Set fixed PostgreSQL image version tag

Signed-off-by: Johann Hoffmann <johann.hoffmann@mailbox.org>

chart/Chart.lock

@@ -1,36 +0,0 @@
-dependencies:
-- name: owgw
-  repository: git+https://github.com/Telecominfraproject/wlan-cloud-ucentralgw@helm?ref=master
-  version: 0.1.0
-- name: owsec
-  repository: git+https://github.com/Telecominfraproject/wlan-cloud-ucentralsec@helm?ref=main
-  version: 0.1.0
-- name: owfms
-  repository: git+https://github.com/Telecominfraproject/wlan-cloud-ucentralfms@helm?ref=main
-  version: 0.1.0
-- name: owprov
-  repository: git+https://github.com/Telecominfraproject/wlan-cloud-owprov@helm?ref=main
-  version: 0.1.0
-- name: owgwui
-  repository: git+https://github.com/Telecominfraproject/wlan-cloud-ucentralgw-ui@helm?ref=main
-  version: 0.1.0
-- name: owprovui
-  repository: git+https://github.com/Telecominfraproject/wlan-cloud-owprov-ui@helm?ref=main
-  version: 0.1.0
-- name: rttys
-  repository: git+https://github.com/Telecominfraproject/wlan-cloud-ucentralgw-rtty@chart?ref=main
-  version: 0.1.0
-- name: kafka
-  repository: https://charts.bitnami.com/bitnami
-  version: 13.0.2
-- name: owls
-  repository: git+https://github.com/Telecominfraproject/wlan-cloud-owls@helm?ref=main
-  version: 0.1.0
-- name: owlsui
-  repository: git+https://github.com/Telecominfraproject/wlan-cloud-owls-ui@helm?ref=master
-  version: 0.1.0
-- name: haproxy
-  repository: https://charts.bitnami.com/bitnami
-  version: 0.2.21
-digest: sha256:ddb5b39b21822bc3e3c6edef60db3cd5140b8126ec7230d58c42cdb75ec9b333
-generated: "2021-12-30T14:44:40.935566071+03:00"

chart/Chart.yaml

@@ -2,34 +2,34 @@ apiVersion: v2
 name: openwifi
 appVersion: "1.0"
 description: A Helm chart for Kubernetes
-version: 0.1.0
+version: 2.6.2
 dependencies:
 - name: owgw
-  repository: "git+https://github.com/Telecominfraproject/wlan-cloud-ucentralgw@helm?ref=master"
+  repository: "git+https://github.com/Telecominfraproject/wlan-cloud-ucentralgw@helm?ref=v2.6.2"
   version: 0.1.0
 - name: owsec
-  repository: "git+https://github.com/Telecominfraproject/wlan-cloud-ucentralsec@helm?ref=main"
+  repository: "git+https://github.com/Telecominfraproject/wlan-cloud-ucentralsec@helm?ref=v2.6.0"
   version: 0.1.0
 - name: owfms
-  repository: "git+https://github.com/Telecominfraproject/wlan-cloud-ucentralfms@helm?ref=main"
+  repository: "git+https://github.com/Telecominfraproject/wlan-cloud-ucentralfms@helm?ref=v2.6.0"
   version: 0.1.0
 - name: owprov
-  repository: "git+https://github.com/Telecominfraproject/wlan-cloud-owprov@helm?ref=main"
+  repository: "git+https://github.com/Telecominfraproject/wlan-cloud-owprov@helm?ref=v2.6.0"
   version: 0.1.0
 - name: owanalytics
-  repository: "git+https://github.com/Telecominfraproject/wlan-cloud-analytics@helm?ref=main"
+  repository: "git+https://github.com/Telecominfraproject/wlan-cloud-analytics@helm?ref=v2.6.0"
   version: 0.1.0
 - name: owgwui
-  repository: "git+https://github.com/Telecominfraproject/wlan-cloud-ucentralgw-ui@helm?ref=main"
+  repository: "git+https://github.com/Telecominfraproject/wlan-cloud-ucentralgw-ui@helm?ref=v2.6.0"
   version: 0.1.0
 - name: owprovui
-  repository: "git+https://github.com/Telecominfraproject/wlan-cloud-owprov-ui@helm?ref=main"
+  repository: "git+https://github.com/Telecominfraproject/wlan-cloud-owprov-ui@helm?ref=v2.6.0"
   version: 0.1.0
 - name: owsub
-  repository: "git+https://github.com/Telecominfraproject/wlan-cloud-userportal@helm?ref=main"
+  repository: "git+https://github.com/Telecominfraproject/wlan-cloud-userportal@helm?ref=v2.6.0"
   version: 0.1.0
 - name: kafka
-  repository: https://charts.bitnami.com/bitnami
+  repository: https://tip.jfrog.io/artifactory/tip-wlan-cloud-ucentral-helm/
   version: 13.0.2
 - name: owls
   repository: "git+https://github.com/Telecominfraproject/wlan-cloud-owls@helm?ref=main"
@@ -40,6 +40,6 @@ dependencies:
   version: 0.1.0
   condition: owlsui.enabled
 - name: haproxy
-  repository: https://charts.bitnami.com/bitnami
+  repository: https://tip.jfrog.io/artifactory/tip-wlan-cloud-ucentral-helm/
   version: 0.2.21
   condition: haproxy.enabled

chart/docker/Dockerfile

@@ -40,6 +40,24 @@ RUN git clone https://github.com/Telecominfraproject/wlan-cloud-owprov.git owpro
   && cp owprov/test_scripts/curl/cli owprov_cli \
   && rm -rf owprov
 
+# OWAnalytics
+ARG OWANALYTICS_VERSION=main
+RUN git clone https://github.com/Telecominfraproject/wlan-cloud-analytics.git owanalytics \
+  && cd owanalytics \
+  && git checkout $OWANALYTICS_VERSION \
+  && cd /cli \
+  && cp owanalytics/test_scripts/curl/cli owanalytics_cli \
+  && rm -rf owanalytics
+
+# OWSub
+ARG OWSUB_VERSION=main
+RUN git clone https://github.com/Telecominfraproject/wlan-cloud-userportal.git owsub \
+  && cd owsub \
+  && git checkout $OWSUB_VERSION \
+  && cd /cli \
+  && cp owsub/test_scripts/curl/cli owsub_cli \
+  && rm -rf owsub
+
 COPY clustersysteminfo clustersysteminfo
 COPY change_credentials change_credentials
 

chart/docker/clustersysteminfo

@@ -94,6 +94,24 @@ do
   let "exit_code_sum+=$(grep ErrorCode result.json | wc -l)"
   sleep 1
 
