADER_HOST_NAME` | Set this to your OWGW fileupload hostname, for example `owgw.example.com`.          |
-| `FILEUPLOADER_URI`       | Set this to your OWGW fileupload URL, for example `https://owgw.example.com:16003`. |
-| `SYSTEM_URI_PUBLIC`      | Set this to your OWGW REST API URL, for example `https://owgw.example.com:16002`.   |
-| `RTTY_SERVER`            | Set this to your public RTTY server hostname, for example `rttys.example.com`.      |
-| `SYSTEM_URI_UI`          | Set this to your OWGW-UI URL, for example `https://owgw-ui.example.com`.            |
-
-### owgw-ui.env
-| Variable            | Description                                                                |
-| ------------------- | -------------------------------------------------------------------------- |
-| `DEFAULT_OWSEC_URL` | Set this to your OWSec URL, for example `https://owsec.example.com:16001`. |
-
-### owsec.env
-| Variable            | Description                                                                |
-| ------------------- | -------------------------------------------------------------------------- |
-| `SYSTEM_URI_PUBLIC` | Set this to your OWSec URL, for example `https://owsec.example.com:16001`. |
-| `SYSTEM_URI_UI`     | Set this to your OWGW-UI URL, for example `https://owgw-ui.example.com`.   |
-
-### owfms.env
-| Variable            | Description                                                                |
-| ------------------- | -------------------------------------------------------------------------- |
-| `SYSTEM_URI_PUBLIC` | Set this to your OWFms URL, for example `https://owfms.example.com:16004`. |
-| `SYSTEM_URI_UI`     | Set this to your OWGW-UI URL, for example `https://owgw-ui.example.com`.   |
-### owprov.env
-| Variable             | Description                                                                  |
-| -------------------- | ---------------------------------------------------------------------------- |
-| `SYSTEM_URI_PUBLIC`  | Set this to your OWProv URL, for example `https://owprov.example.com:16005`. |
-| `SYSTEM_URI_UI`      | Set this to your OWGW-UI URL, for example `https://owgw-ui.example.com`.     |
-### owprov-ui.env
-| Variable                  | Description                                                                |
-| ------------------------- | -------------------------------------------------------------------------- |
-| `DEFAULT_UCENTRALSEC_URL` | Set this to your OWSec URL, for example `https://owsec.example.com:16001`. |
-### traefik.env
-| Variable                                            | Description                               |
-| --------------------------------------------------- | ----------------------------------------- |
-| `TRAEFIK_CERTIFICATESRESOLVERS_OPENWIFI_ACME_EMAIL` | Email address used for ACME registration. |
-3. Spin up the deployment with `docker-compose -f docker-compose.lb.letsencrypt.yml --env-file .env.letsencrypt up -d`. Make sure to specify the Compose and the according .env file every time you're working with the deployment or create an alias, for example `alias docker-compose-lb-letsencrypt="docker-compose -f docker-compose.lb.letsencrypt.yml --env-file .env.letsencrypt"`. You also have the possibility to scale specific services to a specified number of instances with `docker-compose-lb-letsencrypt up -d --scale SERVICE=NUM`, where `SERVICE` is the service name as defined in the Compose file.
-4. Check if the containers are up and running with `docker-compose-lb-letsencrypt ps`.
-5. Login to the UI and follow the instructions to change your default password.
-## OWLS deployment with self-signed certificates
-To run a load simulation you need to obtain a TIP signed client certificate which will be used to connect to the gateway. The certificate CN has to start with the characters `53494d` like it is described [here](https://github.com/Telecominfraproject/wlan-cloud-owls#get-a-simulator-key). Be aware that since the OWLS deployment partly exposes the same ports on the host as the OpenWifi deployment, it is not intended that both run on the same host.
-1. Copy or move your TIP signed load simulation client certificate into the `docker-compose/certs` directory. Don't forget to name the files `device-cert.pem` and `device-key.pem` or adapt the path names in the OWLS configuration if you're using different file names.
-2. To be able to run load simulation tests against your OpenWifi deployment, you'll have to [configure the OWGW microservice](https://github.com/Telecominfraproject/wlan-cloud-owls#prepare-your-openwifi-gateway) to allow load simulation tests. You can do that by either editing the OWGW env file or doing the changes directly in the OWGW configuration file if it is exposed on the host.
-3. Switch into the project directory with `cd docker-compose/owls`.
-4. Add an entry for `openwifi-owls.wlan.local` in your hosts file which points to `127.0.0.1` or whatever the IP of the host running the OWLS deployment is.
-5. Spin up the deployment with `docker-compose up -d`.
-6. Check if the containers are up and running with `docker-compose ps`.
-7. Add SSL certificate exceptions in your browser by visiting https://openwifi-owls.wlan.local:16001 and https://openwifi-owls.wlan.local:16007.
-8. If you're using an OpenWifi deployment with self-signed certificates, you'll have to add a custom hosts entry for `openwifi.wlan.local` on the machine running the OWLS deployment pointing to the remote IP of your OpenWifi host.
-9. Login to the UI by visiting https://openwifi-owls.wlan.local and follow the instructions to change your default password.
-10. In the Simulation tab, click on the + sign on the right side to add a load simulation.
-11. Fill out the required fields. MAC prefix is used for the MAC addresses of the simulated devices, so you can use any six-digit hexadecimal number. Specify the remote address of your OpenWifi gateway in the Gateway field, for example `https://openwifi.wlan.local:15002`. Adapt the rest of the settings according to your needs.
-12. Click on the floppy disk icon to save your load simulation. You can run it by clicking the play symbol in the table view.
-
-**Note**: All deployments create local volumes to persist mostly application, database and certificate data. In addition to that the `certs/` directory is bind mounted into the microservice containers. Be aware that for the bind mounts the host directories and files will be owned by the user in the container. Since the files are under version control, you may have to change the ownership to your user again before pulling changes.
+PS: The deployment creates local volumes to persist mostly application and database data. In addition to that several bind mounts are created: one for the `docker-compose/certs/` directory which is used by multiple services, and the other ones mount service specific data directories and configuration files located under `docker-compose/` into the appropriate containers. Be aware that for the bind mounts the host directories and files will be owned by the user in the container. Since the files are under version control, you may have to change the ownership to your user again before pulling changes.

docker-compose/add-ca-cert.sh

@@ -0,0 +1,10 @@
+#!/usr/bin/env bash
+set -e
+
+SERVICES="ucentralgw.wlan.local ucentralsec.wlan.local ucentralfms.wlan.local"
+
+for i in $SERVICES; do
+    docker-compose exec -T -u root $i apk add ca-certificates
+    docker cp certs/restapi-ca.pem ucentral_$i\_1:/usr/local/share/ca-certificates/
+    docker-compose exec -T -u root $i update-ca-certificates
+done

docker-compose/certs/restapi-ca.pem

@@ -1,18 +1,18 @@
 -----BEGIN CERTIFICATE-----
-MIIC1zCCAb+gAwIBAgIUcvD8UKybLhglR9dt/btowLEga18wDQYJKoZIhvcNAQEL
-BQAwFzEVMBMGA1UEAwwMKi53bGFuLmxvY2FsMB4XDTIxMDkyMjEwMzExNloXDTMx
-MDkyMDEwMzExNlowFzEVMBMGA1UEAwwMKi53bGFuLmxvY2FsMIIBIjANBgkqhkiG
-9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyFV2AbvlMx9TDgD171Q5eqT8HG5UFoZPEhTW
-87EjnpRYv07sDgnlMKnql4nnZG7ljEZw9Ln+bjJj+aYnBTG3xCAvSjbBJRC7Iyoe
-CqYaBIPFyjSQ3uhTXd17Yu3M5OCudV+R577O2CGBn+5HFCoz88gT06qLwq+XfpKq
-GslR2JToLjAdKIDQmJtmeBJh+FJ9/tJJipxR1M1qj9miqvQxx2+AWUYLzfVQAGCN
-Nuk5DjKzDQ4DU2uFbEMQobXCQsUQka5LZiqi8TgN3v5CqbqKPYV4KRiVmQ+g/ko2
-/z5z1Uz9kxZz7DD4GIO/w9k2c/95eewxjGqGynVK7ibO1Grp2wIDAQABoxswGTAX
-BgNVHREEEDAOggwqLndsYW4ubG9jYWwwDQYJKoZIhvcNAQELBQADggEBAMfB/psY
-ivIHemtBFIPmuGZyan3Wdg5c3cbDLP8XhgS3CovH3+eMfqHfUQMEVnzvn0pb5SPG
-1qEQC6BPPBJexDLQ8PUNNtIeFk9phoJmkkkTLggrCoW5FLgxPJYVU4Lc7fpVdeFd
-UImExdoWQDSiWjMGYlS078c2Gd2eQSZ2So2kQGSRVUXlnr9LFGtSkrtVTXVQyfz4
-oIftZ1FQguMp/a58pmzhkMLQGBm8d0gaFlfKzpnGL/nEwWV5AbvNHgVz1BZn0v5a
-vv3+ex6qQ4Ftbq++G/1rfXQP+KOwOj62zUkXQIwJVVU2HMc4D1CrG98PRZqMuUrk
-SxsLQQSPsKFSqTc=
+MIIC4DCCAcgCCQC7oc+4dT4WlTANBgkqhkiG9w0BAQsFADAyMQswCQYDVQQGEwJD
+QTEMMAoGA1UECgwDVElQMRUwEwYDVQQDDAwqLndsYW4ubG9jYWwwHhcNMjEwNzA3
+MDkyOTAxWhcNMzEwNzA1MDkyOTAxWjAyMQswCQYDVQQGEwJDQTEMMAoGA1UECgwD
+VElQMRUwEwYDVQQDDAwqLndsYW4ubG9jYWwwggEiMA0GCSqGSIb3DQEBAQUAA4IB
+DwAwggEKAoIBAQD67KEKKHj1xyj0Sc+/WSFeXluhp+76V/8njnGcTus8IsaHWeAj
+O1T1/PnqNMNP3CSgCpAZRn7Eom33HH89pC7iIE5t3aGrFzxZ6AxFgECUCkby1j9D
+j7PawapJ7XNqT4P4ZGEGOWlLGE9oUpF2pr3B3jBwmV9t9d/Zp8na23K7rnsr5kNn
+RXp6iPNPpynppNQFBwzsovyhu9tzk/zz3gohSY9f6oyNNaKcZwN/yrG4B8FnRfa7
+WFNvkPi5zAjJ3oEXMp+Im2/SvSqzptYwZhplb14ILZ5ClkSwAslG8FiOAzXr887r
+hgEPzqP6SNIOwy/B/AMOFQl6wPvXBwz9eNW1AgMBAAEwDQYJKoZIhvcNAQELBQAD
+ggEBAA8Oa8jannqNRdqOuY460Pum1B61kGmf2OK2ZiMaddlxqL3ZBdXPqF02hwSd
+q6uxCVP5NgvqSm+pTHaDcODJiCBrMmGQqHT82LuoCyk1BMqH/PYm+kfazPhKF31x
+Me7E47DQzk4tMyV28HBCHH6UicQ05ryT1yBfmj8JmYNx9ezmJcanu0/eyI2Lv8Ar
+Y7mrgblfOUnsif2w/aUaOsoY1t6/ThgTBc3BTMtUXXAcMiPLu4mSdN6nCm75Qp5q
+4zl/SNPjLnmtpHhLDtr4swf6vZw0RG7ECCf6Av8lv8mJG6g53YM8jfe0EzLqbAFf
+iSuQbt5n6lMWVgv+FKwXjwAda+Q=
 -----END CERTIFICATE-----

