Chg: update image tag in helm values to v2.7.0

Fix for WIFI-10942

CMakeLists.txt

@@ -59,6 +59,8 @@ include_directories(/usr/local/include  /usr/local/opt/openssl/include src inclu
 configure_file(src/ow_version.h.in ${PROJECT_SOURCE_DIR}/src/ow_version.h @ONLY)
 
 add_compile_options(-Wall -Wextra)
+add_definitions(-DPOCO_LOG_DEBUG="1")
+
 if(ASAN)
     add_compile_options(-fsanitize=address)
     add_link_options(-fsanitize=address)
@@ -74,7 +76,9 @@ add_executable( owfms
         src/framework/orm.h
         src/framework/StorageClass.h
         src/framework/ow_constants.h
+        src/framework/MicroServiceErrorHandler.h
         src/framework/WebSocketClientNotifications.h
+        src/framework/MicroServiceErrorHandler.h
         src/RESTObjects/RESTAPI_SecurityObjects.h src/RESTObjects/RESTAPI_SecurityObjects.cpp
         src/RESTObjects/RESTAPI_ProvObjects.cpp src/RESTObjects/RESTAPI_ProvObjects.h
         src/RESTObjects/RESTAPI_GWobjects.h src/RESTObjects/RESTAPI_GWobjects.cpp

Dockerfile

@@ -1,16 +1,24 @@
-FROM alpine:3.15 AS build-base
+ARG DEBIAN_VERSION=11.4-slim
+ARG POCO_VERSION=poco-tip-v1
+ARG FMTLIB_VERSION=9.0.0
+ARG CPPKAFKA_VERSION=tip-v1
+ARG JSON_VALIDATOR_VERSION=2.1.0
+ARG AWS_SDK_VERSION=1.9.315
 
-RUN apk add --update --no-cache \
+FROM debian:$DEBIAN_VERSION AS build-base
+
+RUN apt-get update && apt-get install --no-install-recommends -y \
     make cmake g++ git \
-    unixodbc-dev postgresql-dev mariadb-dev \
-    librdkafka-dev boost-dev openssl-dev \
-    zlib-dev nlohmann-json \
-    curl-dev
+    libpq-dev libmariadb-dev libmariadbclient-dev-compat \
+    librdkafka-dev libboost-all-dev libssl-dev \
+    zlib1g-dev nlohmann-json3-dev ca-certificates libcurl4-openssl-dev
 
 FROM build-base AS poco-build
 
-ADD https://api.github.com/repos/AriliaWireless/poco/git/refs/tags/poco-tip-v1 version.json
-RUN git clone https://github.com/AriliaWireless/poco --branch poco-tip-v1 /poco
+ARG POCO_VERSION
+
+ADD https://api.github.com/repos/AriliaWireless/poco/git/refs/tags/${POCO_VERSION} version.json
+RUN git clone https://github.com/AriliaWireless/poco --branch ${POCO_VERSION} /poco
 
 WORKDIR /poco
 RUN mkdir cmake-build
@@ -19,22 +27,12 @@ RUN cmake ..
 RUN cmake --build . --config Release -j8
 RUN cmake --build . --target install
 
-FROM build-base AS cppkafka-build
-
-ADD https://api.github.com/repos/AriliaWireless/cppkafka/git/refs/tags/tip-v1 version.json
-RUN git clone https://github.com/AriliaWireless/cppkafka --branch tip-v1 /cppkafka
-
-WORKDIR /cppkafka
-RUN mkdir cmake-build
-WORKDIR cmake-build
-RUN cmake ..
-RUN cmake --build . --config Release -j8
-RUN cmake --build . --target install
-
 FROM build-base AS fmtlib-build
 
-ADD https://api.github.com/repos/fmtlib/fmt/git/refs/tags/9.0.0 version.json
-RUN git clone https://github.com/fmtlib/fmt --branch 9.0.0 /fmtlib
+ARG FMTLIB_VERSION
+
+ADD https://api.github.com/repos/fmtlib/fmt/git/refs/tags/${FMTLIB_VERSION} version.json
+RUN git clone https://github.com/fmtlib/fmt --branch ${FMTLIB_VERSION} /fmtlib
 
 WORKDIR /fmtlib
 RUN mkdir cmake-build
@@ -43,10 +41,26 @@ RUN cmake ..
 RUN make
 RUN make install
 
+FROM build-base AS cppkafka-build
+
+ARG CPPKAFKA_VERSION
+
+ADD https://api.github.com/repos/AriliaWireless/cppkafka/git/refs/tags/${CPPKAFKA_VERSION} version.json
+RUN git clone https://github.com/AriliaWireless/cppkafka --branch ${CPPKAFKA_VERSION} /cppkafka
+
+WORKDIR /cppkafka
+RUN mkdir cmake-build
+WORKDIR cmake-build
+RUN cmake ..
+RUN cmake --build . --config Release -j8
+RUN cmake --build . --target install
+
 FROM build-base AS json-schema-validator-build
 
-ADD https://api.github.com/repos/pboettch/json-schema-validator/git/refs/tags/2.1.0 version.json
-RUN git clone https://github.com/pboettch/json-schema-validator --branch 2.1.0 /json-schema-validator
+ARG JSON_VALIDATOR_VERSION
+
+ADD https://api.github.com/repos/pboettch/json-schema-validator/git/refs/tags/${JSON_VALIDATOR_VERSION} version.json
+RUN git clone https://github.com/pboettch/json-schema-validator --branch ${JSON_VALIDATOR_VERSION} /json-schema-validator
 
 WORKDIR /json-schema-validator
 RUN mkdir cmake-build
@@ -57,14 +71,19 @@ RUN make install
 
 FROM build-base AS aws-sdk-cpp-build
 
-ADD https://api.github.com/repos/aws/aws-sdk-cpp/git/refs/heads/main version.json
-RUN git clone --recurse-submodules https://github.com/aws/aws-sdk-cpp /aws-sdk-cpp
+ARG AWS_SDK_VERSION
+
+ADD https://api.github.com/repos/aws/aws-sdk-cpp/git/refs/tags/${AWS_SDK_VERSION} version.json
+RUN git clone --recurse-submodules https://github.com/aws/aws-sdk-cpp --branch ${AWS_SDK_VERSION} /aws-sdk-cpp
 
 WORKDIR /aws-sdk-cpp
 RUN mkdir cmake-build
 WORKDIR cmake-build
 RUN cmake .. -DBUILD_ONLY="sns;s3" \
              -DCMAKE_BUILD_TYPE=Release \
+             -DUSE_OPENSSL=ON \
+             -DCPP_STANDARD=17 \
+             -DBUILD_SHARED_LIBS=ON \
              -DCMAKE_CXX_FLAGS="-Wno-error=stringop-overflow -Wno-error=uninitialized" \
              -DAUTORUN_UNIT_TESTS=OFF
 RUN cmake --build . --config Release -j8
@@ -91,26 +110,24 @@ COPY --from=fmtlib-build /usr/local/lib /usr/local/lib
 WORKDIR /owfms
 RUN mkdir cmake-build
 WORKDIR /owfms/cmake-build
-RUN cmake .. \
-          -Dcrypto_LIBRARY=/usr/lib/libcrypto.so \
-          -DBUILD_SHARED_LIBS=ON
+RUN cmake ..
 RUN cmake --build . --config Release -j8
 