+  ./owanalytics_cli systeminfo
+  let "exit_code_sum+=$?"
+  if [[ ! -s result.json ]]
+  then
+    let "exit_code_sum+=1"
+  fi
+  let "exit_code_sum+=$(grep ErrorCode result.json | wc -l)"
+  sleep 1
+
+  ./owsub_cli systeminfo
+  let "exit_code_sum+=$?"
+  if [[ ! -s result.json ]]
+  then
+    let "exit_code_sum+=1"
+  fi
+  let "exit_code_sum+=$(grep ErrorCode result.json | wc -l)"
+  sleep 1
+
   let "CHECK_RETRIES-=1"
   echo "Exit code sum: $exit_code_sum"
   echo "Left retries: $CHECK_RETRIES"

chart/environment-values/values.openwifi-qa.external-db.yaml

@@ -8,7 +8,130 @@ owgw:
 
   postgresql:
     enabled: true
+    nameOverride: owgw-pgsql
     fullnameOverride: owgw-pgsql
     postgresqlDatabase: owgw
     postgresqlUsername: owgw
     postgresqlPassword: owgw
+    resources:
+      requests:
+        cpu: 250m
+        memory: 1024Mi
+      limits:
+        cpu: 250m
+        memory: 1024Mi
+
+#owsec:
+#  configProperties:
+#    storage.type: postgresql
+#    storage.type.postgresql.host: owsec-pgsql
+#    storage.type.postgresql.database: owsec
+#    storage.type.postgresql.username: owsec
+#    storage.type.postgresql.password: owsec
+#
+#  postgresql:
+#    enabled: true
+#    nameOverride: owsec-pgsql
+#    fullnameOverride: owsec-pgsql
+#    postgresqlDatabase: owsec
+#    postgresqlUsername: owsec
+#    postgresqlPassword: owsec
+#    resources:
+#      requests:
+#        cpu: 250m
+#        memory: 1024Mi
+#      limits:
+#        cpu: 250m
+#        memory: 1024Mi
+
+#owfms:
+#  configProperties:
+#    storage.type: postgresql
+#    storage.type.postgresql.host: owfms-pgsql
+#    storage.type.postgresql.database: owfms
+#    storage.type.postgresql.username: owfms
+#    storage.type.postgresql.password: owfms
+#
+#  postgresql:
+#    enabled: true
+#    nameOverride: owfms-pgsql
+#    fullnameOverride: owfms-pgsql
+#    postgresqlDatabase: owfms
+#    postgresqlUsername: owfms
+#    postgresqlPassword: owfms
+#    resources:
+#      requests:
+#        cpu: 250m
+#        memory: 1024Mi
+#      limits:
+#        cpu: 250m
+#        memory: 1024Mi
+
+#owprov:
+#  configProperties:
+#    storage.type: postgresql
+#    storage.type.postgresql.host: owprov-pgsql
+#    storage.type.postgresql.database: owprov
+#    storage.type.postgresql.username: owprov
+#    storage.type.postgresql.password: owprov
+#
+#  postgresql:
+#    enabled: true
+#    nameOverride: owprov-pgsql
+#    fullnameOverride: owprov-pgsql
+#    postgresqlDatabase: owprov
+#    postgresqlUsername: owprov
+#    postgresqlPassword: owprov
+#    resources:
+#      requests:
+#        cpu: 250m
+#        memory: 1024Mi
+#      limits:
+#        cpu: 250m
+#        memory: 1024Mi
+
+owanalytics:
+  configProperties:
+    storage.type: postgresql
+    storage.type.postgresql.host: owanalytics-pgsql
+    storage.type.postgresql.database: owanalytics
+    storage.type.postgresql.username: owanalytics
+    storage.type.postgresql.password: owanalytics
+
+  postgresql:
+    enabled: true
+    nameOverride: owanalytics-pgsql
+    fullnameOverride: owanalytics-pgsql
+    postgresqlDatabase: owanalytics
+    postgresqlUsername: owanalytics
+    postgresqlPassword: owanalytics
+    resources:
+      requests:
+        cpu: 250m
+        memory: 1024Mi
+      limits:
+        cpu: 250m
+        memory: 1024Mi
+
+#owsub:
+#  configProperties:
+#    storage.type: postgresql
+#    storage.type.postgresql.host: owsub-pgsql
+#    storage.type.postgresql.database: owsub
+#    storage.type.postgresql.username: owsub
+#    storage.type.postgresql.password: owsub
+#
+#  postgresql:
+#    enabled: true
+#    nameOverride: owsub-pgsql
+#    fullnameOverride: owsub-pgsql
+#    postgresqlDatabase: owsub
+#    postgresqlUsername: owsub
+#    postgresqlPassword: owsub
+#    resources:
+#      requests:
+#        cpu: 250m
+#        memory: 1024Mi
+#      limits:
+#        cpu: 250m
+#        memory: 1024Mi

chart/environment-values/values.openwifi-qa.test-nodes.yaml

@@ -30,6 +30,22 @@ owsec:
     operator: "Exists"
     effect: "NoSchedule"
 
+  postgresql:
+    primary:
+      nodeSelector:
+        env: tests
+      tolerations:
+      - key: "tests"
+        operator: "Exists"
+        effect: "NoSchedule"
+    readReplicas:
+      nodeSelector:
+        env: tests
+      tolerations:
+      - key: "tests"
+        operator: "Exists"
+        effect: "NoSchedule"
+
 owgwui:
   nodeSelector:
     env: tests
@@ -46,6 +62,22 @@ owfms:
     operator: "Exists"
     effect: "NoSchedule"
 
+  postgresql:
+    primary:
+      nodeSelector:
+        env: tests
+      tolerations:
+      - key: "tests"
+        operator: "Exists"
+        effect: "NoSchedule"
+    readReplicas:
+      nodeSelector:
+        env: tests
+      tolerations:
+      - key: "tests"
+        operator: "Exists"
+        effect: "NoSchedule"
+
 owprov:
   nodeSelector:
     env: tests
@@ -54,6 +86,22 @@ owprov:
     operator: "Exists"
     effect: "NoSchedule"
 
+  postgresql:
+    primary:
+      nodeSelector:
+        env: tests
+      tolerations:
+      - key: "tests"
+        operator: "Exists"
+        effect: "NoSchedule"
+    readReplicas:
+      nodeSelector:
+        env: tests
+      tolerations:
+      - key: "tests"
+        operator: "Exists"
+        effect: "NoSchedule"
+
 owprovui:
   nodeSelector:
     env: tests
@@ -102,6 +150,46 @@ owanalytics:
     operator: "Exists"
     effect: "NoSchedule"
 