docker-compose/certs/restapi-cert.pem

@@ -1,18 +1,18 @@
 -----BEGIN CERTIFICATE-----
-MIIC1zCCAb+gAwIBAgIUcvD8UKybLhglR9dt/btowLEga18wDQYJKoZIhvcNAQEL
-BQAwFzEVMBMGA1UEAwwMKi53bGFuLmxvY2FsMB4XDTIxMDkyMjEwMzExNloXDTMx
-MDkyMDEwMzExNlowFzEVMBMGA1UEAwwMKi53bGFuLmxvY2FsMIIBIjANBgkqhkiG
-9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyFV2AbvlMx9TDgD171Q5eqT8HG5UFoZPEhTW
-87EjnpRYv07sDgnlMKnql4nnZG7ljEZw9Ln+bjJj+aYnBTG3xCAvSjbBJRC7Iyoe
-CqYaBIPFyjSQ3uhTXd17Yu3M5OCudV+R577O2CGBn+5HFCoz88gT06qLwq+XfpKq
-GslR2JToLjAdKIDQmJtmeBJh+FJ9/tJJipxR1M1qj9miqvQxx2+AWUYLzfVQAGCN
-Nuk5DjKzDQ4DU2uFbEMQobXCQsUQka5LZiqi8TgN3v5CqbqKPYV4KRiVmQ+g/ko2
-/z5z1Uz9kxZz7DD4GIO/w9k2c/95eewxjGqGynVK7ibO1Grp2wIDAQABoxswGTAX
-BgNVHREEEDAOggwqLndsYW4ubG9jYWwwDQYJKoZIhvcNAQELBQADggEBAMfB/psY
-ivIHemtBFIPmuGZyan3Wdg5c3cbDLP8XhgS3CovH3+eMfqHfUQMEVnzvn0pb5SPG
-1qEQC6BPPBJexDLQ8PUNNtIeFk9phoJmkkkTLggrCoW5FLgxPJYVU4Lc7fpVdeFd
-UImExdoWQDSiWjMGYlS078c2Gd2eQSZ2So2kQGSRVUXlnr9LFGtSkrtVTXVQyfz4
-oIftZ1FQguMp/a58pmzhkMLQGBm8d0gaFlfKzpnGL/nEwWV5AbvNHgVz1BZn0v5a
-vv3+ex6qQ4Ftbq++G/1rfXQP+KOwOj62zUkXQIwJVVU2HMc4D1CrG98PRZqMuUrk
-SxsLQQSPsKFSqTc=
+MIIC4DCCAcgCCQC7oc+4dT4WlTANBgkqhkiG9w0BAQsFADAyMQswCQYDVQQGEwJD
+QTEMMAoGA1UECgwDVElQMRUwEwYDVQQDDAwqLndsYW4ubG9jYWwwHhcNMjEwNzA3
+MDkyOTAxWhcNMzEwNzA1MDkyOTAxWjAyMQswCQYDVQQGEwJDQTEMMAoGA1UECgwD
+VElQMRUwEwYDVQQDDAwqLndsYW4ubG9jYWwwggEiMA0GCSqGSIb3DQEBAQUAA4IB
+DwAwggEKAoIBAQD67KEKKHj1xyj0Sc+/WSFeXluhp+76V/8njnGcTus8IsaHWeAj
+O1T1/PnqNMNP3CSgCpAZRn7Eom33HH89pC7iIE5t3aGrFzxZ6AxFgECUCkby1j9D
+j7PawapJ7XNqT4P4ZGEGOWlLGE9oUpF2pr3B3jBwmV9t9d/Zp8na23K7rnsr5kNn
+RXp6iPNPpynppNQFBwzsovyhu9tzk/zz3gohSY9f6oyNNaKcZwN/yrG4B8FnRfa7
+WFNvkPi5zAjJ3oEXMp+Im2/SvSqzptYwZhplb14ILZ5ClkSwAslG8FiOAzXr887r
+hgEPzqP6SNIOwy/B/AMOFQl6wPvXBwz9eNW1AgMBAAEwDQYJKoZIhvcNAQELBQAD
+ggEBAA8Oa8jannqNRdqOuY460Pum1B61kGmf2OK2ZiMaddlxqL3ZBdXPqF02hwSd
+q6uxCVP5NgvqSm+pTHaDcODJiCBrMmGQqHT82LuoCyk1BMqH/PYm+kfazPhKF31x
+Me7E47DQzk4tMyV28HBCHH6UicQ05ryT1yBfmj8JmYNx9ezmJcanu0/eyI2Lv8Ar
+Y7mrgblfOUnsif2w/aUaOsoY1t6/ThgTBc3BTMtUXXAcMiPLu4mSdN6nCm75Qp5q
+4zl/SNPjLnmtpHhLDtr4swf6vZw0RG7ECCf6Av8lv8mJG6g53YM8jfe0EzLqbAFf
+iSuQbt5n6lMWVgv+FKwXjwAda+Q=
 -----END CERTIFICATE-----

docker-compose/certs/restapi-key.pem

@@ -1,28 +1,28 @@
 -----BEGIN PRIVATE KEY-----
-MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDIVXYBu+UzH1MO
-APXvVDl6pPwcblQWhk8SFNbzsSOelFi/TuwOCeUwqeqXiedkbuWMRnD0uf5uMmP5
-picFMbfEIC9KNsElELsjKh4KphoEg8XKNJDe6FNd3Xti7czk4K51X5Hnvs7YIYGf
-7kcUKjPzyBPTqovCr5d+kqoayVHYlOguMB0ogNCYm2Z4EmH4Un3+0kmKnFHUzWqP
-2aKq9DHHb4BZRgvN9VAAYI026TkOMrMNDgNTa4VsQxChtcJCxRCRrktmKqLxOA3e
-/kKpuoo9hXgpGJWZD6D+Sjb/PnPVTP2TFnPsMPgYg7/D2TZz/3l57DGMaobKdUru
-Js7UaunbAgMBAAECggEBAMFh9dMArORnhYYMGVuY4w9n+dH8EoHXzrY2lbSRtz+a
-Ff0+UxHOLYaHT2RPA6Xogv+g8+LZNCjtzaIs6JfUAX96TgwGxPVhrDPqsSs4Yf8f
-sKtbiMkUXX1LkpLR2KrL1LyKr86UWxk5ZuaaXdSyVIosBi+Z/uXFGKlfLINE+RPm
-HNxahajMoNJFqgf3kQKD6hmuPSO/BGAdDk/c8J2adTRz3cjEqaqfxwOxUNnHx0hC
-CGkw/Eszibnl/7KhbsKBcVcCKKcwbifwXb2H4h9yJl1YEzXALhunWhCT6/QQ1F9b
-XV7iVSXYt5QAxFTgGbGHmzfXMq7s2evYodMe87OEl+ECgYEA5qNUa6ol/WkvFy6O
-gnouswspQcR9yuKIIrYuORPI+85HfZEJQvdLyoIQgkDCl14SZRmProFBXXUGZU1D
-9VxW2TIftlFH9wwFhrWMBFPcRvNL3PSFQTzWwsF3IFcXQOlAwxr9KF741OFnSLWh
-LXFXXfQq9wQbBUwbrZDl4PKaGesCgYEA3l0KgRxzQHKnxfSGqk7V21mqYv8XNuVh
-ZhUukJoASQh59zbk2Jthu3HfQPmi83IBbR39QD5FLwNftNMeZf3GSHba8nSYYvtw
-faUMD2far7mDR8wuBPqRWBbNgpiL2Bp93K8kUFqujjZo5E6cVPdvKi9/9oVRZnew
-8AZwVPFqA9ECgYB0/9otm+0Vtqw62FVW/2B9V2YghOtDZtOkuEKOlejZRHWjz1Wh
-cQ4ztvNlADE21HQEcYkf/1YHcPxDm4SkDanJGNJZjLYzLxgGlEZpU5llLLsJZcnL
-pG9V8QrbjxKuzSUbVK+kMTmN1KKukeUnxl2JvfmlwaFreIZ58A2NpcRi7QKBgQDI
-fhWhklhsjLSvbSoa1xhGPhO+TQjOa4YleAXTRbfqIeVuvKUclQVK8IJ+4FdHr8yP
-aVHWIg9ZM26Q6SZoiafF4LzLjct0vAeSkkVMgrSQavFuxC/eN1rjlTPZg9fbkw9W
-8ugIN6tZ+L8c07Brf+pQnCGB0nUxscvsr7GLNV0EcQKBgEo51BY0PFEKcKjSZp0i
-excPcHdSQV3/BLOhc7rzmmQyRUXFTGbiE0lKvu0Y54NLHnb2WP1H8M45mIUH5YTh
-tOKvBtlh/4vbCAGWv8OJzN+sV9Ef/0odCHiWr//prkpdGs2jFS3VDiJALj3hxpox
-oThwxq1WTyi9ln3MJCWUqAQ9
+MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQD67KEKKHj1xyj0
+Sc+/WSFeXluhp+76V/8njnGcTus8IsaHWeAjO1T1/PnqNMNP3CSgCpAZRn7Eom33
+HH89pC7iIE5t3aGrFzxZ6AxFgECUCkby1j9Dj7PawapJ7XNqT4P4ZGEGOWlLGE9o
+UpF2pr3B3jBwmV9t9d/Zp8na23K7rnsr5kNnRXp6iPNPpynppNQFBwzsovyhu9tz
+k/zz3gohSY9f6oyNNaKcZwN/yrG4B8FnRfa7WFNvkPi5zAjJ3oEXMp+Im2/SvSqz
+ptYwZhplb14ILZ5ClkSwAslG8FiOAzXr887rhgEPzqP6SNIOwy/B/AMOFQl6wPvX
+Bwz9eNW1AgMBAAECggEAZdJT3u1heEqjAc5Z8QnYEpUzlbuxrAC9V23kCEu2BScP
+bKk53NIcvd00BKf4gZWRfygKJVeH5X8MJHR55aeUJsp5SPfgvK6nHMye/iz3B5vM
+AoqSDXZow2JHGcyzQvaVVNxWytHNOl3ZCzpGMOGkquDgwzBZmyNk/Muri5X1TtbH
+DgeYdht2YiHqHdGWsLNU1vZAgzlwD8fXg65XOmNehjWnowhpNRCgpcDeJCtEuNzt
+6iXFWffjO6YTbVnoM5xhLROjLv6gYP4wxsQSZc/NGz9Jow7VxlYZg9wCE75bduFn
+7D5O4OgVgPgYbyCutpB/o4PMNURb4V/5p2OAEgLX2QKBgQD+kHYRAaawRbaY4jGf
+isj0oh2C/Z99Mqf/nnpPwmUwrhpmnQ+pRdWBw940tPrEpVoOcCPWQ5hO1zUET18d
+xQqs3zd6lEhJogmMqkjOT670YBEX/wyALd3M5F3HT/K2aixL1XaCCpAl97JB9RyB
+zGIr5c+mIOVK/uYrlFO28thXzwKBgQD8VumZIYZpWeE7pTyCg0PcDYlNATA/VKoD
+9YrGqEEHGgFNJEWj8Xj8aqBzaPoUk+eGp7NfSoOchVM+Bf3ktWy5doZCmNuxlOyq
+Ix5yrB2jyYceaSf2nxHqlD2VhKB/YJx0yTU1UkB5dG4nYnqiUg7c5JeQOVzwFKm1
+t6/Hk/cXOwKBgGT+yWjL3+cVcXFMZGWouTudSdobZ3hTbaWTqXEVbfIXUPAfJgSB
+aUi3feQpXUhBVe5efUlXvgihhy4zk0gLUcXuNWOTiu5ztBgzwvjfUkkwB/geP0Zn
+bBULEU2vIVtP2k0n3oGPUUtO71ENvwacIOLLpUuCx5WudYEasu/lfwGvAoGBAOiE
+manuF3HaTU3tu20z0YLiwkK/tpqUxDjzuBXIEmudzdcsdjNUHbzR79mIwO/XPf95
+ZjKHcfD3dbXwRXzKpE3dZmfVfJMM/GrmA3d9G67B04z1Lsr01siGIp004cOd3W1L
+vojMqvZ/j8Ug3InX/TQUO4i9IuNi1uLISOQpdwTjAoGAG33swIFnH/mz7ubu8wfE
+9nwe8NNf56kbFBG2FMuHvo8GYj0sqylwtZnh4TCwlTzqUO8e6oFdK8Ot6z7H9Fa3
+vnDD2WRwEFydRP5fbW5eFmGbzLfHlzUY+Do81qrUMF47LEN94X7yaXdb/vNW57lp
+K9hGF1Bdk8089Knm3l1Fc4w=
 -----END PRIVATE KEY-----