-FROM alpine:3.15
+FROM debian:$DEBIAN_VERSION
 
 ENV OWFMS_USER=owfms \
     OWFMS_ROOT=/owfms-data \
     OWFMS_CONFIG=/owfms-data
 
-RUN addgroup -S "$OWFMS_USER" && \
-    adduser -S -G "$OWFMS_USER" "$OWFMS_USER"
+RUN useradd "$OWFMS_USER"
 
 RUN mkdir /openwifi
 RUN mkdir -p "$OWFMS_ROOT" "$OWFMS_CONFIG" && \
     chown "$OWFMS_USER": "$OWFMS_ROOT" "$OWFMS_CONFIG"
 
-RUN apk add --update --no-cache librdkafka su-exec gettext ca-certificates bash jq curl \
-    mariadb-connector-c libpq unixodbc postgresql-client
+RUN apt-get update && apt-get install --no-install-recommends -y \
+    librdkafka++1 gosu gettext ca-certificates bash jq curl wget \
+    libmariadb-dev-compat libpq5 unixodbc postgresql-client
 
 COPY readiness_check /readiness_check
 COPY test_scripts/curl/cli /cli
@@ -119,7 +136,7 @@ COPY owfms.properties.tmpl /
 COPY docker-entrypoint.sh /
 COPY wait-for-postgres.sh /
 RUN wget https://raw.githubusercontent.com/Telecominfraproject/wlan-cloud-ucentral-deploy/main/docker-compose/certs/restapi-ca.pem \
-    -O /usr/local/share/ca-certificates/restapi-ca-selfsigned.pem
+    -O /usr/local/share/ca-certificates/restapi-ca-selfsigned.crt
 
 COPY --from=owfms-build /owfms/cmake-build/owfms /openwifi/owfms
 COPY --from=cppkafka-build /cppkafka/cmake-build/src/lib/* /usr/local/lib
@@ -128,6 +145,8 @@ COPY --from=aws-sdk-cpp-build /aws-sdk-cpp/cmake-build/aws-cpp-sdk-core/libaws-c
 COPY --from=aws-sdk-cpp-build /aws-sdk-cpp/cmake-build/aws-cpp-sdk-s3/libaws-cpp-sdk-s3.so /usr/local/lib
 COPY --from=aws-sdk-cpp-build /aws-sdk-cpp/cmake-build/aws-cpp-sdk-sns/libaws-cpp-sdk-sns.so /usr/local/lib
 
+RUN ldconfig
+
 EXPOSE 16004 17004 16104
 
 ENTRYPOINT ["/docker-entrypoint.sh"]

build

@@ -1 +1 @@
-7
+18

docker-entrypoint.sh

@@ -1,11 +1,11 @@
-#!/bin/sh
+#!/bin/bash
 set -e
 
 if [ "$SELFSIGNED_CERTS" = 'true' ]; then
     update-ca-certificates
 fi
 
-if [[ "$TEMPLATE_CONFIG" = 'true' && ! -f "$OWFMS_CONFIG"/owfms.properties ]]; then
+if [[ "$TEMPLATE_CONFIG" = 'true' ]]; then
   RESTAPI_HOST_ROOTCA=${RESTAPI_HOST_ROOTCA:-"\$OWFMS_ROOT/certs/restapi-ca.pem"} \
   RESTAPI_HOST_PORT=${RESTAPI_HOST_PORT:-"16004"} \
   RESTAPI_HOST_CERT=${RESTAPI_HOST_CERT:-"\$OWFMS_ROOT/certs/restapi-cert.pem"} \
@@ -22,6 +22,7 @@ if [[ "$TEMPLATE_CONFIG" = 'true' && ! -f "$OWFMS_CONFIG"/owfms.properties ]]; t
   SYSTEM_URI_PRIVATE=${SYSTEM_URI_PRIVATE:-"https://localhost:17004"} \
   SYSTEM_URI_PUBLIC=${SYSTEM_URI_PUBLIC:-"https://localhost:16004"} \
   SYSTEM_URI_UI=${SYSTEM_URI_UI:-"http://localhost"} \
+  SECURITY_RESTAPI_DISABLE=${SECURITY_RESTAPI_DISABLE:-"false"} \
   S3_BUCKETNAME=${S3_BUCKETNAME:-"ucentral-ap-firmware"} \
   S3_REGION=${S3_REGION:-"us-east-1"} \
   S3_SECRET=${S3_SECRET:-"*******************************************"} \
@@ -51,7 +52,7 @@ if [ "$1" = '/openwifi/owfms' -a "$(id -u)" = '0' ]; then
     if [ "$RUN_CHOWN" = 'true' ]; then
       chown -R "$OWFMS_USER": "$OWFMS_ROOT" "$OWFMS_CONFIG"
     fi
-    exec su-exec "$OWFMS_USER" "$@"
+    exec gosu "$OWFMS_USER" "$@"
 fi
 
 exec "$@"

helm/.gitignore

@@ -1 +1,3 @@
 *.swp
+Chart.lock
+charts/

helm/README.md

@@ -70,7 +70,8 @@ The following table lists the configurable parameters of the chart and their def
 | persistence.size | string | Defines PV size | `'10Gi'` |
 | public_env_variables | hash | Defines list of environment variables to be passed to the Firmware | |
 | configProperties | hash | Configuration properties that should be passed to the application in `owfms.properties`. May be passed by key in set (i.e. `configProperties."rtty\.token"`) | |
-| certs | hash | Defines files (keys and certificates) that should be passed to the Firmware (PEM format is adviced to be used) (see `volumes.owfms` on where it is mounted) |  |
+| existingCertsSecret | string | Existing Kubernetes secret containing all required certificates and private keys for microservice operation. If set, certificates from `certs` key are ignored | `""` |
+| certs | hash | Defines files (keys and certificates) that should be passed to the Gateway (PEM format is adviced to be used) (see `volumes.owfms` on where it is mounted). If `existingCertsSecret` is set, certificates passed this way will not be used. |  |
 
 
 Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example,

helm/templates/deployment.yaml

@@ -1,4 +1,5 @@
 {{- $root := . -}}
+{{- $storageType := index .Values.configProperties "storage.type" -}}
 ---
 apiVersion: apps/v1
 kind: Deployment
@@ -46,6 +47,39 @@ spec:
             - -timeout
             - 600s
 
+{{- if eq $storageType "postgresql" }}
+        - name: wait-postgres
+          image: "{{ .Values.images.owfms.repository }}:{{ .Values.images.owfms.tag }}"
+          imagePullPolicy: {{ .Values.images.owfms.pullPolicy }}
+          command:
+            - /wait-for-postgres.sh
+            - {{ index .Values.configProperties "storage.type.postgresql.host" }}
+            - echo
+            - "PostgreSQL is ready"
+          env:
+            - name: KUBERNETES_DEPLOYED
+              value: "{{ now }}"
+          {{- range $key, $value := .Values.public_env_variables }}
+            - name: {{ $key }}
+              value: {{ $value | quote }}
+          {{- end }}
+          {{- range $key, $value := .Values.secret_env_variables }}
+            - name: {{ $key }}
+              valueFrom:
+                secretKeyRef:
+                  name: {{ include "owfms.fullname" $root }}-env
+                  key: {{ $key }}
+          {{- end }}
+          volumeMounts:
+          {{- range .Values.volumes.owfms }}
+          - name: {{ .name }}
+            mountPath: {{ .mountPath }}
+            {{- if .subPath }}
+            subPath: {{ .subPath }}
+            {{- end }}
+          {{- end }}
+{{- end }}
+
       containers:
 