+  postgresql:
+    primary:
+      nodeSelector:
+        env: tests
+      tolerations:
+      - key: "tests"
+        operator: "Exists"
+        effect: "NoSchedule"
+    readReplicas:
+      nodeSelector:
+        env: tests
+      tolerations:
+      - key: "tests"
+        operator: "Exists"
+        effect: "NoSchedule"
+
+owsub:
+  nodeSelector:
+    env: tests
+  tolerations:
+  - key: "tests"
+    operator: "Exists"
+    effect: "NoSchedule"
+
+  postgresql:
+    primary:
+      nodeSelector:
+        env: tests
+      tolerations:
+      - key: "tests"
+        operator: "Exists"
+        effect: "NoSchedule"
+    readReplicas:
+      nodeSelector:
+        env: tests
+      tolerations:
+      - key: "tests"
+        operator: "Exists"
+        effect: "NoSchedule"
+
 kafka:
   nodeSelector:
     env: tests

chart/environment-values/values.openwifi-qa.yaml

@@ -5,10 +5,13 @@ owgw:
       readiness:
         exec:
           command: ["true"]
+        failureThreshold: 5
+      readiness:
+        failureThreshold: 5
 
   resources:
     requests:
-      cpu: 1000m
+      cpu: 2000m
       memory: 100Mi
     limits:
       cpu: 2000m
@@ -616,13 +619,20 @@ clustersysteminfo:
   delay: 60 # delaying to wait for AWS Route53 DNS propagation
 
 haproxy:
+  resources:
+    requests:
+      cpu: 10m
+      memory: 20Mi
+    limits:
+      cpu: 10m
+      memory: 20Mi
   service:
     annotations:
       service.beta.kubernetes.io/aws-load-balancer-backend-protocol: ssl
       service.beta.kubernetes.io/aws-load-balancer-healthcheck-port: "8080"
       service.beta.kubernetes.io/aws-load-balancer-scheme: internet-facing
       service.beta.kubernetes.io/aws-load-balancer-ssl-cert: arn:aws:acm:us-east-2:289708231103:certificate/bfa89c7a-5b64-4a8a-bcfe-ffec655b5285
-      service.beta.kubernetes.io/aws-load-balancer-ssl-ports: "16004,17004,16002,16003,17002,16005,17005,16001,17001,5912,5913,16009,16007"
+      service.beta.kubernetes.io/aws-load-balancer-ssl-ports: "16004,17004,16002,16003,17002,16005,17005,16001,17001,5912,5913,16009,16007,16006,17006"
       service.beta.kubernetes.io/aws-load-balancer-type: nlb-ip
 
 restapiCerts:

chart/values.yaml

@@ -78,7 +78,7 @@ clustersysteminfo:
   images:
     clustersysteminfo:
       repository: tip-tip-wlan-cloud-ucentral.jfrog.io/clustersysteminfo
-      tag: main
+      tag: v2.6.2
       pullPolicy: Always
 #      regcred:
 #        registry: tip-tip-wlan-cloud-ucentral.jfrog.io
@@ -403,7 +403,7 @@ haproxy:
 
     # owsub
     frontend front_owsub_rest
-      bind :16009
+      bind :16006
       mode tcp
       default_backend back_owsub_rest
     backend back_owsub_rest

docker-compose/.env

@@ -1,16 +1,16 @@
 # Image tags
 COMPOSE_PROJECT_NAME=openwifi
-OWGW_TAG=master
-OWGWUI_TAG=main
-OWSEC_TAG=main
-OWFMS_TAG=main
-OWPROV_TAG=main
-OWPROVUI_TAG=main
-OWANALYTICS_TAG=main
-OWSUB_TAG=main
+OWGW_TAG=v2.6.2
+OWGWUI_TAG=v2.6.0
+OWSEC_TAG=v2.6.0
+OWFMS_TAG=v2.6.0
+OWPROV_TAG=v2.6.0
+OWPROVUI_TAG=v2.6.0
+OWANALYTICS_TAG=v2.6.0
+OWSUB_TAG=v2.6.0
 KAFKA_TAG=latest
-ZOOKEEPER_TAG=latest
-POSTGRESQL_TAG=latest
+ZOOKEEPER_TAG=3.8
+POSTGRESQL_TAG=15.0
 
 # Microservice root/config directories
 OWGW_ROOT=/owgw-data

docker-compose/.env.letsencrypt

@@ -1,15 +1,15 @@
 # Image tags
 COMPOSE_PROJECT_NAME=openwifi
-OWGW_TAG=master
-OWGWUI_TAG=main
-OWSEC_TAG=main
-OWFMS_TAG=main
-OWPROV_TAG=main
-OWPROVUI_TAG=main
-OWANALYTICS_TAG=main
-OWSUB_TAG=main
+OWGW_TAG=v2.6.2
+OWGWUI_TAG=v2.6.0
+OWSEC_TAG=v2.6.0
+OWFMS_TAG=v2.6.0
+OWPROV_TAG=v2.6.0
+OWPROVUI_TAG=v2.6.0
+OWANALYTICS_TAG=v2.6.0
+OWSUB_TAG=v2.6.0
 KAFKA_TAG=latest
-ZOOKEEPER_TAG=latest
+ZOOKEEPER_TAG=3.8
 ACMESH_TAG=latest
 TRAEFIK_TAG=latest
 
@@ -37,12 +37,4 @@ INTERNAL_OWPROVUI_HOSTNAME=owprov-ui.wlan.local
 INTERNAL_OWANALYTICS_HOSTNAME=owanalytics.wlan.local
 INTERNAL_RTTYS_HOSTNAME=rttys.wlan.local
 INTERNAL_OWSUB_HOSTNAME=owsub.wlan.local
-OWGW_HOSTNAME=
-OWGWUI_HOSTNAME=
-OWGWFILEUPLOAD_HOSTNAME=
-OWSEC_HOSTNAME=
-OWFMS_HOSTNAME=
-OWPROV_HOSTNAME=
-OWPROVUI_HOSTNAME=
-OWANALYTICS_HOSTNAME=
-OWSUB_HOSTNAME=
+SDKHOSTNAME=

docker-compose/.env.selfsigned

@@ -1,15 +1,15 @@
 # Image tags
 COMPOSE_PROJECT_NAME=openwifi
-OWGW_TAG=master
-OWGWUI_TAG=main
-OWSEC_TAG=main
-OWFMS_TAG=main
-OWPROV_TAG=main
-OWPROVUI_TAG=main
-OWANALYTICS_TAG=main
-OWSUB_TAG=main
+OWGW_TAG=v2.6.2
+OWGWUI_TAG=v2.6.0
+OWSEC_TAG=v2.6.0
+OWFMS_TAG=v2.6.0
+OWPROV_TAG=v2.6.0
+OWPROVUI_TAG=v2.6.0
+OWANALYTICS_TAG=v2.6.0
+OWSUB_TAG=v2.6.0
 KAFKA_TAG=latest
-ZOOKEEPER_TAG=latest
+ZOOKEEPER_TAG=3.8
 ACMESH_TAG=latest
 TRAEFIK_TAG=latest
 