docker-compose/docker-compose.lb.letsencrypt.yml

@@ -1,187 +0,0 @@
-version: '3'
-
-volumes:
-  owgw_data:
-    driver: local
-  owsec_data:
-    driver: local
-  owfms_data:
-    driver: local
-  owprov_data:
-    driver: local
-  zookeeper_data:
-    driver: local
-  zookeeper_datalog:
-    driver: local
-  kafka_data:
-    driver: local
-  letsencrypt_certs:
-    driver: local
-
-networks:
-  openwifi:
-
-services:
-  owgw:
-    image: "tip-tip-wlan-cloud-ucentral.jfrog.io/owgw:${OWGW_TAG}"
-    networks:
-      openwifi:
-        aliases:
-          - ${INTERNAL_OWGW_HOSTNAME}
-    env_file:
-      - .env.letsencrypt
-      - owgw.env
-    depends_on:
-      - kafka
-      - rttys
-    restart: unless-stopped
-    volumes:
-      - owgw_data:${OWGW_ROOT}/persist
-      - ./certs:/${OWGW_ROOT}/certs
-    sysctls:
-      - net.ipv4.tcp_keepalive_intvl=5
-      - net.ipv4.tcp_keepalive_probes=2
-      - net.ipv4.tcp_keepalive_time=45
-
-  owgw-ui:
-    image: "tip-tip-wlan-cloud-ucentral.jfrog.io/owgw-ui:${OWGWUI_TAG}"
-    networks:
-      openwifi:
-        aliases:
-          - ${INTERNAL_OWGWUI_HOSTNAME}
-    env_file:
-      - owgw-ui.env
-    depends_on:
-      - owsec
-      - owgw
-      - owfms
-      - owprov
-    restart: unless-stopped
-
-  owsec:
-    image: "tip-tip-wlan-cloud-ucentral.jfrog.io/owsec:${OWSEC_TAG}"
-    networks:
-      openwifi:
-        aliases:
-          - ${INTERNAL_OWSEC_HOSTNAME}
-    env_file:
-      - .env.letsencrypt
-      - owsec.env
-    depends_on:
-      - kafka
-    restart: unless-stopped
-    volumes:
-      - owsec_data:${OWSEC_ROOT}/persist
-      - ./certs:/${OWSEC_ROOT}/certs
-
-  owfms:
-    image: "tip-tip-wlan-cloud-ucentral.jfrog.io/owfms:${OWFMS_TAG}"
-    networks:
-      openwifi:
-        aliases:
-          - ${INTERNAL_OWFMS_HOSTNAME}
-    env_file:
-      - .env.letsencrypt
-      - owfms.env
-    depends_on:
-      - kafka
-    restart: unless-stopped
-    volumes:
-      - owfms_data:${OWFMS_ROOT}/persist
-      - ./certs:/${OWFMS_ROOT}/certs
-
-  owprov:
-    image: "tip-tip-wlan-cloud-ucentral.jfrog.io/owprov:${OWPROV_TAG}"
-    networks:
-      openwifi:
-        aliases:
-          - ${INTERNAL_OWPROV_HOSTNAME}
-    env_file:
-      - .env.letsencrypt
-      - owprov.env
-    depends_on:
-      - kafka
-    restart: unless-stopped
-    volumes:
-      - owprov_data:${OWPROV_ROOT}
-      - ./certs:/${OWPROV_ROOT}/certs
-
-  owprov-ui:
-    image: "tip-tip-wlan-cloud-ucentral.jfrog.io/owprov-ui:${OWPROVUI_TAG}"
-    networks:
-      openwifi:
-        aliases:
-          - ${INTERNAL_OWPROVUI_HOSTNAME}
-    env_file:
-      - owprov-ui.env
-    depends_on:
-      - owsec
-      - owgw
-      - owfms
-      - owprov
-    restart: unless-stopped
-
-  rttys:
-    image: "tip-tip-wlan-cloud-ucentral.jfrog.io/rttys:${RTTYS_TAG}"
-    networks:
-      openwifi:
-        aliases:
-          - ${INTERNAL_RTTYS_HOSTNAME}
-    restart: unless-stopped
-    volumes:
-      - "./certs/restapi-cert.pem:/etc/rttys/restapi-cert.pem"
-      - "./certs/restapi-key.pem:/etc/rttys/restapi-key.pem"
-      - "./rttys/rttys_letsencrypt.conf:/rttys/rttys.conf"
-
-  zookeeper:
-    image: "zookeeper:${ZOOKEEPER_TAG}"
-    networks:
-      openwifi:
-    restart: unless-stopped
-    volumes:
-      - zookeeper_data:/data
-      - zookeeper_datalog:/datalog
-
-  kafka:
-    image: "docker.io/bitnami/kafka:${KAFKA_TAG}"
-    networks:
-      openwifi:
-    env_file:
-      - kafka.env
-    restart: unless-stopped
-    depends_on:
-      - zookeeper
-    volumes:
-      - kafka_data:/bitnami/kafka
-
-  traefik:
-    image: "traefik:${TRAEFIK_TAG}"
-    networks:
-      openwifi:
-    env_file:
-      - .env.letsencrypt
-      - traefik.env
-    depends_on:
-      - owsec
-      - owgw
-      - owgw-ui
-      - owfms
-      - owprov
-      - owprov-ui
-      - rttys
-    restart: unless-stopped
-    volumes:
-      - "./traefik/openwifi_letsencrypt.yaml:/etc/traefik/openwifi.yaml"
-      - "./certs/restapi-ca.pem:/certs/restapi-ca.pem"
-      - "letsencrypt_certs:/letsencrypt"
-    ports:
-      - "15002:15002"
-      - "16002:16002"
-      - "16003:16003"
-      - "80:80"
-      - "443:443"
-      - "16001:16001"
-      - "16004:16004"
-      - "16005:16005"
-      - "5912:5912"
-      - "5913:5913"

docker-compose/docker-compose.lb.selfsigned.yml

@@ -1,189 +0,0 @@
-version: '3'
-
-volumes:
-  owgw_data:
-    driver: local
-  owsec_data:
-    driver: local
-  owfms_data:
-    driver: local
-  owprov_data:
-    driver: local
-  zookeeper_data:
-    driver: local
-  zookeeper_datalog:
-    driver: local
-  kafka_data:
-    driver: local
-
-networks:
-  openwifi:
-
-services:
-  owgw:
-    image: "tip-tip-wlan-cloud-ucentral.jfrog.io/owgw:${OWGW_TAG}"
-    networks:
-      openwifi:
-        aliases:
-          - ${INTERNAL_OWGW_HOSTNAME}
-    env_file:
-      - .env.selfsigned
-      - owgw.env
-    depends_on:
-      - kafka
-      - rttys
-    restart: unless-stopped
-    volumes:
-      - owgw_data:${OWGW_ROOT}/persist
-      - ./certs:/${OWGW_ROOT}/certs
-    sysctls:
-      - net.ipv4.tcp_keepalive_intvl=5
-      - net.ipv4.tcp_keepalive_probes=2
-      - net.ipv4.tcp_keepalive_time=45
-
-  owgw-ui:
-    image: "tip-tip-wlan-cloud-ucentral.jfrog.io/owgw-ui:${OWGWUI_TAG}"
-    env_file: 
-      - owgw-ui.env
-    networks:
-      openwifi:
-        aliases:
-          - ${INTERNAL_OWGWUI_HOSTNAME}
-    env_file:
-      - owgw-ui.env
-    depends_on:
-      - owsec
-      - owgw
-      - owfms
-      - owprov
-    restart: unless-stopped
-
-  owsec:
-    image: "tip-tip-wlan-cloud-ucentral.jfrog.io/owsec:${OWSEC_TAG}"
-    networks:
-      openwifi:
-        aliases:
-          - ${INTERNAL_OWSEC_HOSTNAME}
-    env_file:
-      - .env.selfsigned
-      - owsec.env
-    depends_on:
-      - kafka
-    restart: unless-stopped
-    volumes:
-      - owsec_data:${OWSEC_ROOT}/persist
-      - ./certs:/${OWSEC_ROOT}/certs
-
-  owfms:
-    image: "tip-tip-wlan-cloud-ucentral.jfrog.io/owfms:${OWFMS_TAG}"
-    networks:
-      openwifi:
-        aliases:
-          - ${INTERNAL_OWFMS_HOSTNAME}
-    env_file:
-      - .env.selfsigned
-      - owfms.env
-    depends_on:
-      - kafka
-    restart: unless-stopped
-    volumes:
-      - owfms_data:${OWFMS_ROOT}/persist
-      - ./certs:/${OWFMS_ROOT}/certs
-
-  owprov:
-    image: "tip-tip-wlan-cloud-ucentral.jfrog.io/owprov:${OWPROV_TAG}"
-    networks:
-      openwifi:
-        aliases:
-          - ${INTERNAL_OWPROV_HOSTNAME}
-    env_file:
-      - .env.selfsigned
-      - owprov.env
-    depends_on:
-      - kafka
-    restart: unless-stopped
-    volumes:
-      - owprov_data:${OWPROV_ROOT}
-      - ./certs:/${OWPROV_ROOT}/certs
-
-  owprov-ui:
-    image: "tip-tip-wlan-cloud-ucentral.jfrog.io/owprov-ui:${OWPROVUI_TAG}"
-    networks:
-      openwifi:
-        aliases:
-          - ${INTERNAL_OWPROVUI_HOSTNAME}
-    env_file:
-      - owprov-ui.env
-    depends_on:
-      - owsec
-      - owgw
-      - owfms
-      - owprov
-    restart: unless-stopped
-
-  rttys:
-    image: "tip-tip-wlan-cloud-ucentral.jfrog.io/rttys:${RTTYS_TAG}"
-    networks:
-      openwifi:
-        aliases:
-          - ${INTERNAL_RTTYS_HOSTNAME}
-    restart: unless-stopped
-    volumes:
-      - "./certs/restapi-cert.pem:/etc/rttys/restapi-cert.pem"
-      - "./certs/restapi-key.pem:/etc/rttys/restapi-key.pem"
-      - "./rttys/rttys.conf:/rttys/rttys.conf"
-
-  zookeeper:
-    image: "zookeeper:${ZOOKEEPER_TAG}"
-    networks:
-      openwifi:
-    restart: unless-stopped
-    volumes:
-      - zookeeper_data:/data
-      - zookeeper_datalog:/datalog
-
-  kafka:
-    image: "docker.io/bitnami/kafka:${KAFKA_TAG}"
-    networks:
-      openwifi:
-    env_file:
-      - kafka.env
-    restart: unless-stopped
-    depends_on:
-      - zookeeper
-    volumes:
-      - kafka_data:/bitnami/kafka
-
-  traefik:
-    image: "traefik:${TRAEFIK_TAG}"
-    networks:
-      openwifi:
-    env_file:
-      - traefik.env
-    depends_on:
-      - owsec
-      - owgw
-      - owgw-ui
-      - owfms
-      - owprov
-      - owprov-ui
-      - rttys
-    restart: unless-stopped
-    volumes:
-      - "./traefik/openwifi_selfsigned.yaml:/etc/traefik/openwifi.yaml"
-      - "./certs/restapi-ca.pem:/certs/restapi-ca.pem"
-      - "./certs/restapi-cert.pem:/certs/restapi-cert.pem"
-      - "./certs/restapi-key.pem:/certs/restapi-key.pem"
-    ports:
-      - "15002:15002"
-      - "16002:16002"
-      - "16003:16003"
-      - "80:80"
-      - "8080:8080"
-      - "443:443"
-      - "8443:8443"
-      - "16001:16001"
-      - "16004:16004"
-      - "16005:16005"
-      - "5912:5912"
-      - "5913:5913"

docker-compose/docker-compose.postgresql.yml

@@ -1,37 +0,0 @@
-version: '3'
-
-volumes:
-  postgresql_data:
-    driver: local
-
-services:
-  owgw:
-    depends_on:
-      - postgresql
-    command: ["./wait-for-postgres.sh", "postgresql", "/openwifi/owgw"]
-
-  owsec:
-    depends_on:
-      - postgresql
-    command: ["./wait-for-postgres.sh", "postgresql", "/openwifi/owsec"]
-
-  owfms:
-    depends_on:
-      - postgresql
-    command: ["./wait-for-postgres.sh", "postgresql", "/openwifi/owfms"]
-
-  owprov:
-    depends_on:
-      - postgresql
-    command: ["./wait-for-postgres.sh", "postgresql", "/openwifi/owprov"]
-
-  postgresql:
-    image: "postgres:${POSTGRESQL_TAG}"
-    networks:
-      openwifi:
-    env_file:
-      - postgresql.env
-    restart: unless-stopped
-    volumes:
-      - postgresql_data:/var/lib/postgresql/data
-      - ./postgresql/init-db.sh:/docker-entrypoint-initdb.d/init-db.sh

docker-compose/docker-compose.yml

@@ -8,146 +8,77 @@ volumes:
   kafka_data:
     driver: local
 
-networks:
-  openwifi:
-
 services:
-  owgw:
-    image: "tip-tip-wlan-cloud-ucentral.jfrog.io/owgw:${OWGW_TAG}"
-    networks:
-      openwifi:
-        aliases:
-          - ${INTERNAL_OWGW_HOSTNAME}
+  ucentralgw.wlan.local:
+    image: "tip-tip-wlan-cloud-ucentral.jfrog.io/ucentralgw:${UCENTRALGW_TAG}"
     env_file:
-      - owgw.env
-    depends_on:
+      - .env_ucentralgw
+    depends_on: 
       - kafka
       - rttys
     restart: unless-stopped
-    volumes:
-      - "./owgw_data:${OWGW_ROOT}"
-      - "./certs:/${OWGW_ROOT}/certs"
     ports:
       - "15002:15002"
-      - "16002:16002"
-      - "16102:16102"
+      - "127.0.0.1:16002:16002"
       - "16003:16003"
-    sysctls:
-      - net.ipv4.tcp_keepalive_intvl=5
-      - net.ipv4.tcp_keepalive_probes=2
-      - net.ipv4.tcp_keepalive_time=45
-
-  owgw-ui:
-    image: "tip-tip-wlan-cloud-ucentral.jfrog.io/owgw-ui:${OWGWUI_TAG}"
-    networks:
-      openwifi:
-    env_file:
-      - owgw-ui.env
-    depends_on:
-      - owsec
-      - owgw
-      - owfms
-      - owprov
-    restart: unless-stopped
+      - "127.0.0.1:16102:16102"
     volumes:
-      - "./owgw-ui/default.conf:/etc/nginx/conf.d/default.conf"
-      - "./certs/restapi-cert.pem:/etc/nginx/restapi-cert.pem"
-      - "./certs/restapi-key.pem:/etc/nginx/restapi-key.pem"
-    ports:
-      - "80:80"
-      - "443:443"
+      - ./ucentralgw-data:/ucentralgw-data
+      - ./certs:/ucentralgw-data/certs
 