         - name: owfms
@@ -97,8 +131,10 @@ spec:
             {{- toYaml . | nindent 12 }}
           {{- end }}
 
+      {{- with .Values.securityContext }}
       securityContext:
-        fsGroup: 101
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
 
       imagePullSecrets:
       {{- range $image, $imageValue := .Values.images }}

helm/values.yaml

@@ -9,7 +9,7 @@ fullnameOverride: ""
 images:
   owfms:
     repository: tip-tip-wlan-cloud-ucentral.jfrog.io/owfms
-    tag: main
+    tag: v2.7.0
     pullPolicy: Always
 #    regcred:
 #      registry: tip-tip-wlan-cloud-ucentral.jfrog.io
@@ -71,7 +71,7 @@ volumes:
       mountPath: /owfms-data/certs
       volumeDefinition: |
         secret:
-          secretName: {{ include "owfms.fullname" . }}-certs
+          secretName: {{ if .Values.existingCertsSecret }}{{ .Values.existingCertsSecret }}{{ else }}{{ include "owfms.fullname" . }}-certs{{ end }}
     # Change this if you want to use another volume type
     - name: persist
       mountPath: /owfms-data/persist
@@ -91,6 +91,9 @@ resources: {}
   #  cpu: 100m
   #  memory: 128Mi
 
+securityContext:
+  fsGroup: 1000
+
 nodeSelector: {}
 
 tolerations: []
@@ -207,6 +210,9 @@ configProperties:
   storage.type.mysql.username: stephb
   storage.type.mysql.password: snoopy99
 
+# NOTE: List of required certificates may be found in "certs" key. Alternative way to pass required certificates is to create external secret with all required certificates and set secret name in "existingCertsSecret" key. Details may be found in https://github.com/Telecominfraproject/wlan-cloud-ucentral-deploy/tree/main/chart#tldr
+existingCertsSecret: ""
+
 certs:
   # restapi-ca.pem: ""
   # restapi-cert.pem: ""

owfms.properties

@@ -35,6 +35,7 @@ openwifi.system.uri.private = https://localhost:17004
 openwifi.system.uri.public = https://ucentral.dpaas.arilia.com:16004
 openwifi.system.commandchannel = /tmp/app.owfms
 openwifi.system.uri.ui = ucentral-ui.arilia.com
+openwifi.security.restapi.disable = false
 
 firmwaredb.refresh = 1800
 firmwaredb.maxage = 90

owfms.properties.tmpl

@@ -36,6 +36,8 @@ openwifi.system.uri.private = ${SYSTEM_URI_PRIVATE}
 openwifi.system.uri.public = ${SYSTEM_URI_PUBLIC}
 openwifi.system.commandchannel = /tmp/app.ucentralfms
 openwifi.system.uri.ui = ${SYSTEM_URI_UI}
+openwifi.security.restapi.disable = ${SECURITY_RESTAPI_DISABLE}
+
 firmwaredb.refresh = 1800
 firmwaredb.maxage = 90
 

src/AutoUpdater.cpp

@@ -11,6 +11,7 @@
 namespace OpenWifi {
 
     int AutoUpdater::Start() {
+        poco_information(Logger(),"Starting...");
         AutoUpdaterEnabled_ = MicroService::instance().ConfigGetBool("autoupdater.enabled", false);
         if(AutoUpdaterEnabled_) {
             Running_ = false;
@@ -24,10 +25,12 @@ namespace OpenWifi {
     }
 
     void AutoUpdater::Stop() {
+        poco_information(Logger(),"Stopping...");
         Running_ = false;
         if(AutoUpdaterEnabled_) {
             Timer_.stop();
         }
+        poco_information(Logger(),"Stopped...");
     }
 
     void AutoUpdater::ToBeUpgraded(std::string serialNumber, std::string DeviceType) {
@@ -45,7 +48,7 @@ namespace OpenWifi {
             auto Entry = Queue_.front();
             Queue_.pop_front();
             try {
-                Logger().debug(fmt::format("Preparing to upgrade {}",Entry.first));
+                poco_debug(Logger(),fmt::format("Preparing to upgrade {}",Entry.first));
                 auto CacheEntry = Cache_.find(Entry.first);
                 uint64_t now = OpenWifi::Now();
                 std::string firmwareUpgrade;
@@ -55,11 +58,11 @@ namespace OpenWifi {
                     C.LastCheck = now;
                     bool        firmwareRCOnly;
                     if(OpenWifi::SDK::Prov::GetFirmwareOptions(Entry.first, firmwareUpgrade, firmwareRCOnly)) {
-                        Logger().debug(fmt::format("Found firmware options for {}",Entry.first));
+                        poco_debug(Logger(),fmt::format("Found firmware options for {}",Entry.first));
                         C.firmwareRCOnly = firmwareRCOnly;
                         C.firmwareUpgrade = firmwareUpgrade;
                     } else {
-                        Logger().debug(fmt::format("Found no firmware options for {}",Entry.first));
+                        poco_debug(Logger(),fmt::format("Found no firmware options for {}",Entry.first));
                         C.firmwareRCOnly = firmwareRCOnly;
                         C.firmwareUpgrade = firmwareUpgrade;
                     }
@@ -69,7 +72,7 @@ namespace OpenWifi {
                 }
 
                 if(firmwareUpgrade=="no") {
-                    Logger().information(fmt::format("Device {} not upgradable. Provisioning service settings.",Entry.first));
+                    poco_information(Logger(),fmt::format("Device {} not upgradable. Provisioning service settings.",Entry.first));
                     continue;
                 }
 
@@ -79,26 +82,26 @@ namespace OpenWifi {
                 if(LF) {
                     if(StorageService()->FirmwaresDB().GetFirmware(fwEntry.Id,fwDetails)) {
                         //  send the command to upgrade this device...
-                        Logger().information(fmt::format("Upgrading {} to version {}", Entry.first, fwEntry.Revision));
+                        poco_information(Logger(),fmt::format("Upgrading {} to version {}", Entry.first, fwEntry.Revision));
                         if(OpenWifi::SDK::GW::SendFirmwareUpgradeCommand(Entry.first,fwDetails.uri)) {
-                            Logger().information(fmt::format("Upgrade command sent for {}",Entry.first));
+                            poco_information(Logger(),fmt::format("Upgrade command sent for {}",Entry.first));
                         } else {
-                            Logger().information(fmt::format("Upgrade command not sent for {}",Entry.first));
+                            poco_information(Logger(),fmt::format("Upgrade command not sent for {}",Entry.first));
                         }
                     } else {
-                        Logger().information(fmt::format("Firmware for device {} ({}) cannot be found.", Entry.first, Entry.second ));
+                        poco_information(Logger(),fmt::format("Firmware for device {} ({}) cannot be found.", Entry.first, Entry.second ));
                     }
                 } else {
-                    Logger().information(fmt::format("Firmware for device {} ({}) cannot be found.", Entry.first, Entry.second ));
+                    poco_information(Logger(),fmt::format("Firmware for device {} ({}) cannot be found.", Entry.first, Entry.second ));
                 }
             } catch (...) {
-                Logger().information(fmt::format("Exception during auto update for device {}.", Entry.first ));
+                poco_information(Logger(),fmt::format("Exception during auto update for device {}.", Entry.first ));
             }
         }
     }
 