docker-compose/README.md

@@ -9,13 +9,13 @@ The repository also contains a separate Docker Compose deployment to set up the
 - [LB deployment with Letsencrypt certificates](#lb-deployment-with-letsencrypt-certificates)
 - [OWLS deployment with self-signed certificates](owls/README.md)
 ### Configuration
-If you don't bind mount your own config files they are generated on every startup based on the environment variables in the microservice specific env files. For an overview of the supported configuration properties have a look into the microservice specific env files. For an explanation of the configuration properties please see the README in the respective microservice repository.
-Be aware that the non-LB deployment exposes the generated config files on the host. So if you want to make configuration changes afterwards, please do them directly in the config files located in the microservice data directories.
+Config files for the microservices are generated on every startup based on the environment variables in the microservice specific env files. For an overview of the supported configuration properties have a look into these files. For an explanation of the configuration properties please see the README in the respective microservice repository.
+Be aware that local changes to the config files will be overwritten on every startup if `TEMPLATE_CONFIG` is set to `true` in the microservice env files. If you want to bind mount your own config file or make local changes, please set this variable to `false`.
 #### Required password changing on the first startup
 One important action that must be done before using the deployment is changing password for the default user in owsec as described in [owsec docs](https://github.com/Telecominfraproject/wlan-cloud-ucentralsec/tree/main#changing-default-password). Please use these docs to find the actions that must be done **after** the deployment in order to start using your deployment.
 ### Ports
-Every OpenWifi service is exposed via a separate port either directly on the host or through Traefik. For an overview of the exposed ports have a look into the deployment specific Docker Compose file. If you use your own certificates or make use of the [Letsencrypt LB deployment](#lb-deployment-with-letsencrypt-certificates), you can also configure different hostnames for the microservices.
-Please note that the OWProv-UI is exposed on port `8080(HTTP)/8443(HTTPS)` by default except for the Letsencrypt LB deployment, where the service listens on the default `80/443` HTTP(S) ports.
+Every OpenWifi service is exposed via a separate port either directly on the host or through Traefik. For an overview of the exposed ports have a look into the deployment specific Docker Compose file. If you use your own certificates, you can also configure different hostnames for the microservices.
+Please note that the OWProv-UI is exposed on port `8080(HTTP)/8443(HTTPS)` by default.
 ### owsec templates and wwwassets
 On the startup of owsec directories for wwwassets and mailer templates are created from the base files included in Docker image. After the initial startup you may edit those files as you wish in the [owsec-data/persist](./owsec-data/persist) directory.
 ## Non-LB deployment with self-signed certificates
@@ -153,66 +153,58 @@ export FLAGS="-s --cacert <your-wlan-cloud-ucentral-deploy-location>/docker-comp
 ## LB deployment with self-signed certificates
 Follow the same instructions as for the self-signed deployment without Traefik. The only difference is that you have to spin up the deployment with `docker-compose -f docker-compose.lb.selfsigned.yml --env-file .env.selfsigned up -d`. Make sure to specify the Compose and the according .env file every time you're working with the deployment or create an alias, for example `alias docker-compose-lb-selfsigned="docker-compose -f docker-compose.lb.selfsigned.yml --env-file .env.selfsigned"`. You also have the possibility to scale specific services to a specified number of instances with `docker-compose-lb-selfsigned up -d --scale SERVICE=NUM`, where `SERVICE` is the service name as defined in the Compose file.
 ## LB deployment with Letsencrypt certificates
-For the Letsencrypt challenge to work you need a public IP address. The hostnames which you set for the microservices have to resolve to this IP address to pass the HTTP-01 challenge (https://letsencrypt.org/docs/challenge-types/#http-01-challenge).
+For the Letsencrypt challenge to work you need a public IP address. The hostname which you set in the `$SDKHOSTNAME` env variable has to resolve to this IP address to pass the HTTP-01 challenge (https://letsencrypt.org/docs/challenge-types/#http-01-challenge).
 1. Switch into the project directory with `cd docker-compose/`.
 2. Adapt the following hostname and URI variables according to your environment.
 ### .env.letsencrypt
-| Variable                  | Description                                                                   |
-| ------------------------- | ----------------------------------------------------------------------------- |
-| `OWGW_HOSTNAME`           | Set this to your OWGW hostname, for example `owgw.example.com`.               |
-| `OWGWUI_HOSTNAME`         | Set this to your OWGW-UI hostname, for example `owgw-ui.example.com`.         |
-| `OWGWFILEUPLOAD_HOSTNAME` | Set this to your OWGW fileupload hostname, for example `owgw.example.com`.    |
-| `OWSEC_HOSTNAME`          | Set this to your OWSec hostname, for example `owsec.example.com`.             |
-| `OWFMS_HOSTNAME`          | Set this to your OWFms hostname, for example `owfms.example.com`.             |
-| `OWPROV_HOSTNAME`         | Set this to your OWProv hostname, for example `owprov.example.com`.           |
-| `OWPROVUI_HOSTNAME`       | Set this to your OWProv-UI hostname, for example `owprov-ui.example.com`.     |
-| `OWANALYTICS_HOSTNAME`    | Set this to your OWAnalytics hostname, for example `owanalytics.example.com`. |
-| `OWSUB_HOSTNAME`          | Set this to your OWSub hostname, for example `owsub.example.com`.          |
+| Variable      | Description                                                                                                |
+| ------------- | ---------------------------------------------------------------------------------------------------------- |
+| `SDKHOSTNAME` | Set this to the public hostname you want to use for all microservices, for example `openwifi.example.com`. |
 
 ### owgw.env
-| Variable                 | Description                                                                         |
-| -----------------------  | ----------------------------------------------------------------------------------- |
-| `FILEUPLOADER_HOST_NAME` | Set this to your OWGW fileupload hostname, for example `owgw.example.com`.          |
-| `FILEUPLOADER_URI`       | Set this to your OWGW fileupload URL, for example `https://owgw.example.com:16003`. |
-| `SYSTEM_URI_PUBLIC`      | Set this to your OWGW REST API URL, for example `https://owgw.example.com:16002`.   |
-| `RTTY_SERVER`            | Set this to your OWGW RTTYS hostname, for example `owgw.example.com`.               |
-| `SYSTEM_URI_UI`          | Set this to your OWGW-UI URL, for example `https://owgw-ui.example.com`.            |
+| Variable                 | Description                                                                             |
+| -----------------------  | --------------------------------------------------------------------------------------- |
+| `FILEUPLOADER_HOST_NAME` | Set this to your OWGW fileupload hostname, for example `openwifi.example.com`.          |
+| `FILEUPLOADER_URI`       | Set this to your OWGW fileupload URL, for example `https://openwifi.example.com:16003`. |
+| `SYSTEM_URI_PUBLIC`      | Set this to your OWGW REST API URL, for example `https://openwifi.example.com:16002`.   |
+| `RTTY_SERVER`            | Set this to your OWGW RTTYS hostname, for example `openwifi.example.com`.               |
+| `SYSTEM_URI_UI`          | Set this to your OWGW-UI URL, for example `https://openwifi.example.com`.               |
 