-  owsec:
-    image: "tip-tip-wlan-cloud-ucentral.jfrog.io/owsec:${OWSEC_TAG}"
-    networks:
-      openwifi:
-        aliases:
-          - ${INTERNAL_OWSEC_HOSTNAME}
+  ucentralgw-ui:
+    image: "tip-tip-wlan-cloud-ucentral.jfrog.io/ucentralgw-ui:${UCENTRALGWUI_TAG}"
     env_file:
-      - owsec.env
+      - .env_ucentralgw-ui
+    depends_on:
+      - ucentralsec.wlan.local
+      - ucentralgw.wlan.local
+      - ucentralfms.wlan.local
+    restart: unless-stopped
+    ports:
+      - "127.0.0.1:80:80"
+
+  ucentralsec.wlan.local:
+    image: "tip-tip-wlan-cloud-ucentral.jfrog.io/ucentralsec:${UCENTRALSEC_TAG}"
+    env_file:
+      - .env_ucentralsec
+    depends_on: 
+      - kafka
+    restart: unless-stopped
+    ports:
+      - "127.0.0.1:16001:16001"
+      - "127.0.0.1:16101:16101"
+    volumes:
+      - ./ucentralsec-data:/ucentralsec-data
+      - ./certs:/ucentralsec-data/certs
+
+  ucentralfms.wlan.local:
+    image: "tip-tip-wlan-cloud-ucentral.jfrog.io/ucentralfms:${UCENTRALFMS_TAG}"
+    env_file:
+      - .env_ucentralfms
     depends_on:
       - kafka
     restart: unless-stopped
-    volumes:
-      - "./owsec_data:${OWSEC_ROOT}"
-      - "./certs:/${OWSEC_ROOT}/certs"
     ports:
-      - "16001:16001"
-      - "16101:16101"
-
-  owfms:
-    image: "tip-tip-wlan-cloud-ucentral.jfrog.io/owfms:${OWFMS_TAG}"
-    networks:
-      openwifi:
-        aliases:
-          - ${INTERNAL_OWFMS_HOSTNAME}
-    env_file:
-      - owfms.env
-    depends_on:
-      - kafka
-    restart: unless-stopped
+      - "127.0.0.1:16004:16004"
+      - "127.0.0.1:16104:16104"
     volumes:
-      - "./owfms_data:${OWFMS_ROOT}"
-      - "./certs:/${OWFMS_ROOT}/certs"
-    ports:
-      - "16004:16004"
-      - "16104:16104"
-
-  owprov:
-    image: "tip-tip-wlan-cloud-ucentral.jfrog.io/owprov:${OWPROV_TAG}"
-    networks:
-      openwifi:
-        aliases:
-          - ${INTERNAL_OWPROV_HOSTNAME}
-    env_file:
-      - owprov.env
-    depends_on:
-      - kafka
-    restart: unless-stopped
-    volumes:
-      - "./owprov_data:${OWPROV_ROOT}"
-      - "./certs:/${OWPROV_ROOT}/certs"
-    ports:
-      - "16005:16005"
-      - "16105:16105"
-
-  owprov-ui:
-    image: "tip-tip-wlan-cloud-ucentral.jfrog.io/owprov-ui:${OWPROVUI_TAG}"
-    networks:
-      openwifi:
-    env_file:
-      - owprov-ui.env
-    depends_on:
-      - owsec
-      - owgw
-      - owfms
-      - owprov
-    restart: unless-stopped
-    volumes:
-      - "./owprov-ui/default.conf:/etc/nginx/conf.d/default.conf"
-      - "./certs/restapi-cert.pem:/etc/nginx/restapi-cert.pem"
-      - "./certs/restapi-key.pem:/etc/nginx/restapi-key.pem"
-    ports:
-      - "8080:8080"
-      - "8443:8443"
+      - ./ucentralfms-data:/ucentralfms-data
+      - ./certs:/ucentralfms-data/certs
 
   rttys:
     image: "tip-tip-wlan-cloud-ucentral.jfrog.io/rttys:${RTTYS_TAG}"
     restart: unless-stopped
-    networks:
-      openwifi:
-    volumes:
-      - "./certs/restapi-cert.pem:/etc/rttys/restapi-cert.pem"
-      - "./certs/restapi-key.pem:/etc/rttys/restapi-key.pem"
-      - "./rttys/rttys.conf:/rttys/rttys.conf"
     ports:
-      - "5912:5912"
-      - "5913:5913"
+    - "127.0.0.1:5912:5912"
+    - "127.0.0.1:5913:5913"
+    volumes:
+      - ./certs/restapi-cert.pem:/etc/rttys/restapi-cert.pem
+      - ./certs/restapi-key.pem:/etc/rttys/restapi-key.pem
+      - ./rttys/rttys.conf:/rttys/rttys.conf
 
   zookeeper:
     image: "zookeeper:${ZOOKEEPER_TAG}"
-    networks:
-      openwifi:
     restart: unless-stopped
     volumes:
       - zookeeper_data:/data
@@ -155,10 +86,8 @@ services:
 
   kafka:
     image: "docker.io/bitnami/kafka:${KAFKA_TAG}"
-    networks:
-      openwifi:
     env_file:
-      - kafka.env
+      - .env_kafka
     restart: unless-stopped
     depends_on:
       - zookeeper

docker-compose/owfms.env

@@ -1,41 +0,0 @@
-RUN_CHOWN=true
-TEMPLATE_CONFIG=true
-SELFSIGNED_CERTS=true
-
-OWFMS_ROOT=/owfms-data
-OWFMS_CONFIG=/owfms-data
-
-#RESTAPI_HOST_ROOTCA=$OWFMS_ROOT/certs/restapi-ca.pem
-#RESTAPI_HOST_PORT=16004
-#RESTAPI_HOST_CERT=$OWFMS_ROOT/certs/restapi-cert.pem
-#RESTAPI_HOST_KEY=$OWFMS_ROOT/certs/restapi-key.pem
-#RESTAPI_HOST_KEY_PASSWORD=mypassword
-#INTERNAL_RESTAPI_HOST_ROOTCA=$OWFMS_ROOT/certs/restapi-ca.pem
-#INTERNAL_RESTAPI_HOST_PORT=17004
-#INTERNAL_RESTAPI_HOST_CERT=$OWFMS_ROOT/certs/restapi-cert.pem
-#INTERNAL_RESTAPI_HOST_KEY=$OWFMS_ROOT/certs/restapi-key.pem
-#INTERNAL_RESTAPI_HOST_KEY_PASSWORD=mypassword
-#SERVICE_KEY=$OWFMS_ROOT/certs/restapi-key.pem
-#SERVICE_KEY_PASSWORD=mypassword
-SYSTEM_DATA=$OWFMS_ROOT/persist
-SYSTEM_URI_PRIVATE=https://owfms.wlan.local:17004
-SYSTEM_URI_PUBLIC=https://openwifi.wlan.local:16004
-SYSTEM_URI_UI=https://openwifi.wlan.local
-#S3_BUCKETNAME=ucentral-ap-firmware
-#S3_REGION=us-east-1
-S3_SECRET=b0S6EiR5RLIxoe7Xvz9YXPPdxQCoZ6ze37qunTAI
-S3_KEY=AKIAUG47UZG7R6SRLD7F
-#S3_BUCKET_URI=ucentral-ap-firmware.s3.amazonaws.com
-#KAFKA_ENABLE=true
-KAFKA_BROKERLIST=kafka:9092
-#STORAGE_TYPE=sqlite
-#STORAGE_TYPE_POSTGRESQL_HOST=localhost
-#STORAGE_TYPE_POSTGRESQL_USERNAME=owfms
-#STORAGE_TYPE_POSTGRESQL_PASSWORD=owfms
-#STORAGE_TYPE_POSTGRESQL_DATABASE=owfms
-#STORAGE_TYPE_POSTGRESQL_PORT=5432
-#STORAGE_TYPE_MYSQL_HOST=localhost
-#STORAGE_TYPE_MYSQL_USERNAME=owfms
-#STORAGE_TYPE_MYSQL_PASSWORD=owfms
-#STORAGE_TYPE_MYSQL_DATABASE=owfms
-#STORAGE_TYPE_MYSQL_PORT=3306

docker-compose/owgw-ui.env

@@ -1,2 +0,0 @@
-DEFAULT_UCENTRALSEC_URL=https://openwifi.wlan.local:16001
-ALLOW_UCENTRALSEC_CHANGE=false

docker-compose/owgw-ui/default.conf

@@ -1,32 +0,0 @@
-server {
-    listen       80;
-    listen  [::]:80;
-
-    # Disable emitting nginx version
-    server_tokens off;
-
-    return 301 https://$host$request_uri;
-}
-
-server {
-    listen       443 ssl;
-    listen       [::]:443 ssl;
-
-    # Disable emitting nginx version
-    server_tokens off;
-
-    ssl_certificate     /etc/nginx/restapi-cert.pem;
-    ssl_certificate_key /etc/nginx/restapi-key.pem;
-
-    location / {
-        root   /usr/share/nginx/html;
-        index  index.html index.htm;
-    }
-
-    # redirect server error pages to the static page /50x.html
-    #
-    error_page   500 502 503 504  /50x.html;
-    location = /50x.html {
-        root   /usr/share/nginx/html;
-    }
-}

docker-compose/owgw.env

@@ -1,59 +0,0 @@
-RUN_CHOWN=true
-TEMPLATE_CONFIG=true
-SELFSIGNED_CERTS=true
-
-OWGW_ROOT=/owgw-data
-OWGW_CONFIG=/owgw-data
-
-#WEBSOCKET_HOST_ROOTCA=$OWGW_ROOT/certs/root.pem
-#WEBSOCKET_HOST_ISSUER=$OWGW_ROOT/certs/issuer.pem
-#WEBSOCKET_HOST_CERT=$OWGW_ROOT/certs/websocket-cert.pem
-#WEBSOCKET_HOST_KEY=$OWGW_ROOT/certs/websocket-key.pem
-#WEBSOCKET_HOST_CLIENTCAS=$OWGW_ROOT/certs/clientcas.pem
-#WEBSOCKET_HOST_CAS=$OWGW_ROOT/certs/cas
-#WEBSOCKET_HOST_PORT=15002
-#WEBSOCKET_HOST_KEY_PASSWORD=mypassword
-#RESTAPI_HOST_ROOTCA=$OWGW_ROOT/certs/restapi-ca.pem
-#RESTAPI_HOST_PORT=16002
-#RESTAPI_HOST_CERT=$OWGW_ROOT/certs/restapi-cert.pem
-#RESTAPI_HOST_KEY=$OWGW_ROOT/certs/restapi-key.pem
-#RESTAPI_HOST_KEY_PASSWORD=mypassword
-#INTERNAL_RESTAPI_HOST_ROOTCA=$OWGW_ROOT/certs/restapi-ca.pem
-#INTERNAL_RESTAPI_HOST_PORT=17002
-#INTERNAL_RESTAPI_HOST_CERT=$OWGW_ROOT/certs/restapi-cert.pem
-#INTERNAL_RESTAPI_HOST_KEY=$OWGW_ROOT/certs/restapi-key.pem
-#INTERNAL_RESTAPI_HOST_KEY_PASSWORD=mypassword
-#FILEUPLOADER_HOST_ROOTCA=$OWGW_ROOT/certs/restapi-ca.pem
-FILEUPLOADER_HOST_NAME=openwifi.wlan.local
-#FILEUPLOADER_HOST_PORT=16003
-#FILEUPLOADER_HOST_CERT=$OWGW_ROOT/certs/restapi-cert.pem
-#FILEUPLOADER_HOST_KEY=$OWGW_ROOT/certs/restapi-key.pem
-#FILEUPLOADER_HOST_KEY_PASSWORD=mypassword
-FILEUPLOADER_PATH=$OWGW_ROOT/persist/uploads
-FILEUPLOADER_URI=https://openwifi.wlan.local:16003
-#SERVICE_KEY=$OWGW_ROOT/certs/restapi-key.pem
-#SERVICE_KEY_PASSWORD=mypassword
-SYSTEM_DATA=$OWGW_ROOT/persist
-SYSTEM_URI_PRIVATE=https://owgw.wlan.local:17002
-SYSTEM_URI_PUBLIC=https://openwifi.wlan.local:16002
-SYSTEM_URI_UI=https://openwifi.wlan.local
-#SIMULATORID=
-RTTY_ENABLED=true
-RTTY_SERVER=openwifi.wlan.local
-#RTTY_PORT=5912
-#RTTY_TOKEN=96181c567b4d0d98c50f127230068fa8
-#RTTY_TIMEOUT=60
-#RTTY_VIEWPORT=5913
-#KAFKA_ENABLE=true
-KAFKA_BROKERLIST=kafka:9092
-#STORAGE_TYPE=sqlite
-#STORAGE_TYPE_POSTGRESQL_HOST=localhost
-#STORAGE_TYPE_POSTGRESQL_USERNAME=owgw
-#STORAGE_TYPE_POSTGRESQL_PASSWORD=owgw
-#STORAGE_TYPE_POSTGRESQL_DATABASE=owgw
-#STORAGE_TYPE_POSTGRESQL_PORT=5432
-#STORAGE_TYPE_MYSQL_HOST=localhost
-#STORAGE_TYPE_MYSQL_USERNAME=owgw
-#STORAGE_TYPE_MYSQL_PASSWORD=owgw
-#STORAGE_TYPE_MYSQL_DATABASE=owgw
-#STORAGE_TYPE_MYSQL_PORT=3306