     void AutoUpdater::reinitialize([[maybe_unused]] Poco::Util::Application &self) {
-        Logger().information("Reinitializing.");
+        poco_information(Logger(),"Reinitializing.");
         Reset();
     }
 }

src/DeviceCache.cpp

@@ -7,10 +7,13 @@
 namespace OpenWifi {
 
     int DeviceCache::Start() {
+        poco_information(Logger(),"Starting...");
         return 0;
     }
 
     void DeviceCache::Stop() {
+        poco_information(Logger(),"Stopping...");
+        poco_information(Logger(),"Stopped...");
     }
 
     void DeviceCache::AddToCache(

src/FirmwareCache.cpp

@@ -7,11 +7,13 @@
 namespace OpenWifi {
 
     int FirmwareCache::Start() {
+        poco_information(Logger(),"Starting...");
         return 0;
     }
 
     void FirmwareCache::Stop() {
-
+        poco_information(Logger(),"Stopping...");
+        poco_information(Logger(),"Stopped...");
     }
 
     std::shared_ptr<FMSObjects::Firmware> GetFirmware([[maybe_unused]] const std::string & DeviceType, [[maybe_unused]] const std::string & Revision) {

src/LatestFirmwareCache.cpp

@@ -8,11 +8,14 @@
 namespace OpenWifi {
 
     int LatestFirmwareCache::Start() {
+        poco_information(Logger(),"Starting...");
         StorageService()->FirmwaresDB().PopulateLatestFirmwareCache();
         return 0;
     }
 
     void LatestFirmwareCache::Stop() {
+        poco_information(Logger(),"Stopping...");
+        poco_information(Logger(),"Stopped...");
     }
 
     bool LatestFirmwareCache::AddToCache(const std::string & DeviceType, const std::string &Revision, const std::string &Id, uint64_t TimeStamp) {

src/LatestFirmwareCache.h

@@ -57,7 +57,7 @@ namespace OpenWifi {
         Types::StringSet            RevisionSet_;
         Types::StringSet            DeviceSet_;
         explicit LatestFirmwareCache() noexcept:
-                SubSystemServer("FirmwareCache", "FIRMWARE-CACHE", "FirmwareCache")
+                SubSystemServer("LatestFirmwareCache", "LATEST-FIRMWARE-CACHE", "LatestFirmwareCache")
         {
         }
     };

src/ManifestCreator.cpp

@@ -18,11 +18,11 @@ namespace OpenWifi {
 
     void ManifestCreator::onTimer([[maybe_unused]] Poco::Timer &timer) {
         Utils::SetThreadName("manifest");
-        Logger().information("Performing DB refresh");
+        poco_information(Logger(),"Performing DB refresh");
         S3BucketContent BucketList;
         StorageService()->FirmwaresDB().RemoveOldFirmware();
         ReadBucket(BucketList);
-        Logger().information(fmt::format("Found {} firmware entries in S3 repository.", BucketList.size()));
+        poco_information(Logger(),fmt::format("Found {} firmware entries in S3 repository.", BucketList.size()));
         ComputeManifest(BucketList);
         AddManifestToDB(BucketList);
     }
@@ -49,7 +49,7 @@ namespace OpenWifi {
                         Entry.Image = ParsedContent->get("image").toString();
                         auto FullNme = Name + "-upgrade.bin";
                         if(FullNme!=Entry.Image) {
-                            Logger().error(fmt::format("MANIFEST({}): Image name does not match manifest name ({}).",Name,Entry.Image));
+                            poco_error(Logger(),fmt::format("MANIFEST({}): Image name does not match manifest name ({}).",Name,Entry.Image));
                             Entry.Valid = false;
                             BadFormat++;
                             continue;
@@ -61,7 +61,7 @@ namespace OpenWifi {
                         Entry.Valid = false;
                     }
                 } else {
-                    Logger().error(fmt::format("MANIFEST({}): Entry does not have a valid JSON manifest.",Name));
+                    poco_error(Logger(),fmt::format("MANIFEST({}): Entry does not have a valid JSON manifest.",Name));
                     MissingJson++;
                     Entry.Valid = false;
                 }
@@ -70,10 +70,10 @@ namespace OpenWifi {
             }
         }
 
-        Logger().information(fmt::format("Accepted {} firmwares.", Accepted));
-        Logger().information(fmt::format("Rejected {} too old firmwares.", Rejected));
-        Logger().information(fmt::format("Rejected {} bad JSON.", BadFormat));
-        Logger().information(fmt::format("Rejected {} missing JSON.", MissingJson));
+        poco_information(Logger(),fmt::format("Accepted {} firmwares.", Accepted));
+        poco_information(Logger(),fmt::format("Rejected {} too old firmwares.", Rejected));
+        poco_information(Logger(),fmt::format("Rejected {} bad JSON.", BadFormat));
+        poco_information(Logger(),fmt::format("Rejected {} missing JSON.", MissingJson));
 
         return true;
     }
@@ -99,7 +99,7 @@ namespace OpenWifi {
                 F.revision = BucketEntry.Revision;
                 F.deviceType = BucketEntry.Compatible;
                 if(StorageService()->FirmwaresDB().AddFirmware(F)) {
-                    Logger().information(fmt::format("Adding firmware '{}', size={}",Release,F.size));
+                    poco_information(Logger(),fmt::format("Adding firmware '{}', size={}",Release,F.size));
                 } else {
                 }
             }
@@ -185,7 +185,7 @@ namespace OpenWifi {
         while(!isDone) {
             Outcome = S3Client.ListObjectsV2(Request);
             if(!Outcome.IsSuccess()) {
-                Logger().error(fmt::format("Error while doing ListObjectsV2: {}, {}",
+                poco_error(Logger(),fmt::format("Error while doing ListObjectsV2: {}, {}",
                                            std::string{Outcome.GetError().GetExceptionName()},
                                            std::string{Outcome.GetError().GetMessage()}));
                 return false;
@@ -281,7 +281,7 @@ namespace OpenWifi {
 
         // std::cout << "Count:" << Count << "  Runs:" << Runs << std::endl;
         if(!Outcome.IsSuccess()) {
-            Logger().error(fmt::format("Error while doing ListObjectsV2: {}, {}",
+            poco_error(Logger(),fmt::format("Error while doing ListObjectsV2: {}, {}",
                                        std::string{Outcome.GetError().GetExceptionName()},
                                        std::string{Outcome.GetError().GetMessage()}));
             return false;

src/NewCommandHandler.cpp

@@ -46,9 +46,9 @@ namespace OpenWifi {
                             if(Command=="delete_device") {
                                 auto pSerialNumber = PayloadSection["payload"]["serialNumber"];
                                 if(pSerialNumber==SerialNumber) {
-                                    Logger().debug(fmt::format("Removing device '{}' from upgrade history.",SerialNumber));
+                                    poco_debug(Logger(),fmt::format("Removing device '{}' from upgrade history.",SerialNumber));
                                     StorageService()->HistoryDB().DeleteHistory(SerialNumber);
-                                    Logger().debug(fmt::format("Removing device '{}' from device table.",SerialNumber));
+                                    poco_debug(Logger(),fmt::format("Removing device '{}' from device table.",SerialNumber));
                                     StorageService()->DevicesDB().DeleteDevice(SerialNumber);
                                 }
                             }

src/NewConnectionHandler.cpp

@@ -68,12 +68,12 @@ namespace OpenWifi {
                                 if(StorageService()->FirmwaresDB().ComputeFirmwareAge(DeviceType, Revision, FA)) {
                                     StorageService()->DevicesDB().SetDeviceRevision(SerialNumber, Revision, DeviceType, EndPoint);
                                     if(FA.age)
-                                        Logger().information(fmt::format("Device {} connection. Firmware is {} older than latest.",SerialNumber, Utils::SecondsToNiceText(FA.age)));
+                                        poco_information(Logger(),fmt::format("Device {} connection. Firmware is {} older than latest.",SerialNumber, Utils::SecondsToNiceText(FA.age)));
                                     else
-                                        Logger().information(fmt::format("Device {} connection. Device firmware is up to date.",SerialNumber));
+                                    poco_information(Logger(),fmt::format("Device {} connection. Device firmware is up to date.",SerialNumber));
                                 }
                                 else {
-                                    Logger().information(fmt::format("Device {} connection. Firmware age cannot be determined.",SerialNumber));
+                                    poco_information(Logger(),fmt::format("Device {} connection. Firmware age cannot be determined.",SerialNumber));
                                 }
 