 ### owgw-ui.env
-| Variable            | Description                                                                |
-| ------------------- | -------------------------------------------------------------------------- |
-| `DEFAULT_OWSEC_URL` | Set this to your OWSec URL, for example `https://owsec.example.com:16001`. |
+| Variable            | Description                                                                   |
+| ------------------- | ----------------------------------------------------------------------------- |
+| `DEFAULT_OWSEC_URL` | Set this to your OWSec URL, for example `https://openwifi.example.com:16001`. |
 
 ### owsec.env
-| Variable            | Description                                                                |
-| ------------------- | -------------------------------------------------------------------------- |
-| `SYSTEM_URI_PUBLIC` | Set this to your OWSec URL, for example `https://owsec.example.com:16001`. |
-| `SYSTEM_URI_UI`     | Set this to your OWGW-UI URL, for example `https://owgw-ui.example.com`.   |
+| Variable            | Description                                                                   |
+| ------------------- | ----------------------------------------------------------------------------- |
+| `SYSTEM_URI_PUBLIC` | Set this to your OWSec URL, for example `https://openwifi.example.com:16001`. |
+| `SYSTEM_URI_UI`     | Set this to your OWGW-UI URL, for example `https://openwifi.example.com`.     |
 
 ### owfms.env
-| Variable            | Description                                                                |
-| ------------------- | -------------------------------------------------------------------------- |
-| `SYSTEM_URI_PUBLIC` | Set this to your OWFms URL, for example `https://owfms.example.com:16004`. |
-| `SYSTEM_URI_UI`     | Set this to your OWGW-UI URL, for example `https://owgw-ui.example.com`.   |
+| Variable            | Description                                                                   |
+| ------------------- | ----------------------------------------------------------------------------- |
+| `SYSTEM_URI_PUBLIC` | Set this to your OWFms URL, for example `https://openwifi.example.com:16004`. |
+| `SYSTEM_URI_UI`     | Set this to your OWGW-UI URL, for example `https://openwifi.example.com`.     |
 ### owprov.env
-| Variable             | Description                                                                  |
-| -------------------- | ---------------------------------------------------------------------------- |
-| `SYSTEM_URI_PUBLIC`  | Set this to your OWProv URL, for example `https://owprov.example.com:16005`. |
-| `SYSTEM_URI_UI`      | Set this to your OWGW-UI URL, for example `https://owgw-ui.example.com`.     |
+| Variable             | Description                                                                    | 
+| -------------------- | ------------------------------------------------------------------------------ |
+| `SYSTEM_URI_PUBLIC`  | Set this to your OWProv URL, for example `https://openwifi.example.com:16005`. |
+| `SYSTEM_URI_UI`      | Set this to your OWGW-UI URL, for example `https://openwifi.example.com`.      |
 ### owprov-ui.env
-| Variable                    | Description                                                                |
-| --------------------------- | -------------------------------------------------------------------------- |
-| `REACT_APP_UCENTRALSEC_URL` | Set this to your OWSec URL, for example `https://owsec.example.com:16001`. |
+| Variable                    | Description                                                                   |
+| --------------------------- | ----------------------------------------------------------------------------- |
+| `REACT_APP_UCENTRALSEC_URL` | Set this to your OWSec URL, for example `https://openwifi.example.com:16001`. |
 ### owanalytics.env
-| Variable             | Description                                                                            |
-| -------------------- | -------------------------------------------------------------------------------------- |
-| `SYSTEM_URI_PUBLIC`  | Set this to your OWAnalytics URL, for example `https://owanalytics.example.com:16009`. |
-| `SYSTEM_URI_UI`      | Set this to your OWProv-UI URL, for example `https://owprov-ui.example.com`.           |
+| Variable             | Description                                                                         |
+| -------------------- | ----------------------------------------------------------------------------------- |
+| `SYSTEM_URI_PUBLIC`  | Set this to your OWAnalytics URL, for example `https://openwifi.example.com:16009`. |
+| `SYSTEM_URI_UI`      | Set this to your OWProv-UI URL, for example `https://openwifi.example.com`.         |
 ### owsub.env
-| Variable             | Description                                                                  |
-| -------------------- | ---------------------------------------------------------------------------- |
-| `SYSTEM_URI_PUBLIC`  | Set this to your OWSub URL, for example `https://owsub.example.com:16006`.   |
-| `SYSTEM_URI_UI`      | Set this to your OWGW-UI URL, for example `https://owgw-ui.example.com`.     |
+| Variable             | Description                                                                   |
+| -------------------- | ----------------------------------------------------------------------------- |
+| `SYSTEM_URI_PUBLIC`  | Set this to your OWSub URL, for example `https://openwifi.example.com:16006`. |
+| `SYSTEM_URI_UI`      | Set this to your OWGW-UI URL, for example `https://openwifi.example.com`.     |
 ### traefik.env
 | Variable                                            | Description                               |
 | --------------------------------------------------- | ----------------------------------------- |