docker-compose/owls/.env

@@ -1,17 +0,0 @@
-# Image tags
-COMPOSE_PROJECT_NAME=owls
-OWSEC_TAG=main
-OWLS_TAG=main
-OWLSUI_TAG=master
-KAFKA_TAG=latest
-ZOOKEEPER_TAG=latest
-
-# Microservice root/config directories
-OWSEC_ROOT=/owsec-data
-OWSEC_CONFIG=/owsec-data
-OWLS_ROOT=/owls-data
-OWLS_CONFIG=/owls-data
-
-# Microservice hostnames
-INTERNAL_OWSEC_HOSTNAME=owsec.wlan.local
-INTERNAL_OWLS_HOSTNAME=owls.wlan.local

docker-compose/owls/docker-compose.yml

@@ -1,89 +0,0 @@
-version: '3'
-
-volumes:
-  zookeeper_data:
-    driver: local
-  zookeeper_datalog:
-    driver: local
-  kafka_data:
-    driver: local
-
-networks:
-  owls:
-
-services:
-  owsec:
-    image: "tip-tip-wlan-cloud-ucentral.jfrog.io/owsec:${OWSEC_TAG}"
-    networks:
-      owls:
-        aliases:
-          - ${INTERNAL_OWSEC_HOSTNAME}
-    env_file:
-      - owsec.env
-    depends_on:
-      - kafka
-    restart: unless-stopped
-    volumes:
-      - "./owsec_data:${OWSEC_ROOT}"
-      - "../certs:/${OWSEC_ROOT}/certs"
-    ports:
-      - "16001:16001"
-      - "16101:16101"
-
-  owls:
-    image: "tip-tip-wlan-cloud-ucentral.jfrog.io/owls:${OWLS_TAG}"
-    networks:
-      owls:
-        aliases:
-          - ${INTERNAL_OWLS_HOSTNAME}
-    env_file:
-      - owls.env
-    depends_on:
-      - owsec
-      - kafka
-    restart: unless-stopped
-    volumes:
-      - "./owls_data:${OWLS_ROOT}"
-      - "../certs:/${OWLS_ROOT}/certs"
-    ports:
-      - "16007:16007"
-      - "16107:16107"
-
-  owls-ui:
-    image: "tip-tip-wlan-cloud-ucentral.jfrog.io/owls-ui:${OWLSUI_TAG}"
-    networks:
-      owls:
-    env_file:
-      - owls-ui.env
-    depends_on:
-      - owsec
-      - owls
-    restart: unless-stopped
-    volumes:
-      - "./owls-ui/default.conf:/etc/nginx/conf.d/default.conf"
-      - "../certs/restapi-cert.pem:/etc/nginx/restapi-cert.pem"
-      - "../certs/restapi-key.pem:/etc/nginx/restapi-key.pem"
-    ports:
-      - "80:80"
-      - "443:443"
-
-  zookeeper:
-    image: "zookeeper:${ZOOKEEPER_TAG}"
-    networks:
-      owls:
-    restart: unless-stopped
-    volumes:
-      - zookeeper_data:/data
-      - zookeeper_datalog:/datalog
-
-  kafka:
-    image: "docker.io/bitnami/kafka:${KAFKA_TAG}"
-    networks:
-      owls:
-    env_file:
-      - kafka.env
-    restart: unless-stopped
-    depends_on:
-      - zookeeper
-    volumes:
-      - kafka_data:/bitnami/kafka

docker-compose/owls/kafka.env

@@ -1,2 +0,0 @@
-KAFKA_CFG_ZOOKEEPER_CONNECT=zookeeper:2181
-ALLOW_PLAINTEXT_LISTENER=yes

docker-compose/owls/owls-ui.env

@@ -1,2 +0,0 @@
-DEFAULT_UCENTRALSEC_URL=https://openwifi-owls.wlan.local:16001
-ALLOW_UCENTRALSEC_CHANGE=false

docker-compose/owls/owls-ui/default.conf

@@ -1,32 +0,0 @@
-server {
-    listen       80;
-    listen  [::]:80;
-
-    # Disable emitting nginx version
-    server_tokens off;
-
-    return 301 https://$host$request_uri;
-}
-
-server {
-    listen       443 ssl;
-    listen       [::]:443 ssl;
-
-    # Disable emitting nginx version
-    server_tokens off;
-
-    ssl_certificate     /etc/nginx/restapi-cert.pem;
-    ssl_certificate_key /etc/nginx/restapi-key.pem;
-
-    location / {
-        root   /usr/share/nginx/html;
-        index  index.html index.htm;
-    }
-
-    # redirect server error pages to the static page /50x.html
-    #
-    error_page   500 502 503 504  /50x.html;
-    location = /50x.html {
-        root   /usr/share/nginx/html;
-    }
-}

docker-compose/owls/owls.env

@@ -1,43 +0,0 @@
-RUN_CHOWN=true
-TEMPLATE_CONFIG=true
-SELFSIGNED_CERTS=true
-
-OWLS_ROOT=/owls-data
-OWLS_CONFIG=/owls-data
-
-#ROOTCA=$OWLS_ROOT/certs/root.pem
-#ISSUER=$OWLS_ROOT/certs/issuer.pem
-#CERT=$OWLS_ROOT/certs/device-cert.pem
-#KEY=$OWLS_ROOT/certs/device-key.pem
-#CLIENTCAS=$OWLS_ROOT/certs/clientcas.pem
-#CAS=$OWLS_ROOT/certs/cas
-#KEY_PASSWORD=mypassword
-#RESTAPI_HOST_ROOTCA=$OWLS_ROOT/certs/restapi-ca.pem
-#RESTAPI_HOST_PORT=16007
-#RESTAPI_HOST_CERT=$OWLS_ROOT/certs/restapi-cert.pem
-#RESTAPI_HOST_KEY=$OWLS_ROOT/certs/restapi-key.pem
-#RESTAPI_HOST_KEY_PASSWORD=mypassword
-#INTERNAL_RESTAPI_HOST_ROOTCA=$OWLS_ROOT/certs/restapi-ca.pem
-#INTERNAL_RESTAPI_HOST_PORT=17007
-#INTERNAL_RESTAPI_HOST_CERT=$OWLS_ROOT/certs/restapi-cert.pem
-#INTERNAL_RESTAPI_HOST_KEY=$OWLS_ROOT/certs/restapi-key.pem
-#INTERNAL_RESTAPI_HOST_KEY_PASSWORD=mypassword
-#SERVICE_KEY=$OWLS_ROOT/certs/restapi-key.pem
-#SERVICE_KEY_PASSWORD=mypassword
-SYSTEM_DATA=$OWLS_ROOT/persist
-SYSTEM_URI_PRIVATE=https://owls.wlan.local:17007
-SYSTEM_URI_PUBLIC=https://openwifi-owls.wlan.local:16007
-SYSTEM_URI_UI=https://openwifi-owls.wlan.local
-#KAFKA_ENABLE=true
-KAFKA_BROKERLIST=kafka:9092
-#STORAGE_TYPE=sqlite
-#STORAGE_TYPE_POSTGRESQL_HOST=localhost
-#STORAGE_TYPE_POSTGRESQL_USERNAME=owls
-#STORAGE_TYPE_POSTGRESQL_PASSWORD=owls
-#STORAGE_TYPE_POSTGRESQL_DATABASE=owls
-#STORAGE_TYPE_POSTGRESQL_PORT=5432
-#STORAGE_TYPE_MYSQL_HOST=localhost
-#STORAGE_TYPE_MYSQL_USERNAME=owls
-#STORAGE_TYPE_MYSQL_PASSWORD=owls
-#STORAGE_TYPE_MYSQL_DATABASE=owls
-#STORAGE_TYPE_MYSQL_PORT=3306

docker-compose/owls/owsec.env

@@ -1,47 +0,0 @@
-RUN_CHOWN=true
-TEMPLATE_CONFIG=true
-SELFSIGNED_CERTS=true
-
-OWSEC_ROOT=/owsec-data
-OWSEC_CONFIG=/owsec-data
-
-#RESTAPI_HOST_ROOTCA=$OWSEC_ROOT/certs/restapi-ca.pem
-#RESTAPI_HOST_PORT=16001
-#RESTAPI_HOST_CERT=$OWSEC_ROOT/certs/restapi-cert.pem
-#RESTAPI_HOST_KEY=$OWSEC_ROOT/certs/restapi-key.pem
-#RESTAPI_HOST_KEY_PASSWORD=mypassword
-#RESTAPI_WWWASSETS=$OWSEC_ROOT/wwwassets
-#INTERNAL_RESTAPI_HOST_ROOTCA=$OWSEC_ROOT/certs/restapi-ca.pem
-#INTERNAL_RESTAPI_HOST_PORT=17001
-#INTERNAL_RESTAPI_HOST_CERT=$OWSEC_ROOT/certs/restapi-cert.pem
-#INTERNAL_RESTAPI_HOST_KEY=$OWSEC_ROOT/certs/restapi-key.pem
-#INTERNAL_RESTAPI_HOST_KEY_PASSWORD=mypassword
-#AUTHENTICATION_DEFAULT_USERNAME=tip@ucentral.com
-#AUTHENTICATION_DEFAULT_PASSWORD=13268b7daa751240369d125e79c873bd8dd3bef7981bdfd38ea03dbb1fbe7dcf
-SYSTEM_DATA=$OWSEC_ROOT/persist
-SYSTEM_URI_PRIVATE=https://owsec.wlan.local:17001
-SYSTEM_URI_PUBLIC=https://openwifi-owls.wlan.local:16001
-SYSTEM_URI_UI=https://openwifi-owls.wlan.local
-#SERVICE_KEY=$OWSEC_ROOT/certs/restapi-key.pem
-#SERVICE_KEY_PASSWORD=mypassword
-#MAILER_HOSTNAME=localhost
-#MAILER_USERNAME=************************
-#MAILER_PASSWORD=************************
-#MAILER_SENDER=OpenWIFI
-#MAILER_PORT=587
-#MAILER_TEMPLATES=$OWSEC_ROOT/templates
-#KAFKA_ENABLE=true
-KAFKA_BROKERLIST=kafka:9092
-#DOCUMENT_POLICY_ACCESS=$OWSEC_ROOT/wwwassets/access_policy.html
-#DOCUMENT_POLICY_PASSWORD=$OWSEC_ROOT/wwwassets/password_policy.html
-#STORAGE_TYPE=sqlite
-#STORAGE_TYPE_POSTGRESQL_HOST=localhost
-#STORAGE_TYPE_POSTGRESQL_USERNAME=owsec
-#STORAGE_TYPE_POSTGRESQL_PASSWORD=owsec
-#STORAGE_TYPE_POSTGRESQL_DATABASE=owsec
-#STORAGE_TYPE_POSTGRESQL_PORT=5432
-#STORAGE_TYPE_MYSQL_HOST=localhost
-#STORAGE_TYPE_MYSQL_USERNAME=owsec
-#STORAGE_TYPE_MYSQL_PASSWORD=owsec
-#STORAGE_TYPE_MYSQL_DATABASE=owsec
-#STORAGE_TYPE_MYSQL_PORT=3306

docker-compose/owprov-ui.env

@@ -1,2 +0,0 @@
-DEFAULT_UCENTRALSEC_URL=https://openwifi.wlan.local:16001
-ALLOW_UCENTRALSEC_CHANGE=false

docker-compose/owprov-ui/default.conf

@@ -1,32 +0,0 @@
-server {
-    listen       8080;
-    listen  [::]:8080;
-
-    # Disable emitting nginx version
-    server_tokens off;
-
-    return 301 https://$host:8443$request_uri;
-}
-
-server {
-    listen       8443 ssl;
-    listen       [::]:8443 ssl;
-
-    # Disable emitting nginx version
-    server_tokens off;
-
-    ssl_certificate     /etc/nginx/restapi-cert.pem;
-    ssl_certificate_key /etc/nginx/restapi-key.pem;
-
-    location / {
-        root   /usr/share/nginx/html;
-        index  index.html index.htm;
-    }
-
-    # redirect server error pages to the static page /50x.html
-    #
-    error_page   500 502 503 504  /50x.html;
-    location = /50x.html {
-        root   /usr/share/nginx/html;
-    }
-}