                                 if(!LatestFirmwareCache()->IsLatest(DeviceType, Revision)) {
@@ -116,6 +116,7 @@ namespace OpenWifi {
     };
 
     int NewConnectionHandler::Start() {
+        poco_information(Logger(),"Starting...");
         Types::TopicNotifyFunction F = [this](std::string s1,std::string s2) { this->ConnectionReceived(s1,s2); };
         ConnectionWatcherId_ = KafkaManager()->RegisterTopicWatcher(KafkaTopics::CONNECTION, F);
         Worker_.start(*this);
@@ -123,10 +124,12 @@ namespace OpenWifi {
     };
 
     void NewConnectionHandler::Stop() {
+        poco_information(Logger(),"Stopping...");
         KafkaManager()->UnregisterTopicWatcher(KafkaTopics::CONNECTION, ConnectionWatcherId_);
         Running_ = false;
         Worker_.wakeUp();
         Worker_.join();
+        poco_information(Logger(),"Stopped...");
     };
 
     bool NewConnectionHandler::Update() {

src/StorageService.cpp

@@ -11,6 +11,7 @@
 namespace OpenWifi {
 
     int Storage::Start() {
+        poco_information(Logger(),"Starting...");
         std::lock_guard		Guard(Mutex_);
 
         StorageClass::Start();
@@ -27,9 +28,10 @@ namespace OpenWifi {
     }
 
     void Storage::Stop() {
+        poco_information(Logger(),"Stopping...");
         std::lock_guard		Guard(Mutex_);
-        Logger().notice("Stopping.");
         StorageClass::Stop();
+        poco_information(Logger(),"Stopped...");
     }
 
     std::string Storage::TrimRevision(const std::string &R) {

src/framework/MicroService.h

@@ -96,8 +96,10 @@ using namespace std::chrono_literals;
 #include "Poco/NObserver.h"
 #include "Poco/Net/SocketNotification.h"
 #include "Poco/Base64Decoder.h"
+#include "Poco/ThreadLocal.h"
 #include "cppkafka/cppkafka.h"
 
+#include "framework/MicroServiceErrorHandler.h"
 #include "framework/OpenWifiTypes.h"
 #include "framework/KafkaTopics.h"
 #include "framework/ow_constants.h"
@@ -667,6 +669,19 @@ namespace OpenWifi::RESTAPI_utils {
 
 namespace OpenWifi::Utils {
 
+	inline bool NormalizeMac(std::string & Mac) {
+		Poco::replaceInPlace(Mac,":","");
+		Poco::replaceInPlace(Mac,"-","");
+		if(Mac.size()!=12)
+			return false;
+		for(const auto &i:Mac) {
+			if(!std::isxdigit(i))
+				return false;
+		}
+		Poco::toLowerInPlace(Mac);
+		return true;
+	}
+
 	inline void SetThreadName(const char *name) {
 #ifdef __linux__
 		Poco::Thread::current()->setName(name);
@@ -1346,28 +1361,6 @@ namespace OpenWifi {
         Poco::ExpireLRUCache<KeyType,Record>  Cache_{Size,Expiry};
     };
 
-    class MyErrorHandler : public Poco::ErrorHandler {
-	  public:
-		explicit MyErrorHandler(Poco::Util::Application &App) : App_(App) {}
-		inline void exception(const Poco::Exception & E) {
-		    Poco::Thread * CurrentThread = Poco::Thread::current();
-		    App_.logger().log(E);
-		    poco_error(App_.logger(), fmt::format("Exception occurred in {}",CurrentThread->getName()));
-		}
-
-		inline void exception(const std::exception & E) {
-		    Poco::Thread * CurrentThread = Poco::Thread::current();
-			poco_warning(App_.logger(), fmt::format("std::exception in {}: {}",CurrentThread->getName(),E.what()));
-		}
-
-		inline void exception() {
-		    Poco::Thread * CurrentThread = Poco::Thread::current();
-			poco_warning(App_.logger(), fmt::format("exception in {}",CurrentThread->getName()));
-		}
-	  private:
-		Poco::Util::Application	&App_;
-	};
-
 	class BusEventManager : public Poco::Runnable {
 	  public:
 		explicit BusEventManager(Poco::Logger &L) : Logger_(L) {
@@ -2882,12 +2875,13 @@ namespace OpenWifi {
 	    }
 
 	    inline void Stop() override {
+			poco_information(Logger(),"Stopping...");
             std::lock_guard	G(Mutex_);
 	        Cache_.clear();
+			poco_information(Logger(),"Stopped...");
 	    }
 
 	    inline void RemovedCachedToken(const std::string &Token) {
-	        std::lock_guard	G(Mutex_);
 	        Cache_.remove(Token);
 	    }
 
@@ -2897,6 +2891,7 @@ namespace OpenWifi {
 
 	    inline bool RetrieveTokenInformation(const std::string & SessionToken,
 											 SecurityObjects::UserInfoAndPolicy & UInfo,
+											 std::uint64_t TID,
 											 bool & Expired, bool & Contacted, bool Sub=false) {
 	        try {
 	            Types::StringPairVec QueryData;
@@ -2922,7 +2917,6 @@ namespace OpenWifi {
 	                        return false;
 	                    }
 	                    Expired = false;
-                        std::lock_guard	G(Mutex_);
 	                    Cache_.update(SessionToken, UInfo);
 	                    return true;
 	                } else {
@@ -2930,14 +2924,15 @@ namespace OpenWifi {
                     }
 	            }
 	        } catch (...) {
+				poco_error(Logger(),fmt::format("Failed to retrieve token={} for TID={}", SessionToken, TID));
 	        }
 	        Expired = false;
 	        return false;
 	    }
 
         inline bool IsAuthorized(const std::string &SessionToken, SecurityObjects::UserInfoAndPolicy & UInfo,
+								 std::uint64_t TID,
 								 bool & Expired, bool & Contacted, bool Sub = false) {
-            std::lock_guard	G(Mutex_);
 	        auto User = Cache_.get(SessionToken);
 	        if(!User.isNull()) {
 	            if(IsTokenExpired(User->webtoken)) {
@@ -2948,7 +2943,7 @@ namespace OpenWifi {
                 UInfo = *User;
                 return true;
 	        }
-	        return RetrieveTokenInformation(SessionToken, UInfo, Expired, Contacted, Sub);
+	        return RetrieveTokenInformation(SessionToken, UInfo, TID, Expired, Contacted, Sub);
 	    }
 
 	private:
@@ -3080,7 +3075,7 @@ namespace OpenWifi {
 
 	private:
 	    std::vector<std::unique_ptr<Poco::Net::HTTPServer>>   RESTServers_;
-	    Poco::ThreadPool	    Pool_{"x-rest",4,128};
+	    Poco::ThreadPool	    Pool_{"x-rest",8,128};
 	    RESTAPI_GenericServer   Server_;
 