docker-compose/deploy.sh

@@ -26,13 +26,9 @@ usage () {
   echo;
 #  echo "- OWSEC_SYSTEM_URI_PRIVATE - private URL to be used for OWSec";
   echo "- OWSEC_SYSTEM_URI_PUBLIC - public URL to be used for OWSec";
-  echo "- OWSEC_AUTHENTICATION_DEFAULT_USERNAME - username to be used for requests to OWSec";
-  echo "- OWSEC_AUTHENTICATION_DEFAULT_PASSWORD - hashed password for OWSec (details on this may be found in https://github.com/Telecominfraproject/wlan-cloud-ucentralsec/#authenticationdefaultpassword)";
   echo;
 #  echo "- OWFMS_SYSTEM_URI_PRIVATE - private URL to be used for OWFms";
   echo "- OWFMS_SYSTEM_URI_PUBLIC - public URL to be used for OWFms";
-  echo "- OWFMS_S3_SECRET - secret key that is used for OWFms access to firmwares S3 bucket";
-  echo "- OWFMS_S3_KEY - access key that is used for OWFms access to firmwares S3 bucket";
   echo;
 #  echo "- OWPROV_SYSTEM_URI_PRIVATE - private URL to be used for OWProv";
   echo "- OWPROV_SYSTEM_URI_PUBLIC - public URL to be used for OWProv";
@@ -42,6 +38,19 @@ usage () {
   echo;
 #  echo "- OWSUB_SYSTEM_URI_PRIVATE - private URL to be used for OWSub";
   echo "- OWSUB_SYSTEM_URI_PUBLIC - public URL to be used for OWSub";
+  echo;
+  echo "Optional environment variables:"
+  echo "- WEBSOCKET_CERT - Your Digicert-signed websocket certificate"
+  echo "- WEBSOCKET_KEY - The key to your Digicert-signed websocket certificate"
+  echo;
+  echo "- OWSEC_AUTHENTICATION_DEFAULT_USERNAME - username to be used for requests to OWSec";
+  echo "- OWSEC_AUTHENTICATION_DEFAULT_PASSWORD - hashed password for OWSec (details on this may be found in https://github.com/Telecominfraproject/wlan-cloud-ucentralsec/#authenticationdefaultpassword)";
+  echo;
+  echo "- OWFMS_S3_SECRET - secret key that is used for OWFms access to firmwares S3 bucket";
+  echo "- OWFMS_S3_KEY - access key that is used for OWFms access to firmwares S3 bucket";
+  echo;
+  echo "- SDKHOSTNAME - Public hostname which is used for cert generation when using the Letsencrypt deployment method"
+  echo "- TRAEFIK_ACME_EMAIL - Email address used for ACME registration"
 }
 
 # Check if required environment variables were passed
@@ -62,15 +71,11 @@ usage () {
 [ -z ${OWGW_SYSTEM_URI_PUBLIC+x} ] && echo "OWGW_SYSTEM_URI_PUBLIC is unset" && usage && exit 1
 [ -z ${OWGW_RTTY_SERVER+x} ] && echo "OWGW_RTTY_SERVER is unset" && usage && exit 1
 ## OWSec configuration variables
-[ -z ${OWSEC_AUTHENTICATION_DEFAULT_USERNAME+x} ] && echo "OWSEC_AUTHENTICATION_DEFAULT_USERNAME is unset" && usage && exit 1
-[ -z ${OWSEC_AUTHENTICATION_DEFAULT_PASSWORD+x} ] && echo "OWSEC_AUTHENTICATION_DEFAULT_PASSWORD is unset" && usage && exit 1
 #[ -z ${OWSEC_SYSTEM_URI_PRIVATE+x} ] && echo "OWSEC_SYSTEM_URI_PRIVATE is unset" && usage && exit 1
 [ -z ${OWSEC_SYSTEM_URI_PUBLIC+x} ] && echo "OWSEC_SYSTEM_URI_PUBLIC is unset" && usage && exit 1
 ## OWFms configuration variables
 #[ -z ${OWFMS_SYSTEM_URI_PRIVATE+x} ] && echo "OWFMS_SYSTEM_URI_PRIVATE is unset" && usage && exit 1
 [ -z ${OWFMS_SYSTEM_URI_PUBLIC+x} ] && echo "OWFMS_SYSTEM_URI_PUBLIC is unset" && usage && exit 1
-[ -z ${OWFMS_S3_SECRET+x} ] && echo "OWFMS_S3_SECRET is unset" && usage && exit 1
-[ -z ${OWFMS_S3_KEY+x} ] && echo "OWFMS_S3_KEY is unset" && usage && exit 1
 ## OWProv configuration variables
 #[ -z ${OWPROV_SYSTEM_URI_PRIVATE+x} ] && echo "OWPROV_SYSTEM_URI_PRIVATE is unset" && usage && exit 1
 [ -z ${OWPROV_SYSTEM_URI_PUBLIC+x} ] && echo "OWPROV_SYSTEM_URI_PUBLIC is unset" && usage && exit 1
@@ -109,6 +114,17 @@ fi
 #sed -i "s~\(^INTERNAL_OWANALYTICS_HOSTNAME=\).*~\1$INTERNAL_OWANALYTICS_HOSTNAME~" .env
 #sed -i "s~\(^INTERNAL_OWSUB_HOSTNAME=\).*~\1$INTERNAL_OWSUB_HOSTNAME~" .env
 
+if [[ ! -z "$SDKHOSTNAME" ]]; then
+  sed -i "s~.*SDKHOSTNAME=.*~SDKHOSTNAME=$SDKHOSTNAME~" .env.letsencrypt
+fi
+
+if [[ ! -z "$WEBSOCKET_CERT" ]]; then
+  echo "$WEBSOCKET_CERT" > certs/websocket-cert.pem
+fi
+if [[ ! -z "$WEBSOCKET_KEY" ]]; then
+  echo "$WEBSOCKET_KEY" > certs/websocket-key.pem && chmod 600 certs/websocket-key.pem
+fi
+
 sed -i "s~.*FILEUPLOADER_HOST_NAME=.*~FILEUPLOADER_HOST_NAME=$OWGW_FILEUPLOADER_HOST_NAME~" owgw.env
 sed -i "s~.*FILEUPLOADER_URI=.*~FILEUPLOADER_URI=$OWGW_FILEUPLOADER_URI~" owgw.env
 sed -i "s~.*SYSTEM_URI_PUBLIC=.*~SYSTEM_URI_PUBLIC=$OWGW_SYSTEM_URI_PUBLIC~" owgw.env
@@ -122,8 +138,12 @@ fi
 