docker-compose/owprov.env

@@ -1,38 +0,0 @@
-RUN_CHOWN=true
-TEMPLATE_CONFIG=true
-SELFSIGNED_CERTS=true
-
-OWPROV_ROOT=/owprov-data
-OWPROV_CONFIG=/owprov-data
-
-#RESTAPI_HOST_ROOTCA=$OWPROV_ROOT/certs/restapi-ca.pem
-#RESTAPI_HOST_PORT=16005
-#RESTAPI_HOST_CERT=$OWPROV_ROOT/certs/restapi-cert.pem
-#RESTAPI_HOST_KEY=$OWPROV_ROOT/certs/restapi-key.pem
-#RESTAPI_HOST_KEY_PASSWORD=mypassword
-#INTERNAL_RESTAPI_HOST_ROOTCA=$OWPROV_ROOT/certs/restapi-ca.pem
-#INTERNAL_RESTAPI_HOST_PORT=17005
-#INTERNAL_RESTAPI_HOST_CERT=$OWPROV_ROOT/certs/restapi-cert.pem
-#INTERNAL_RESTAPI_HOST_KEY=$OWPROV_ROOT/certs/restapi-key.pem
-#INTERNAL_RESTAPI_HOST_KEY_PASSWORD=mypassword
-#FIRMWARE_UPDATER_UPGRADE=yes
-#FIRMWARE_UPDATER_RCONLY=no
-#SERVICE_KEY=$OWPROV_ROOT/certs/restapi-key.pem
-#SERVICE_KEY_PASSWORD=mypassword
-SYSTEM_DATA=$OWPROV_ROOT/persist
-SYSTEM_URI_PRIVATE=https://owprov.wlan.local:17005
-SYSTEM_URI_PUBLIC=https://openwifi.wlan.local:16005
-SYSTEM_URI_UI=https://openwifi.wlan.local
-#KAFKA_ENABLE=true
-KAFKA_BROKERLIST=kafka:9092
-#STORAGE_TYPE=sqlite
-#STORAGE_TYPE_POSTGRESQL_HOST=localhost
-#STORAGE_TYPE_POSTGRESQL_USERNAME=owprov
-#STORAGE_TYPE_POSTGRESQL_PASSWORD=owprov
-#STORAGE_TYPE_POSTGRESQL_DATABASE=owprov
-#STORAGE_TYPE_POSTGRESQL_PORT=5432
-#STORAGE_TYPE_MYSQL_HOST=localhost
-#STORAGE_TYPE_MYSQL_USERNAME=owprov
-#STORAGE_TYPE_MYSQL_PASSWORD=owprov
-#STORAGE_TYPE_MYSQL_DATABASE=owprov
-#STORAGE_TYPE_MYSQL_PORT=3306

docker-compose/owsec.env

@@ -1,47 +0,0 @@
-RUN_CHOWN=true
-TEMPLATE_CONFIG=true
-SELFSIGNED_CERTS=true
-
-OWSEC_ROOT=/owsec-data
-OWSEC_CONFIG=/owsec-data
-
-#RESTAPI_HOST_ROOTCA=$OWSEC_ROOT/certs/restapi-ca.pem
-#RESTAPI_HOST_PORT=16001
-#RESTAPI_HOST_CERT=$OWSEC_ROOT/certs/restapi-cert.pem
-#RESTAPI_HOST_KEY=$OWSEC_ROOT/certs/restapi-key.pem
-#RESTAPI_HOST_KEY_PASSWORD=mypassword
-#RESTAPI_WWWASSETS=$OWSEC_ROOT/wwwassets
-#INTERNAL_RESTAPI_HOST_ROOTCA=$OWSEC_ROOT/certs/restapi-ca.pem
-#INTERNAL_RESTAPI_HOST_PORT=17001
-#INTERNAL_RESTAPI_HOST_CERT=$OWSEC_ROOT/certs/restapi-cert.pem
-#INTERNAL_RESTAPI_HOST_KEY=$OWSEC_ROOT/certs/restapi-key.pem
-#INTERNAL_RESTAPI_HOST_KEY_PASSWORD=mypassword
-#AUTHENTICATION_DEFAULT_USERNAME=tip@ucentral.com
-#AUTHENTICATION_DEFAULT_PASSWORD=13268b7daa751240369d125e79c873bd8dd3bef7981bdfd38ea03dbb1fbe7dcf
-SYSTEM_DATA=$OWSEC_ROOT/persist
-SYSTEM_URI_PRIVATE=https://owsec.wlan.local:17001
-SYSTEM_URI_PUBLIC=https://openwifi.wlan.local:16001
-SYSTEM_URI_UI=https://openwifi.wlan.local
-#SERVICE_KEY=$OWSEC_ROOT/certs/restapi-key.pem
-#SERVICE_KEY_PASSWORD=mypassword
-#MAILER_HOSTNAME=localhost
-#MAILER_USERNAME=************************
-#MAILER_PASSWORD=************************
-#MAILER_SENDER=OpenWIFI
-#MAILER_PORT=587
-#MAILER_TEMPLATES=$OWSEC_ROOT/templates
-#KAFKA_ENABLE=true
-KAFKA_BROKERLIST=kafka:9092
-#DOCUMENT_POLICY_ACCESS=$OWSEC_ROOT/wwwassets/access_policy.html
-#DOCUMENT_POLICY_PASSWORD=$OWSEC_ROOT/wwwassets/password_policy.html
-#STORAGE_TYPE=sqlite
-#STORAGE_TYPE_POSTGRESQL_HOST=localhost
-#STORAGE_TYPE_POSTGRESQL_USERNAME=owsec
-#STORAGE_TYPE_POSTGRESQL_PASSWORD=owsec
-#STORAGE_TYPE_POSTGRESQL_DATABASE=owsec
-#STORAGE_TYPE_POSTGRESQL_PORT=5432
-#STORAGE_TYPE_MYSQL_HOST=localhost
-#STORAGE_TYPE_MYSQL_USERNAME=owsec
-#STORAGE_TYPE_MYSQL_PASSWORD=owsec
-#STORAGE_TYPE_MYSQL_DATABASE=owsec
-#STORAGE_TYPE_MYSQL_PORT=3306

docker-compose/postgresql.env

@@ -1,14 +0,0 @@
-POSTGRES_PASSWORD=postgres
-POSTGRES_USER=postgres
-OWGW_DB=owgw
-OWGW_DB_USER=owgw
-OWGW_DB_PASSWORD=owgw
-OWSEC_DB=owsec
-OWSEC_DB_USER=owsec
-OWSEC_DB_PASSWORD=owsec
-OWFMS_DB=owfms
-OWFMS_DB_USER=owfms
-OWFMS_DB_PASSWORD=owfms
-OWPROV_DB=owprov
-OWPROV_DB_USER=owprov
-OWPROV_DB_PASSWORD=owprov

docker-compose/postgresql/init-db.sh

@@ -1,17 +0,0 @@
-#!/bin/bash
-set -e
-
-psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" <<-EOSQL
-    CREATE USER $OWGW_DB_USER WITH ENCRYPTED PASSWORD '$OWGW_DB_PASSWORD';
-    CREATE DATABASE $OWGW_DB;
-    GRANT ALL PRIVILEGES ON DATABASE $OWGW_DB TO $OWGW_DB_USER;
-    CREATE USER $OWSEC_DB_USER WITH ENCRYPTED PASSWORD '$OWSEC_DB_PASSWORD';
-    CREATE DATABASE $OWSEC_DB;
-    GRANT ALL PRIVILEGES ON DATABASE $OWSEC_DB TO $OWSEC_DB_USER;
-    CREATE USER $OWFMS_DB_USER WITH ENCRYPTED PASSWORD '$OWFMS_DB_PASSWORD';
-    CREATE DATABASE $OWFMS_DB;
-    GRANT ALL PRIVILEGES ON DATABASE $OWFMS_DB TO $OWFMS_DB_USER;
-    CREATE USER $OWPROV_DB_USER WITH ENCRYPTED PASSWORD '$OWPROV_DB_PASSWORD';
-    CREATE DATABASE $OWPROV_DB;
-    GRANT ALL PRIVILEGES ON DATABASE $OWPROV_DB TO $OWPROV_DB_USER;
-EOSQL

docker-compose/rttys/rttys_letsencrypt.conf

@@ -1,16 +0,0 @@
-addr-dev: :5912
-addr-user: :5913
-#addr-web: :5914
-#web-redir-url:# Auth for http
-http-username: rttys
-http-password: rttys
-#ssl-cert: /etc/rttys/restapi-cert.pem
-#ssl-key: /etc/rttys/restapi-key.pem
-token: 96181c567b4d0d98c50f127230068fa8
-# font-size: 16
-# No login required to connect device.
-# Values can be device IDs separated by spaces,
-# or a "*" indicates that all devices do not require login
-# http://localhost:5913/connect/rtty1
-white-list: "*"
-#white-list: rtty1 rtty2

docker-compose/traefik.env

@@ -1,20 +0,0 @@
-TRAEFIK_ENTRYPOINTS_OWGWWEBSOCKET_ADDRESS=:15002
-TRAEFIK_ENTRYPOINTS_OWGWRESTAPI_ADDRESS=:16002
-TRAEFIK_ENTRYPOINTS_OWGWFILEUPLOAD_ADDRESS=:16003
-TRAEFIK_ENTRYPOINTS_OWGWUIHTTP_ADDRESS=:80
-TRAEFIK_ENTRYPOINTS_OWGWUIHTTP_HTTP_REDIRECTIONS_ENTRYPOINT_TO=owgwuihttps
-TRAEFIK_ENTRYPOINTS_OWPROVUIHTTP_ADDRESS=:8080
-TRAEFIK_ENTRYPOINTS_OWPROVUIHTTP_HTTP_REDIRECTIONS_ENTRYPOINT_TO=owprovuihttps
-TRAEFIK_ENTRYPOINTS_OWGWUIHTTPS_ADDRESS=:443
-TRAEFIK_ENTRYPOINTS_OWPROVUIHTTPS_ADDRESS=:8443
-TRAEFIK_ENTRYPOINTS_OWSECRESTAPI_ADDRESS=:16001
-TRAEFIK_ENTRYPOINTS_OWFMSRESTAPI_ADDRESS=:16004
-TRAEFIK_ENTRYPOINTS_OWPROVRESTAPI_ADDRESS=:16005
-TRAEFIK_ENTRYPOINTS_RTTYSDEV_ADDRESS=:5912
-TRAEFIK_ENTRYPOINTS_RTTYSUSER_ADDRESS=:5913
-TRAEFIK_PROVIDERS_FILE_FILENAME=/etc/traefik/openwifi.yaml
-TRAEFIK_CERTIFICATESRESOLVERS_OPENWIFI_ACME_EMAIL=
-TRAEFIK_CERTIFICATESRESOLVERS_OPENWIFI_ACME_HTTPCHALLENGE=true
-TRAEFIK_CERTIFICATESRESOLVERS_OPENWIFI_ACME_HTTPCHALLENGE_ENTRYPOINT=owgwuihttp
-TRAEFIK_CERTIFICATESRESOLVERS_OPENWIFI_ACME_STORAGE=/letsencrypt/acme.json
-TRAEFIK_SERVERSTRANSPORT_ROOTCAS=/certs/restapi-ca.pem