         RESTAPI_ExtServer() noexcept:
@@ -3097,15 +3092,16 @@ namespace OpenWifi {
 	    inline Poco::Net::HTTPRequestHandler *createRequestHandler(const Poco::Net::HTTPServerRequest &Request) override {
 			try {
 				Poco::URI uri(Request.getURI());
-				Utils::SetThreadName(fmt::format("x-rest:{}",TransactionId_).c_str());
-				return RESTAPI_ExtServer()->CallServer(uri.getPath(), TransactionId_++);
+				auto TID = NextTransactionId_++;
+				Utils::SetThreadName(fmt::format("x-rest:{}",TID).c_str());
+				return RESTAPI_ExtServer()->CallServer(uri.getPath(), TID);
 			} catch (...) {
 
 			}
 			return nullptr;
 	    }
 	private:
-        static inline std::atomic_uint64_t  TransactionId_ = 1;
+        static inline std::atomic_uint64_t  NextTransactionId_ = 1;
 	};
 
 	class LogMuxer : public Poco::Channel {
@@ -3213,7 +3209,7 @@ namespace OpenWifi {
         const Poco::ThreadPool & Pool() { return Pool_; }
 	private:
 	    std::vector<std::unique_ptr<Poco::Net::HTTPServer>>   RESTServers_;
-	    Poco::ThreadPool	    Pool_{"i-rest",4,96};
+	    Poco::ThreadPool	    Pool_{"i-rest",4,64};
 	    RESTAPI_GenericServer   Server_;
 
         RESTAPI_IntServer() noexcept:
@@ -3228,12 +3224,13 @@ namespace OpenWifi {
 	public:
         inline IntRequestHandlerFactory() = default;
 	    inline Poco::Net::HTTPRequestHandler *createRequestHandler(const Poco::Net::HTTPServerRequest &Request) override {
-			Utils::SetThreadName(fmt::format("i-rest:{}",TransactionId_).c_str());
+			auto TID=NextTransactionId_++;
+			Utils::SetThreadName(fmt::format("i-rest:{}",TID).c_str());
 	        Poco::URI uri(Request.getURI());
-	        return RESTAPI_IntServer()->CallServer(uri.getPath(), TransactionId_);
+	        return RESTAPI_IntServer()->CallServer(uri.getPath(), TID);
 	    }
 	private:
-        static inline std::atomic_uint64_t  TransactionId_ = 1;
+        static inline std::atomic_uint64_t  NextTransactionId_ = 1;
 	};
 
 	struct MicroServiceMeta {
@@ -3409,7 +3406,7 @@ namespace OpenWifi {
         bool                        NoBuiltInCrypto_=false;
         Poco::JWT::Signer	        Signer_;
 		Poco::Logger				&Logger_;
-		Poco::ThreadPool				TimerPool_{"timer:pool",2,16};
+		Poco::ThreadPool				TimerPool_{"timer:pool",2,32};
 		std::unique_ptr<BusEventManager>	BusEventManager_;
     };
 
@@ -3574,7 +3571,7 @@ namespace OpenWifi {
 
             auto LoggingDestination = MicroService::instance().ConfigGetString("logging.type", "file");
             auto LoggingFormat = MicroService::instance().ConfigGetString("logging.format",
-                                                                          "%Y-%m-%d %H:%M:%S %s: [%p] %t");
+                                                                          "%Y-%m-%d %H:%M:%S.%i %s: [%p][thr:%I] %t");
             if (LoggingDestination == "console") {
                 Poco::AutoPtr<Poco::ConsoleChannel> Console(new Poco::ConsoleChannel);
                 Poco::AutoPtr<Poco::AsyncChannel> Async(new Poco::AsyncChannel(Console));
@@ -3605,14 +3602,14 @@ namespace OpenWifi {
                 FileChannel->setProperty("archive", "timestamp");
                 FileChannel->setProperty("path", LoggingLocation);
                 Poco::AutoPtr<Poco::AsyncChannel> Async_File(new Poco::AsyncChannel(FileChannel));
-				Poco::AutoPtr<Poco::AsyncChannel> Async_Muxer(new Poco::AsyncChannel(LogMuxer()));
-                Poco::AutoPtr<Poco::SplitterChannel> Splitter(new Poco::SplitterChannel);
-				Splitter->addChannel(Async_File);
-				Splitter->addChannel(Async_Muxer);
+				// Poco::AutoPtr<Poco::AsyncChannel> Async_Muxer(new Poco::AsyncChannel(LogMuxer()));
+                // Poco::AutoPtr<Poco::SplitterChannel> Splitter(new Poco::SplitterChannel);
+				// Splitter->addChannel(Async_File);
+				// Splitter->addChannel(Async_Muxer);
 				Poco::AutoPtr<Poco::PatternFormatter> Formatter(new Poco::PatternFormatter);
                 Formatter->setProperty("pattern", LoggingFormat);
                 Poco::AutoPtr<Poco::FormattingChannel> FormattingChannel(
-                        new Poco::FormattingChannel(Formatter, Splitter));
+                        new Poco::FormattingChannel(Formatter, Async_File));
                 Poco::Logger::root().setChannel(FormattingChannel);
             }
             auto Level = Poco::Logger::parseLevel(MicroService::instance().ConfigGetString("logging.level", "debug"));
@@ -3631,7 +3628,9 @@ namespace OpenWifi {
 	    SubSystems_.push_back(ALBHealthCheckServer());
 	    SubSystems_.push_back(RESTAPI_ExtServer());
 	    SubSystems_.push_back(RESTAPI_IntServer());
-
+#ifndef TIP_SECURITY_SERVICE
+		SubSystems_.push_back(AuthClient());
+#endif
 	    Poco::Net::initializeSSL();
 	    Poco::Net::HTTPStreamFactory::registerFactory();
 	    Poco::Net::HTTPSStreamFactory::registerFactory();
@@ -3959,8 +3958,6 @@ namespace OpenWifi {
             }
 
             Poco::Net::HTTPServerParams::Ptr Params = new Poco::Net::HTTPServerParams;
-            Params->setMaxThreads(50);
-            Params->setMaxQueued(200);
             Params->setKeepAlive(true);
 			Params->setName("ws:xrest");
 
@@ -3995,8 +3992,6 @@ namespace OpenWifi {
             }
 
             auto Params = new Poco::Net::HTTPServerParams;
-            Params->setMaxThreads(50);
-            Params->setMaxQueued(200);
             Params->setKeepAlive(true);
 			Params->setName("ws:irest");
 