 sed -i "s~.*DEFAULT_UCENTRALSEC_URL=.*~DEFAULT_UCENTRALSEC_URL=$DEFAULT_UCENTRALSEC_URL~" owgw-ui.env
 
-sed -i "s~.*AUTHENTICATION_DEFAULT_USERNAME=.*~AUTHENTICATION_DEFAULT_USERNAME=$OWSEC_AUTHENTICATION_DEFAULT_USERNAME~" owsec.env
-sed -i "s~.*AUTHENTICATION_DEFAULT_PASSWORD=.*~AUTHENTICATION_DEFAULT_PASSWORD=$OWSEC_AUTHENTICATION_DEFAULT_PASSWORD~" owsec.env
+if [[ ! -z "$OWSEC_AUTHENTICATION_DEFAULT_USERNAME" ]]; then
+  sed -i "s~.*AUTHENTICATION_DEFAULT_USERNAME=.*~AUTHENTICATION_DEFAULT_USERNAME=$OWSEC_AUTHENTICATION_DEFAULT_USERNAME~" owsec.env
+fi
+if [[ ! -z "$OWSEC_AUTHENTICATION_DEFAULT_PASSWORD" ]]; then
+  sed -i "s~.*AUTHENTICATION_DEFAULT_PASSWORD=.*~AUTHENTICATION_DEFAULT_PASSWORD=$OWSEC_AUTHENTICATION_DEFAULT_PASSWORD~" owsec.env
+fi
 #sed -i "s~.*SYSTEM_URI_PRIVATE=.*~SYSTEM_URI_PRIVATE=$OWSEC_SYSTEM_URI_PRIVATE~" owsec.env
 sed -i "s~.*SYSTEM_URI_PUBLIC=.*~SYSTEM_URI_PUBLIC=$OWSEC_SYSTEM_URI_PUBLIC~" owsec.env
 sed -i "s~.*SYSTEM_URI_UI=.*~SYSTEM_URI_UI=$SYSTEM_URI_UI~" owsec.env
@@ -131,8 +151,12 @@ sed -i "s~.*SYSTEM_URI_UI=.*~SYSTEM_URI_UI=$SYSTEM_URI_UI~" owsec.env
 #sed -i "s~.*SYSTEM_URI_PRIVATE=.*~SYSTEM_URI_PRIVATE=$OWFMS_SYSTEM_URI_PRIVATE~" owfms.env
 sed -i "s~.*SYSTEM_URI_PUBLIC=.*~SYSTEM_URI_PUBLIC=$OWFMS_SYSTEM_URI_PUBLIC~" owfms.env
 sed -i "s~.*SYSTEM_URI_UI=.*~SYSTEM_URI_UI=$SYSTEM_URI_UI~" owfms.env
-sed -i "s~.*S3_SECRET=.*~S3_SECRET=$OWFMS_S3_SECRET~" owfms.env
-sed -i "s~.*S3_KEY=.*~S3_KEY=$OWFMS_S3_KEY~" owfms.env
+if [[ ! -z "$OWFMS_S3_SECRET" ]]; then
+  sed -i "s~.*S3_SECRET=.*~S3_SECRET=$OWFMS_S3_SECRET~" owfms.env
+fi
+if [[ ! -z "$OWFMS_S3_KEY" ]]; then
+  sed -i "s~.*S3_KEY=.*~S3_KEY=$OWFMS_S3_KEY~" owfms.env
+fi
 
 #sed -i "s~.*SYSTEM_URI_PRIVATE=.*~SYSTEM_URI_PRIVATE=$OWPROV_SYSTEM_URI_PRIVATE~" owprov.env
 sed -i "s~.*SYSTEM_URI_PUBLIC=.*~SYSTEM_URI_PUBLIC=$OWPROV_SYSTEM_URI_PUBLIC~" owprov.env
@@ -148,5 +172,13 @@ sed -i "s~.*SYSTEM_URI_UI=.*~SYSTEM_URI_UI=$SYSTEM_URI_UI~" owanalytics.env
 sed -i "s~.*SYSTEM_URI_PUBLIC=.*~SYSTEM_URI_PUBLIC=$OWSUB_SYSTEM_URI_PUBLIC~" owsub.env
 sed -i "s~.*SYSTEM_URI_UI=.*~SYSTEM_URI_UI=$SYSTEM_URI_UI~" owsub.env
 
+if [[ ! -z "$TRAEFIK_ACME_EMAIL" ]]; then
+  sed -i "s~.*TRAEFIK_CERTIFICATESRESOLVERS_OPENWIFI_ACME_EMAIL=.*~TRAEFIK_CERTIFICATESRESOLVERS_OPENWIFI_ACME_EMAIL=$TRAEFIK_ACME_EMAIL~" traefik.env
+fi
+
 # Run the deployment
-docker-compose up -d
+if [[ ! -z "$SDKHOSTNAME" ]]; then
+  docker-compose -f docker-compose.lb.letsencrypt.yml --env-file .env.letsencrypt up -d
+else
+  docker-compose up -d
+fi

docker-compose/docker-compose.lb.letsencrypt.yml

@@ -196,12 +196,20 @@ services:
       - "./traefik/openwifi_letsencrypt.yaml:/etc/traefik/openwifi.yaml"
       - "./certs/restapi-ca.pem:/certs/restapi-ca.pem"
       - "letsencrypt_certs:/letsencrypt"
+    entrypoint:
+      - /bin/sh
+      - -c
+      - |
+        timeout 10m sh -c 'until [[ "$$(getent hosts $SDKHOSTNAME)" ]]; do echo "Waiting until DNS record for $SDKHOSTNAME is resolvable"; sleep 5; done' \
+        && ./entrypoint.sh traefik
     ports:
       - "15002:15002"
       - "16002:16002"
       - "16003:16003"
       - "80:80"
+      - "8080:8080"
       - "443:443"
+      - "8443:8443"
       - "16001:16001"
       - "16004:16004"
       - "16005:16005"

docker-compose/owgw.env

@@ -38,6 +38,9 @@ SYSTEM_URI_PRIVATE=https://owgw.wlan.local:17002
 SYSTEM_URI_PUBLIC=https://openwifi.wlan.local:16002
 SYSTEM_URI_UI=https://openwifi.wlan.local
 #SIMULATORID=
+#IPTOCOUNTRY_PROVIDER=ipinfo
+#IPTOCOUNTRY_IPINFO_TOKEN=
+#IPTOCOUNTRY_IPDATA_APIKEY=
 #RTTY_INTERNAL=true
 #RTTY_ENABLED=true
 RTTY_SERVER=openwifi.wlan.local

docker-compose/postgresql.env

@@ -15,6 +15,6 @@ OWPROV_DB_PASSWORD=owprov
 OWANALYTICS_DB=owanalytics
 OWANALYTICS_DB_USER=owanalytics
 OWANALYTICS_DB_PASSWORD=owanalytics
-OWUSB_DB=owsub
-OWUSB_DB_USER=owsub
-OWUSB_DB_PASSWORD=owsub
+OWSUB_DB=owsub
+OWSUB_DB_USER=owsub
+OWSUB_DB_PASSWORD=owsub