docker-compose/traefik/openwifi_letsencrypt.yaml

@@ -1,119 +0,0 @@
-http:
-  services:
-    owgw-ui:
-      loadBalancer:
-        servers:
-          - url: "http://owgw-ui.wlan.local:80/"
-    owgw-restapi:
-      loadBalancer:
-        servers:
-          - url: "https://owgw.wlan.local:16002/"
-    owgw-fileupload:
-      loadBalancer:
-        servers:
-          - url: "https://owgw.wlan.local:16003/"
-    owsec-restapi:
-      loadBalancer:
-        servers:
-          - url: "https://owsec.wlan.local:16001/"
-    owfms-restapi:
-      loadBalancer:
-        servers:
-          - url: "https://owfms.wlan.local:16004/"
-    owprov-restapi:
-      loadBalancer:
-        servers:
-          - url: "https://owprov.wlan.local:16005/"
-    owprov-ui:
-      loadBalancer:
-        servers:
-          - url: "http://owprov-ui.wlan.local:80/"
-    rttys-user:
-      loadBalancer:
-        servers:
-          - url: "http://rttys.wlan.local:5913/"
-
-  routers:
-    owgw-ui-http:
-      entryPoints: "owgwuihttp"
-      service: "owgw-ui"
-      rule: "Host(`{{ env "OWGWUI_HOSTNAME" }}`)"
-    owgw-ui-https:
-      entryPoints: "owgwuihttps"
-      service: "owgw-ui"
-      rule: "Host(`{{ env "OWGWUI_HOSTNAME" }}`)"
-      tls:
-        certResolver: "openwifi"
-    owgw-fileupload:
-      entryPoints: "owgwfileupload"
-      service: "owgw-fileupload"
-      rule: "Host(`{{ env "OWGWFILEUPLOAD_HOSTNAME" }}`)"
-      tls:
-        certResolver: "openwifi"
-    owgw-restapi:
-      entryPoints: "owgwrestapi"
-      service: "owgw-restapi"
-      rule: "Host(`{{ env "OWGW_HOSTNAME" }}`)"
-      tls:
-        certResolver: "openwifi"
-    owsec-restapi:
-      entryPoints: "owsecrestapi"
-      service: "owsec-restapi"
-      rule: "Host(`{{ env "OWSEC_HOSTNAME" }}`)"
-      tls:
-        certResolver: "openwifi"
-    owfms-restapi:
-      entryPoints: "owfmsrestapi"
-      service: "owfms-restapi"
-      rule: "Host(`{{env "OWFMS_HOSTNAME"}}`)"
-      tls:
-        certResolver: "openwifi"
-    owprov-restapi:
-      entryPoints: "owprovrestapi"
-      service: "owprov-restapi"
-      rule: "Host(`{{env "OWPROV_HOSTNAME"}}`)"
-      tls:
-        certResolver: "openwifi"
-    owprov-ui-http:
-      entryPoints: "owgwuihttp"
-      service: "owprov-ui"
-      rule: "Host(`{{ env "OWPROVUI_HOSTNAME" }}`)"
-    owprov-ui-https:
-      entryPoints: "owgwuihttps"
-      service: "owprov-ui"
-      rule: "Host(`{{ env "OWPROVUI_HOSTNAME" }}`)"
-      tls:
-        certResolver: "openwifi"
-    rttys-user:
-      entryPoints: "rttysuser"
-      service: "rttys-user"
-      rule: "Host(`{{ env "RTTYS_HOSTNAME" }}`)"
-      tls:
-        certResolver: "openwifi"
-
-tcp:
-  services:
-    owgw-websocket:
-      loadBalancer:
-        servers:
-          - address: "owgw.wlan.local:15002"
-
-    rttys-dev:
-      loadBalancer:
-        servers:
-          - address: "rttys.wlan.local:5912"
-
-  routers:
-    owgw-websocket:
-      entryPoints: "owgwwebsocket"
-      service: "owgw-websocket"
-      rule: "HostSNI(`*`)"
-      tls:
-        passthrough: true
-
-    rttys-dev:
-      entryPoints: "rttysdev"
-      service: "rttys-dev"
-      rule: "HostSNI(`{{ env "RTTYS_HOSTNAME" }}`)"
-      tls:
-        certResolver: openwifi

docker-compose/traefik/openwifi_selfsigned.yaml

@@ -1,124 +0,0 @@
-tls:
-  certificates:
-    - certFile: /certs/restapi-cert.pem
-      keyFile: /certs/restapi-key.pem
-
-http:
-  services:
-    owgw-ui:
-      loadBalancer:
-        servers:
-          - url: "http://owgw-ui.wlan.local:80/"
-
-    owprov-ui:
-      loadBalancer:
-        servers:
-          - url: "http://owprov-ui.wlan.local:80/"
-
-  routers:
-    owgw-ui-http:
-      entryPoints: "owgwuihttp"
-      service: "owgw-ui"
-      rule: "PathPrefix(`/`)"
-
-    owgw-ui-https:
-      entryPoints: "owgwuihttps"
-      service: "owgw-ui"
-      rule: "PathPrefix(`/`)"
-      tls: {}
-
-    owprov-ui-http:
-      entryPoints: "owprovuihttp"
-      service: "owprov-ui"
-      rule: "PathPrefix(`/`)"
-
-    owprov-ui-https:
-      entryPoints: "owprovuihttps"
-      service: "owprov-ui"
-      rule: "PathPrefix(`/`)"
-      tls: {}
-
-tcp:
-  services:
-    owgw-websocket:
-      loadBalancer:
-        servers:
-          - address: "owgw.wlan.local:15002"
-    owgw-restapi:
-      loadBalancer:
-        servers:
-          - address: "owgw.wlan.local:16002"
-    owgw-fileupload:
-      loadBalancer:
-        servers:
-          - address: "owgw.wlan.local:16003"
-    owsec-restapi:
-      loadBalancer:
-        servers:
-          - address: "owsec.wlan.local:16001"
-    owfms-restapi:
-      loadBalancer:
-        servers:
-          - address: "owfms.wlan.local:16004"
-    owprov-restapi:
-      loadBalancer:
-        servers:
-          - address: "owprov.wlan.local:16005"
-    rttys-dev:
-      loadBalancer:
-        servers:
-          - address: "rttys.wlan.local:5912"
-    rttys-user:
-      loadBalancer:
-        servers:
-          - address: "rttys.wlan.local:5913"
-
-  routers:
-    owgw-websocket:
-      entryPoints: "owgwwebsocket"
-      service: "owgw-websocket"
-      rule: "HostSNI(`*`)"
-      tls:
-        passthrough: true
-    owgw-restapi:
-      entryPoints: "owgwrestapi"
-      service: "owgw-restapi"
-      rule: "HostSNI(`*`)"
-      tls:
-        passthrough: true
-    owgw-fileupload:
-      entryPoints: "owgwfileupload"
-      service: "owgw-fileupload"
-      rule: "HostSNI(`*`)"
-      tls:
-        passthrough: true
-    owsec-restapi:
-      entryPoints: "owsecrestapi"
-      service: "owsec-restapi"
-      rule: "HostSNI(`*`)"
-      tls:
-        passthrough: true
-    owfms-restapi:
-      entryPoints: "owfmsrestapi"
-      service: "owfms-restapi"
-      rule: "HostSNI(`*`)"
-      tls:
-        passthrough: true
-    owprov-restapi:
-      entryPoints: "owprovrestapi"
-      service: "owprov-restapi"
-      rule: "HostSNI(`*`)"
-      tls:
-        passthrough: true
-    rttys-dev:
-      entryPoints: "rttysdev"
-      service: "rttys-dev"
-      rule: "HostSNI(`*`)"
-      tls:
-        passthrough: true
-    rttys-user:
-      entryPoints: "rttysuser"
-      service: "rttys-user"
-      rule: "HostSNI(`*`)"
-      tls:
-        passthrough: true

docker-compose/ucentralfms-data/ucentralfms.properties

@@ -0,0 +1,141 @@
+#
+# uCentral protocol server for devices. This is where you point
+# all your devices. You can replace the * for address by the specific
+# address of one of your interfaces
+#
+#
+# REST API access
+#
+ucentralfws.restapi.host.0.backlog = 100
+ucentralfws.restapi.host.0.security = relaxed
+ucentralfws.restapi.host.0.rootca = $UCENTRALFMS_ROOT/certs/restapi-ca.pem
+ucentralfws.restapi.host.0.address = *
+ucentralfws.restapi.host.0.port = 16004
+ucentralfws.restapi.host.0.cert = $UCENTRALFMS_ROOT/certs/restapi-cert.pem
+ucentralfws.restapi.host.0.key = $UCENTRALFMS_ROOT/certs/restapi-key.pem
+ucentralfws.restapi.host.0.key.password = mypassword
+
+ucentral.internal.restapi.host.0.backlog = 100
+ucentral.internal.restapi.host.0.security = relaxed
+ucentral.internal.restapi.host.0.rootca = $UCENTRALFMS_ROOT/certs/restapi-ca.pem
+ucentral.internal.restapi.host.0.address = *
+ucentral.internal.restapi.host.0.port = 17004
+ucentral.internal.restapi.host.0.cert = $UCENTRALFMS_ROOT/certs/restapi-cert.pem
+ucentral.internal.restapi.host.0.key = $UCENTRALFMS_ROOT/certs/restapi-key.pem
+ucentral.internal.restapi.host.0.key.password = mypassword
+
+#
+# Generic section that all microservices must have
+#
+ucentral.service.key = $UCENTRALFMS_ROOT/certs/restapi-key.pem
+ucentral.service.key.password = mypassword
+ucentral.system.data = $UCENTRALFMS_ROOT/data
+ucentral.system.debug = false
+ucentral.system.uri.private = https://ucentralfms.wlan.local:17004
+ucentral.system.uri.public = https://ucentral.wlan.local:16004
+ucentral.system.commandchannel = /tmp/app.ucentralfms
+ucentral.system.uri.ui = ucentral.wlan.local
+
+#
+# Firmware Microservice Specific Section
+#
+s3.bucketname = ucentral-ap-firmware
+s3.region = us-east-1
+s3.secret = b0S6EiR5RLIxoe7Xvz9YXPPdxQCoZ6ze37qunTAI
+s3.key = AKIAUG47UZG7R6SRLD7F
+s3.retry = 60
+s3.bucket.uri = ucentral-ap-firmware.s3.amazonaws.com
+
+firmwaredb.refresh = 1800
+#############################
+# Generic information for all micro services
+#############################
+#
+# NLB Support
+#
+alb.enable = true
+alb.port = 16104
+
+#
+# Kafka
+#
+ucentral.kafka.group.id = firmware
+ucentral.kafka.client.id = firmware1
+ucentral.kafka.enable = true
+ucentral.kafka.brokerlist = kafka:9092
+ucentral.kafka.auto.commit = false
+ucentral.kafka.queue.buffering.max.ms = 50
+
+#
+# This section select which form of persistence you need
+# Only one selected at a time. If you select multiple, this service will die if a horrible
+# death and might make your beer flat.
+#
+storage.type = sqlite
+#storage.type = postgresql
+#storage.type = mysql
+#storage.type = odbc
+
+storage.type.sqlite.db = firmware.db
+storage.type.sqlite.idletime = 120
+storage.type.sqlite.maxsessions = 128
+
+storage.type.postgresql.maxsessions = 64
+storage.type.postgresql.idletime = 60
+storage.type.postgresql.host = localhost
+storage.type.postgresql.username = stephb
+storage.type.postgresql.password = snoopy99
+storage.type.postgresql.database = ucentral
+storage.type.postgresql.port = 5432
+storage.type.postgresql.connectiontimeout = 60
+
+storage.type.mysql.maxsessions = 64
+storage.type.mysql.idletime = 60
+storage.type.mysql.host = localhost
+storage.type.mysql.username = stephb
+storage.type.mysql.password = snoopy99
+storage.type.mysql.database = ucentral
+storage.type.mysql.port = 3306
+storage.type.mysql.connectiontimeout = 60
+
+
+########################################################################
+########################################################################
+#
+# Logging: please leave as is for now.
+#
+########################################################################
+logging.formatters.f1.class = PatternFormatter
+logging.formatters.f1.pattern = %Y-%m-%d %H:%M:%S %s: [%p] %t
+logging.formatters.f1.times = UTC
+logging.channels.c1.class = ConsoleChannel
+logging.channels.c1.formatter = f1
+
+# This is where the logs will be written. This path MUST exist
+logging.channels.c2.class = FileChannel
+logging.channels.c2.path = $UCENTRALFMS_ROOT/logs/log
+logging.channels.c2.formatter.class = PatternFormatter
+logging.channels.c2.formatter.pattern = %Y-%m-%d %H:%M:%S %s: [%p] %t
+logging.channels.c2.rotation = 20 M
+logging.channels.c2.archive = timestamp
+logging.channels.c2.purgeCount = 20
+logging.channels.c3.class = ConsoleChannel
+logging.channels.c3.pattern = %s: [%p] %t
+
+# External Channel
+logging.loggers.root.channel = c1
+logging.loggers.root.level = debug
+
+# Inline Channel with PatternFormatter
+# logging.loggers.l1.name = logger1
+# logging.loggers.l1.channel.class = ConsoleChannel
+# logging.loggers.l1.channel.pattern = %s: [%p] %t
+# logging.loggers.l1.level = information
+# SplitterChannel
+# logging.channels.splitter.class = SplitterChannel
+# logging.channels.splitter.channels = l1,l2
+# logging.loggers.l2.name = logger2
+# logging.loggers.l2.channel = splitter
+
+
+

docker-compose/ucentralgw-data/ucentralgw.properties

@@ -0,0 +1,194 @@
+#
+# uCentral protocol server for devices. This is where you point
+# all your devices. You can replace the * for address by the specific
+# address of one of your interfaces
+#
+ucentral.websocket.host.0.backlog = 500
+ucentral.websocket.host.0.rootca = $UCENTRALGW_ROOT/certs/root.pem
+ucentral.websocket.host.0.issuer = $UCENTRALGW_ROOT/certs/issuer.pem
+ucentral.websocket.host.0.cert = $UCENTRALGW_ROOT/certs/websocket-cert.pem
+ucentral.websocket.host.0.key = $UCENTRALGW_ROOT/certs/websocket-key.pem
+ucentral.websocket.host.0.clientcas = $UCENTRALGW_ROOT/certs/clientcas.pem
+ucentral.websocket.host.0.cas = $UCENTRALGW_ROOT/certs/cas
+ucentral.websocket.host.0.address = *
+ucentral.websocket.host.0.port = 15002
+ucentral.websocket.host.0.security = strict
+ucentral.websocket.host.0.key.password = mypassword
+ucentral.websocket.maxreactors = 20
+
+#
+# REST API access
+#
+ucentral.restapi.host.0.backlog = 100
+ucentral.restapi.host.0.security = relaxed
+ucentral.restapi.host.0.rootca = $UCENTRALGW_ROOT/certs/restapi-ca.pem
+ucentral.restapi.host.0.address = *
+ucentral.restapi.host.0.port = 16002
+ucentral.restapi.host.0.cert = $UCENTRALGW_ROOT/certs/restapi-cert.pem
+ucentral.restapi.host.0.key = $UCENTRALGW_ROOT/certs/restapi-key.pem
+ucentral.restapi.host.0.key.password = mypassword
+
+ucentral.internal.restapi.host.0.backlog = 100
+ucentral.internal.restapi.host.0.security = relaxed
+ucentral.internal.restapi.host.0.rootca = $UCENTRALGW_ROOT/certs/restapi-ca.pem
+ucentral.internal.restapi.host.0.address = *
+ucentral.internal.restapi.host.0.port = 17002
+ucentral.internal.restapi.host.0.cert = $UCENTRALGW_ROOT/certs/restapi-cert.pem
+ucentral.internal.restapi.host.0.key = $UCENTRALGW_ROOT/certs/restapi-key.pem
+ucentral.internal.restapi.host.0.key.password = mypassword
+
+#
+# Used to upload files to the service.
+# You should replace the 'name' vaalue with the IP address of your gateway or an FQDN
+# that your devices can reach
+#
+ucentral.fileuploader.host.0.backlog = 100
+ucentral.fileuploader.host.0.rootca = $UCENTRALGW_ROOT/certs/restapi-ca.pem
+ucentral.fileuploader.host.0.security = relaxed
+ucentral.fileuploader.host.0.address = *
+ucentral.fileuploader.host.0.name = ucentral.wlan.local
+ucentral.fileuploader.host.0.port = 16003
+ucentral.fileuploader.host.0.cert = $UCENTRALGW_ROOT/certs/restapi-cert.pem
+ucentral.fileuploader.host.0.key = $UCENTRALGW_ROOT/certs/restapi-key.pem
+ucentral.fileuploader.host.0.key.password = mypassword
+ucentral.fileuploader.path = $UCENTRALGW_ROOT/uploads
+ucentral.fileuploader.maxsize = 10000
+
+#
+# Generic section that all microservices must have
+#
+ucentral.service.key = $UCENTRALGW_ROOT/certs/restapi-key.pem
+ucentral.system.data = $UCENTRALGW_ROOT/data
+ucentral.system.debug = true
+#ucentral.system.uri.private = https://localhost:17002
+#ucentral.system.uri.public = https://local.dpaas.arilia.com:16002
+#ucentral.system.uri.ui = https://ucentral-ui.arilia.com
+ucentral.system.uri.private = https://ucentralgw.wlan.local:17002
+ucentral.system.uri.public = https://ucentral.wlan.local:16002
+ucentral.system.uri.ui = http://127.0.0.1
+ucentral.system.commandchannel = /tmp/app.ucentralgw
+
+#
+# Gateway Microservice Specific Section
+#
+ucentral.autoprovisioning = true
+ucentral.devicetypes.0 = AP:linksys_ea8300,edgecore_eap101,linksys_e8450-ubi
+ucentral.devicetypes.1 = SWITCH:edgecore_ecs4100-12ph
+ucentral.devicetypes.2 = IOT:esp32
+oui.download.uri = https://linuxnet.ca/ieee/oui.txt
+firmware.autoupdate.policy.default = auto
+
+#
+# rtty
+#
+rtty.enabled = true
+rtty.server = ucentral.wlan.local
+rtty.port = 5912
+rtty.token = 96181c567b4d0d98c50f127230068fa8
+rtty.timeout = 60
+rtty.viewport = 5913
+
+#############################
+# Generic information for all micro services
+#############################
+#
+# NLB Support
+#
+alb.enable = true
+alb.port = 16102
+
+#
+# Kafka
+#
+ucentral.kafka.group.id = gateway
+ucentral.kafka.client.id = gateway1
+ucentral.kafka.enable = true
+ucentral.kafka.brokerlist = kafka:9092
+# ucentral.kafka.brokerlist = debfarm1-node-c.arilia.com:9092
+ucentral.kafka.auto.commit = false
+ucentral.kafka.queue.buffering.max.ms = 50
+
+#
+# This section select which form of persistence you need
+# Only one selected at a time. If you select multiple, this service will die if a horrible
+# death and might make your beer flat.
+#
+storage.type = sqlite
+#storage.type = postgresql
+#storage.type = mysql
+#storage.type = odbc
+
+storage.type.sqlite.db = devices.db
+storage.type.sqlite.idletime = 120
+storage.type.sqlite.maxsessions = 128
+
+storage.type.postgresql.maxsessions = 64
+storage.type.postgresql.idletime = 60
+storage.type.postgresql.host = postgresql
+storage.type.postgresql.username = ucentralgw
+storage.type.postgresql.password = ucentralgw
+storage.type.postgresql.database = ucentralgw
+storage.type.postgresql.port = 5432
+storage.type.postgresql.connectiontimeout = 60
+
+storage.type.mysql.maxsessions = 64
+storage.type.mysql.idletime = 60
+storage.type.mysql.host = localhost
+storage.type.mysql.username = stephb
+storage.type.mysql.password = snoopy99
+storage.type.mysql.database = ucentral
+storage.type.mysql.port = 3306
+storage.type.mysql.connectiontimeout = 60
+
+archiver.enabled = true
+archiver.schedule = 03:00
+archiver.db.0.name = healthchecks
+archiver.db.0.keep = 7
+archiver.db.1.name = statistics
+archiver.db.1.keep = 7
+archiver.db.2.name = devicelogs
+archiver.db.2.keep = 7
+archiver.db.3.name = commandlist
+archiver.db.3.keep = 7
+
+########################################################################
+########################################################################
+#
+# Logging: please leave as is for now.
+#
+########################################################################
+
+logging.formatters.f1.class = PatternFormatter
+logging.formatters.f1.pattern = %Y-%m-%d %H:%M:%S %s: [%p] %t
+logging.formatters.f1.times = UTC
+logging.channels.c1.class = ConsoleChannel
+logging.channels.c1.formatter = f1
+
+# This is where the logs will be written. This path MUST exist
+logging.channels.c2.class = FileChannel
+logging.channels.c2.path = $UCENTRALGW_ROOT/logs/log
+logging.channels.c2.formatter.class = PatternFormatter
+logging.channels.c2.formatter.pattern = %Y-%m-%d %H:%M:%S %s: [%p] %t
+logging.channels.c2.rotation = 20 M
+logging.channels.c2.archive = timestamp
+logging.channels.c2.purgeCount = 20
+logging.channels.c3.class = ConsoleChannel
+logging.channels.c3.pattern = %s: [%p] %t
+
+# External Channel
+logging.loggers.root.channel = c1
+logging.loggers.root.level = debug
+
+# Inline Channel with PatternFormatter
+# logging.loggers.l1.name = logger1
+# logging.loggers.l1.channel.class = ConsoleChannel
+# logging.loggers.l1.channel.pattern = %s: [%p] %t
+# logging.loggers.l1.level = information
+# SplitterChannel
+# logging.channels.splitter.class = SplitterChannel
+# logging.channels.splitter.channels = l1,l2
+# logging.loggers.l2.name = logger2
+# logging.loggers.l2.channel = splitter
+
+
+

docker-compose/ucentralsec-data/ucentralsec.properties

@@ -0,0 +1,145 @@
+#
+# uCentral protocol server for devices. This is where you point
+# all your devices. You can replace the * for address by the specific
+# address of one of your interfaces
+#
+
+#
+# REST API access
+#
+ucentral.restapi.host.0.backlog = 100
+ucentral.restapi.host.0.security = relaxed
+ucentral.restapi.host.0.rootca = $UCENTRALSEC_ROOT/certs/restapi-ca.pem
+ucentral.restapi.host.0.address = *
+ucentral.restapi.host.0.port = 16001
+ucentral.restapi.host.0.cert = $UCENTRALSEC_ROOT/certs/restapi-cert.pem
+ucentral.restapi.host.0.key = $UCENTRALSEC_ROOT/certs/restapi-key.pem
+ucentral.restapi.host.0.key.password = mypassword
+ucentral.restapi.wwwassets = $UCENTRALSEC_ROOT/wwwassets
+
+ucentral.internal.restapi.host.0.backlog = 100
+ucentral.internal.restapi.host.0.security = relaxed
+ucentral.internal.restapi.host.0.rootca = $UCENTRALSEC_ROOT/certs/restapi-ca.pem
+ucentral.internal.restapi.host.0.address = *
+ucentral.internal.restapi.host.0.port = 17001
+ucentral.internal.restapi.host.0.cert = $UCENTRALSEC_ROOT/certs/restapi-cert.pem
+ucentral.internal.restapi.host.0.key = $UCENTRALSEC_ROOT/certs/restapi-key.pem
+ucentral.internal.restapi.host.0.key.password = mypassword
+
+#
+# Generic section that all microservices must have
+#
+authentication.enabled = true
+authentication.default.username = tip@ucentral.com
+authentication.default.password = 13268b7daa751240369d125e79c873bd8dd3bef7981bdfd38ea03dbb1fbe7dcf
+ucentral.system.data = $UCENTRALSEC_ROOT/data
+ucentral.system.uri.private = https://ucentralsec.wlan.local:17001
+ucentral.system.uri.public = https://ucentral.wlan.local:16001
+ucentral.system.uri.ui = http://127.0.0.1
+ucentral.system.commandchannel = /tmp/app.ucentralsec
+ucentral.service.key = $UCENTRALSEC_ROOT/certs/restapi-key.pem
+
+#
+# Security Microservice Specific Section
+#
+mailer.hostname = smtp.gmail.com
+mailer.username = no-reply@arilia.com
+mailer.password = pink-elephants-play-hockey
+mailer.loginmethod = login
+mailer.port = 587
+mailer.templates = $UCENTRALSEC_ROOT/templates
+
+
+#############################
+# Generic information for all micro services
+#############################
+#
+# NLB Support
+#
+alb.enable = true
+alb.port = 16101
+
+#
+# Kafka
+#
+ucentral.kafka.group.id = security
+ucentral.kafka.client.id = security1
+ucentral.kafka.enable = true
+# ucentral.kafka.brokerlist = a1.arilia.com:9092
+ucentral.kafka.brokerlist = kafka:9092
+ucentral.kafka.auto.commit = false
+ucentral.kafka.queue.buffering.max.ms = 50
+
+#
+# This section select which form of persistence you need
+# Only one selected at a time. If you select multiple, this service will die if a horrible
+# death and might make your beer flat.
+#
+storage.type = sqlite
+#storage.type = postgresql
+#storage.type = mysql
+#storage.type = odbc
+
+storage.type.sqlite.db = security.db
+storage.type.sqlite.idletime = 120
+storage.type.sqlite.maxsessions = 128
+
+storage.type.postgresql.maxsessions = 64
+storage.type.postgresql.idletime = 60
+storage.type.postgresql.host = postgresql
+storage.type.postgresql.username = ucentralsec
+storage.type.postgresql.password = ucentralsec
+storage.type.postgresql.database = ucentralsec
+storage.type.postgresql.port = 5432
+storage.type.postgresql.connectiontimeout = 60
+
+storage.type.mysql.maxsessions = 64
+storage.type.mysql.idletime = 60
+storage.type.mysql.host = localhost
+storage.type.mysql.username = stephb
+storage.type.mysql.password = snoopy99
+storage.type.mysql.database = ucentral
+storage.type.mysql.port = 3306
+storage.type.mysql.connectiontimeout = 60
+
+
+########################################################################
+########################################################################
+#
+# Logging: please leave as is for now.
+#
+########################################################################
+logging.formatters.f1.class = PatternFormatter
+logging.formatters.f1.pattern = %Y-%m-%d %H:%M:%S %s: [%p] %t
+logging.formatters.f1.times = UTC
+logging.channels.c1.class = ConsoleChannel
+logging.channels.c1.formatter = f1
+
+# This is where the logs will be written. This path MUST exist
+logging.channels.c2.class = FileChannel
+logging.channels.c2.path = $UCENTRALSEC_ROOT/logs/log
+logging.channels.c2.formatter.class = PatternFormatter
+logging.channels.c2.formatter.pattern = %Y-%m-%d %H:%M:%S %s: [%p] %t
+logging.channels.c2.rotation = 20 M
+logging.channels.c2.archive = timestamp
+logging.channels.c2.purgeCount = 20
+logging.channels.c3.class = ConsoleChannel
+logging.channels.c3.pattern = %s: [%p] %t
+
+# External Channel
+logging.loggers.root.channel = c1
+logging.loggers.root.level = debug
+
+# Inline Channel with PatternFormatter
+# logging.loggers.l1.name = logger1
+# logging.loggers.l1.channel.class = ConsoleChannel
+# logging.loggers.l1.channel.pattern = %s: [%p] %t
+# logging.loggers.l1.level = information
+# SplitterChannel
+# logging.channels.splitter.class = SplitterChannel
+# logging.channels.splitter.channels = l1,l2
+# logging.loggers.l2.name = logger2
+# logging.loggers.l2.channel = splitter
+
+
+