@@ -4016,7 +4011,7 @@ namespace OpenWifi {
     }
 
     inline int MicroService::main([[maybe_unused]] const ArgVec &args) {
-	    MyErrorHandler	ErrorHandler(*this);
+	    MicroServiceErrorHandler	ErrorHandler(*this);
 	    Poco::ErrorHandler::set(&ErrorHandler);
 
 	    if (!HelpRequested_) {
@@ -4776,7 +4771,7 @@ namespace OpenWifi {
     }
 
 #ifdef    TIP_SECURITY_SERVICE
-    [[nodiscard]] bool AuthServiceIsAuthorized(Poco::Net::HTTPServerRequest & Request,std::string &SessionToken, SecurityObjects::UserInfoAndPolicy & UInfo, bool & Expired , bool Sub );
+    [[nodiscard]] bool AuthServiceIsAuthorized(Poco::Net::HTTPServerRequest & Request,std::string &SessionToken, SecurityObjects::UserInfoAndPolicy & UInfo, std::uint64_t TID, bool & Expired , bool Sub );
 #endif
     inline bool RESTAPIHandler::IsAuthorized( bool & Expired , [[maybe_unused]] bool & Contacted , bool Sub ) {
         if(Internal_ && Request->has("X-INTERNAL-NAME")) {
@@ -4784,17 +4779,20 @@ namespace OpenWifi {
 			Contacted = true;
             if(!Allowed) {
                 if(Server_.LogBadTokens(false)) {
-                    poco_debug(Logger_,fmt::format("I-REQ-DENIED({}): Method={} Path={}",
-                                               Utils::FormatIPv6(Request->clientAddress().toString()),
-                                               Request->getMethod(), Request->getURI()));
+                    poco_debug(Logger_,fmt::format("I-REQ-DENIED({}): TID={} Method={} Path={}",
+						Utils::FormatIPv6(Request->clientAddress().toString()),
+						TransactionId_,
+						Request->getMethod(), Request->getURI()));
                 }
             } else {
                 auto Id = Request->get("X-INTERNAL-NAME", "unknown");
 				REST_Requester_ = Id;
                 if(Server_.LogIt(Request->getMethod(),true)) {
-					poco_debug(Logger_,fmt::format("I-REQ-ALLOWED({}): User='{}' Method={} Path={}",
-                                               Utils::FormatIPv6(Request->clientAddress().toString()), Id,
-                                               Request->getMethod(), Request->getURI()));
+					poco_debug(Logger_,fmt::format("I-REQ-ALLOWED({}): TID={} User='{}' Method={} Path={}",
+						Utils::FormatIPv6(Request->clientAddress().toString()),
+						TransactionId_,
+						Id,
+						Request->getMethod(), Request->getURI()));
                 }
             }
             return Allowed;
@@ -4810,25 +4808,28 @@ namespace OpenWifi {
                 }
             }
 #ifdef    TIP_SECURITY_SERVICE
-            if (AuthServiceIsAuthorized(*Request, SessionToken_, UserInfo_, Expired, Sub)) {
+            if (AuthServiceIsAuthorized(*Request, SessionToken_, UserInfo_, TransactionId_, Expired, Sub)) {
 #else
-            if (AuthClient()->IsAuthorized( SessionToken_, UserInfo_, Expired, Contacted, Sub)) {
+            if (AuthClient()->IsAuthorized( SessionToken_, UserInfo_, TransactionId_, Expired, Contacted, Sub)) {
 #endif
 				REST_Requester_ = UserInfo_.userinfo.email;
                 if(Server_.LogIt(Request->getMethod(),true)) {
-					poco_debug(Logger_,fmt::format("X-REQ-ALLOWED({}): User='{}@{}' Method={} Path={}",
-                                               UserInfo_.userinfo.email,
-                                               Utils::FormatIPv6(Request->clientAddress().toString()),
-                                               Request->clientAddress().toString(),
-                                               Request->getMethod(),
-                                               Request->getURI()));
+					poco_debug(Logger_,fmt::format("X-REQ-ALLOWED({}): TID={} User='{}@{}' Method={} Path={}",
+						UserInfo_.userinfo.email,
+						TransactionId_,
+						Utils::FormatIPv6(Request->clientAddress().toString()),
+						Request->clientAddress().toString(),
+						Request->getMethod(),
+						Request->getURI()));
                 }
                 return true;
             } else {
                 if(Server_.LogBadTokens(true)) {
-					poco_debug(Logger_,fmt::format("X-REQ-DENIED({}): Method={} Path={}",
-                                               Utils::FormatIPv6(Request->clientAddress().toString()),
-                                               Request->getMethod(), Request->getURI()));
+					poco_debug(Logger_,fmt::format("X-REQ-DENIED({}): TID={} Method={} Path={}",
+						Utils::FormatIPv6(Request->clientAddress().toString()),
+						TransactionId_,
+						Request->getMethod(),
+						Request->getURI()));
                 }
             }
             return false;
@@ -5090,7 +5091,7 @@ namespace OpenWifi {
 			auto Op = flags & Poco::Net::WebSocket::FRAME_OP_BITMASK;
 
 			if (n == 0) {
-				poco_warning(Logger(),Poco::format("CLOSE(%s): %s UI Client is closing WS connection.", Id_, UserName_));
+				poco_debug(Logger(),fmt::format("CLOSE({}): {} UI Client is closing WS connection.", Id_, UserName_));
 				return delete this;
 			}
 
@@ -5103,7 +5104,7 @@ namespace OpenWifi {
 			case Poco::Net::WebSocket::FRAME_OP_PONG: {
 			} break;
 			case Poco::Net::WebSocket::FRAME_OP_CLOSE: {
-				poco_warning(Logger(),Poco::format("CLOSE(%s): %s UI Client is closing WS connection.", Id_, UserName_));
+				poco_debug(Logger(),fmt::format("CLOSE({}): {} UI Client is closing WS connection.", Id_, UserName_));
 				Done = true;
 			} break;
 			case Poco::Net::WebSocket::FRAME_OP_TEXT: {
@@ -5113,10 +5114,10 @@ namespace OpenWifi {
 					auto Tokens = Utils::Split(Frame, ':');
 					bool Expired = false, Contacted = false;
 					if (Tokens.size() == 2 &&
-						AuthClient()->IsAuthorized(Tokens[1], UserInfo_, Expired, Contacted)) {
+						AuthClient()->IsAuthorized(Tokens[1], UserInfo_, 0, Expired, Contacted)) {
 						Authenticated_ = true;
 						UserName_ = UserInfo_.userinfo.email;
-						poco_warning(Logger(),Poco::format("START(%s): %s UI Client is starting WS connection.", Id_, UserName_));
+						poco_debug(Logger(),fmt::format("START({}): {} UI Client is starting WS connection.", Id_, UserName_));
 						std::string S{"Welcome! Bienvenue! Bienvenidos!"};
 						WS_->sendFrame(S.c_str(), S.size());
 						WebSocketClientServer()->SetUser(Id_, UserInfo_.userinfo.email);
@@ -5202,7 +5203,6 @@ namespace OpenWifi {
                                                 Poco::Net::ErrorNotification>(*this,&WebSocketClient::OnSocketError));
             (*WS_).shutdown();
             (*WS_).close();
-            WebSocketClientServer()->UnRegister(Id_);
         } catch(...) {
 
         }

src/framework/MicroServiceErrorHandler.h

@@ -0,0 +1,169 @@
+//
+// Created by stephane bourque on 2022-09-29.
+//
+
+#pragma once
+
+#include "fmt/format.h"
+#include "Poco/Util/Application.h"
+#include "Poco/ErrorHandler.h"
+#include "Poco/Net/NetException.h"
+#include "Poco/Net/SSLException.h"
+#include "Poco/JSON/Template.h"
+#include "Poco/Thread.h"
+
+namespace OpenWifi {
+
+	class MicroServiceErrorHandler : public Poco::ErrorHandler {
+	  public:
+		explicit MicroServiceErrorHandler(Poco::Util::Application &App) : App_(App) {
+		}
+
+		inline void exception(const Poco::Exception & Base) override {
+			try {
+				if(Poco::Thread::current()!= nullptr) {
+					t_name = Poco::Thread::current()->getName();
+					t_id = Poco::Thread::current()->id();
+				} else {
+					t_name = "startup_code";
+					t_id = 0;
+				}
+
+				App_.logger().log(Base);
+				Base.rethrow();
+
+			} catch (const Poco::Net::InvalidCertificateException &E) {
+				poco_error(App_.logger(), fmt::format("Poco::Net::InvalidCertificateException thr_name={} thr_id={} code={} text={} msg={} what={}",
+													  t_name, t_id, E.code(),
+													  E.displayText(),
+													  E.message(),
+													  E.what()));
+			} catch (const Poco::Net::InvalidSocketException &E) {
+				poco_error(App_.logger(), fmt::format("Poco::Net::InvalidSocketException thr_name={} thr_id={} code={} text={} msg={} what={}",
+													  t_name, t_id, E.code(),
+													  E.displayText(),
+													  E.message(),
+													  E.what()));
+			} catch (const Poco::Net::WebSocketException &E) {
+				poco_error(App_.logger(), fmt::format("Poco::Net::WebSocketException thr_name={} thr_id={} code={} text={} msg={} what={}",
+													  t_name, t_id, E.code(),
+													  E.displayText(),
+													  E.message(),
+													  E.what()));
+			} catch (const Poco::Net::ConnectionResetException &E) {
+				poco_error(App_.logger(), fmt::format("Poco::Net::ConnectionResetException thr_name={} thr_id={} code={} text={} msg={} what={}",
+													  t_name, t_id, E.code(),
+													  E.displayText(),
+													  E.message(),
+													  E.what()));
+			} catch (const Poco::Net::CertificateValidationException &E) {
+				poco_error(App_.logger(), fmt::format("Poco::Net::CertificateValidationException thr_name={} thr_id={} code={} text={} msg={} what={}",
+													  t_name, t_id, E.code(),
+													  E.displayText(),
+													  E.message(),
+													  E.what()));
+			} catch (const Poco::Net::SSLConnectionUnexpectedlyClosedException &E) {
+				poco_error(App_.logger(), fmt::format("Poco::Net::SSLConnectionUnexpectedlyClosedException thr_name={} thr_id={} code={} text={} msg={} what={}",
+													  t_name, t_id, E.code(),
+													  E.displayText(),
+													  E.message(),
+													  E.what()));
+			} catch (const Poco::Net::SSLContextException &E) {
+				poco_error(App_.logger(), fmt::format("Poco::Net::SSLContextException thr_name={} thr_id={} code={} text={} msg={} what={}",
+													  t_name, t_id, E.code(),
+													  E.displayText(),
+													  E.message(),
+													  E.what()));
+			} catch (const Poco::Net::SSLException &E) {
+				poco_error(App_.logger(), fmt::format("Poco::Net::SSLException thr_name={} thr_id={} code={} text={} msg={} what={}",
+													  t_name, t_id, E.code(),
+													  E.displayText(),
+													  E.message(),
+													  E.what()));
+
+			} catch (const Poco::Net::InvalidAddressException &E) {
+				poco_error(App_.logger(), fmt::format("Poco::Net::InvalidAddressException thr_name={} thr_id={} code={} text={} msg={} what={}",
+													  t_name, t_id, E.code(),
+													  E.displayText(),
+													  E.message(),
+													  E.what()));
+
+			} catch (const Poco::Net::NetException &E) {
+				poco_error(App_.logger(), fmt::format("Poco::Net::NetException thr_name={} thr_id={} code={} text={} msg={} what={}",
+													  t_name, t_id, E.code(),
+													  E.displayText(),
+													  E.message(),
+													  E.what()));
+
+			} catch (const Poco::IOException &E) {
+				poco_error(App_.logger(), fmt::format("Poco::IOException thr_name={} thr_id={} code={} text={} msg={} what={}",
+													  t_name, t_id, E.code(),
+													  E.displayText(),
+													  E.message(),
+													  E.what()));
+			} catch (const Poco::RuntimeException &E) {
+				poco_error(App_.logger(), fmt::format("Poco::RuntimeException thr_name={} thr_id={} code={} text={} msg={} what={}",
+													  t_name, t_id, E.code(),
+													  E.displayText(),
+													  E.message(),
+													  E.what()));
+			} catch (const Poco::JSON::JSONTemplateException &E) {
+				poco_error(App_.logger(), fmt::format("Poco::JSON::JSONTemplateException thr_name={} thr_id={} code={} text={} msg={} what={}",
+													  t_name, t_id, E.code(),
+													  E.displayText(),
+													  E.message(),
+													  E.what()));
+			} catch (const Poco::JSON::JSONException &E) {
+				poco_error(App_.logger(), fmt::format("Poco::JSON::JSONException thr_name={} thr_id={} code={} text={} msg={} what={}",
+													  t_name, t_id, E.code(),
+													  E.displayText(),
+													  E.message(),
+													  E.what()));
+			} catch (const Poco::ApplicationException &E) {
+				poco_error(App_.logger(), fmt::format("Poco::ApplicationException thr_name={} thr_id={} code={} text={} msg={} what={}",
+													  t_name, t_id, E.code(),
+													  E.displayText(),
+													  E.message(),
+													  E.what()));
+			} catch (const Poco::Exception &E) {
+				poco_error(App_.logger(), fmt::format("Poco::Exception thr_name={} thr_id={} code={} text={} msg={} what={}",
+													  t_name, t_id, E.code(),
+													  E.displayText(),
+													  E.message(),
+													  E.what()));
+			} catch (...) {
+				poco_error(App_.logger(), fmt::format("Poco:Generic thr_name={}",t_name, t_id));
+			}
+		}
+
+		inline void exception(const std::exception & E) override {
+			if(Poco::Thread::current()!= nullptr) {
+				t_name = Poco::Thread::current()->getName();
+				t_id = Poco::Thread::current()->id();
+			} else {
+				t_name = "startup_code";
+				t_id = 0;
+			}
+			poco_warning(App_.logger(), fmt::format("std::exception in {}: {} thr_id={}",
+													t_name,E.what(),
+													t_id));
+		}
+
+		inline void exception() override {
+			if(Poco::Thread::current()!= nullptr) {
+				t_name = Poco::Thread::current()->getName();
+				t_id = Poco::Thread::current()->id();
+			} else {
+				t_name = "startup_code";
+				t_id = 0;
+			}
+			poco_warning(App_.logger(), fmt::format("generic exception in {} thr_id={}",
+													t_name, t_id));
+		}
+	  private:
+		Poco::Util::Application	&App_;
+		std::string		t_name;
+		int 			t_id=0;
+	};
+
+}

wait-for-postgres.sh

@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/bash
 # wait-for-postgres.sh
 
 set -e
@@ -20,7 +20,7 @@ if [ "$1" = '/openwifi/owfms' -a "$(id -u)" = '0' ]; then
     if [ "$RUN_CHOWN" = 'true' ]; then
       chown -R "$OWFMS_USER": "$OWFMS_ROOT" "$OWFMS_CONFIG"
     fi
-    exec su-exec "$OWFMS_USER" "$@"
+    exec gosu "$OWFMS_USER" "$@"
 fi
 
 exec "$@"