docker-compose/postgresql/init-db.sh

@@ -3,21 +3,15 @@ set -e
 
 psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" <<-EOSQL
     CREATE USER $OWGW_DB_USER WITH ENCRYPTED PASSWORD '$OWGW_DB_PASSWORD';
-    CREATE DATABASE $OWGW_DB;
-    GRANT ALL PRIVILEGES ON DATABASE $OWGW_DB TO $OWGW_DB_USER;
+    CREATE DATABASE $OWGW_DB OWNER $OWGW_DB_USER;
     CREATE USER $OWSEC_DB_USER WITH ENCRYPTED PASSWORD '$OWSEC_DB_PASSWORD';
-    CREATE DATABASE $OWSEC_DB;
-    GRANT ALL PRIVILEGES ON DATABASE $OWSEC_DB TO $OWSEC_DB_USER;
+    CREATE DATABASE $OWSEC_DB OWNER $OWSEC_DB_USER;
     CREATE USER $OWFMS_DB_USER WITH ENCRYPTED PASSWORD '$OWFMS_DB_PASSWORD';
-    CREATE DATABASE $OWFMS_DB;
-    GRANT ALL PRIVILEGES ON DATABASE $OWFMS_DB TO $OWFMS_DB_USER;
+    CREATE DATABASE $OWFMS_DB OWNER $OWFMS_DB_USER;
     CREATE USER $OWPROV_DB_USER WITH ENCRYPTED PASSWORD '$OWPROV_DB_PASSWORD';
-    CREATE DATABASE $OWPROV_DB;
-    GRANT ALL PRIVILEGES ON DATABASE $OWPROV_DB TO $OWPROV_DB_USER;
+    CREATE DATABASE $OWPROV_DB OWNER $OWPROV_DB_USER;
     CREATE USER $OWANALYTICS_DB_USER WITH ENCRYPTED PASSWORD '$OWANALYTICS_DB_PASSWORD';
-    CREATE DATABASE $OWANALYTICS_DB;
-    GRANT ALL PRIVILEGES ON DATABASE $OWANALYTICS_DB TO $OWANALYTICS_DB_USER;
+    CREATE DATABASE $OWANALYTICS_DB OWNER $OWANALYTICS_DB_USER;
     CREATE USER $OWSUB_DB_USER WITH ENCRYPTED PASSWORD '$OWSUB_DB_PASSWORD';
-    CREATE DATABASE $OWSUB_DB;
-    GRANT ALL PRIVILEGES ON DATABASE $OWSUB_DB TO $OWSUB_DB_USER;
+    CREATE DATABASE $OWSUB_DB OWNER $OWSUB_DB_USER;
 EOSQL

docker-compose/traefik/openwifi_letsencrypt.yaml

@@ -39,75 +39,75 @@ http:
     owgw-rttys-view:
       loadBalancer:
         servers:
-          - url: "http://owgw.wlan.local:5913/"
+          - url: "https://owgw.wlan.local:5913/"
 
   routers:
     owgw-ui-http:
       entryPoints: "owgwuihttp"
       service: "owgw-ui"
-      rule: "Host(`{{ env "OWGWUI_HOSTNAME" }}`)"
+      rule: "Host(`{{ env "SDKHOSTNAME" }}`)"
     owgw-ui-https:
       entryPoints: "owgwuihttps"
       service: "owgw-ui"
-      rule: "Host(`{{ env "OWGWUI_HOSTNAME" }}`)"
+      rule: "Host(`{{ env "SDKHOSTNAME" }}`)"
       tls:
         certResolver: "openwifi"
     owgw-fileupload:
       entryPoints: "owgwfileupload"
       service: "owgw-fileupload"
-      rule: "Host(`{{ env "OWGWFILEUPLOAD_HOSTNAME" }}`)"
+      rule: "Host(`{{ env "SDKHOSTNAME" }}`)"
       tls:
         certResolver: "openwifi"
     owgw-restapi:
       entryPoints: "owgwrestapi"
       service: "owgw-restapi"
-      rule: "Host(`{{ env "OWGW_HOSTNAME" }}`)"
+      rule: "Host(`{{ env "SDKHOSTNAME" }}`)"
       tls:
         certResolver: "openwifi"
     owgw-rttys-view:
       entryPoints: "owgwrttysview"
       service: "owgw-rttys-view"
-      rule: "Host(`{{ env "OWGW_HOSTNAME" }}`)"
+      rule: "Host(`{{ env "SDKHOSTNAME" }}`)"
       tls:
         certResolver: "openwifi"
     owsec-restapi:
       entryPoints: "owsecrestapi"
       service: "owsec-restapi"
-      rule: "Host(`{{ env "OWSEC_HOSTNAME" }}`)"
+      rule: "Host(`{{ env "SDKHOSTNAME" }}`)"
       tls:
         certResolver: "openwifi"
     owfms-restapi:
       entryPoints: "owfmsrestapi"
       service: "owfms-restapi"
-      rule: "Host(`{{env "OWFMS_HOSTNAME"}}`)"
+      rule: "Host(`{{env "SDKHOSTNAME"}}`)"
       tls:
         certResolver: "openwifi"
     owprov-restapi:
       entryPoints: "owprovrestapi"
       service: "owprov-restapi"
-      rule: "Host(`{{env "OWPROV_HOSTNAME"}}`)"
+      rule: "Host(`{{env "SDKHOSTNAME"}}`)"
       tls:
         certResolver: "openwifi"
     owprov-ui-http:
-      entryPoints: "owgwuihttp"
+      entryPoints: "owprovuihttp"
       service: "owprov-ui"
-      rule: "Host(`{{ env "OWPROVUI_HOSTNAME" }}`)"
+      rule: "Host(`{{ env "SDKHOSTNAME" }}`)"
     owprov-ui-https:
-      entryPoints: "owgwuihttps"
+      entryPoints: "owprovuihttps"
       service: "owprov-ui"
-      rule: "Host(`{{ env "OWPROVUI_HOSTNAME" }}`)"
+      rule: "Host(`{{ env "SDKHOSTNAME" }}`)"
       tls:
         certResolver: "openwifi"
     owanalytics-restapi:
       entryPoints: "owanalyticsrestapi"
       service: "owanalytics-restapi"
-      rule: "Host(`{{env "OWANALYTICS_HOSTNAME"}}`)"
+      rule: "Host(`{{env "SDKHOSTNAME"}}`)"
       tls:
         certResolver: "openwifi"
     owsub-restapi:
       entryPoints: "owsubrestapi"
       service: "owsub-restapi"
-      rule: "Host(`{{env "OWSUB_HOSTNAME"}}`)"
+      rule: "Host(`{{env "SDKHOSTNAME"}}`)"
       tls:
         certResolver: "openwifi"
 
@@ -134,6 +134,6 @@ tcp:
     owgw-rttys:
       entryPoints: "owgwrttys"
       service: "owgw-rttys"
-      rule: "HostSNI(`{{ env "OWGW_HOSTNAME" }}`)"
+      rule: "HostSNI(`*`)"
       tls:
-        certResolver: openwifi
+        passthrough: true

docker-compose/traefik/openwifi_selfsigned.yaml

@@ -137,7 +137,7 @@ tcp:
       tls:
         passthrough: true
     owsub-restapi:
-      entryPoints: "owpsubestapi"
+      entryPoints: "owsubrestapi"
       service: "owsub-restapi"
       rule: "HostSNI(`*`)"
       tls: