Chg: update image tag in helm values to v2.4.0

* Add wait-for-postgres.sh wrapper script

Signed-off-by: Johann Hoffmann <johann.hoffmann@mailbox.org>

* Copy wait-for-postgres.sh into Docker image

Signed-off-by: Johann Hoffmann <johann.hoffmann@mailbox.org>

CMakeLists.txt

@@ -29,7 +29,20 @@ else()
     set(BUILD_NUM 1)
     file(WRITE build ${BUILD_NUM})
 endif()
-add_definitions(-DAPP_VERSION="${CMAKE_PROJECT_VERSION}" -DBUILD_NUMBER="${BUILD_NUM}")
+
+find_package(Git QUIET)
+if(GIT_FOUND AND EXISTS "${PROJECT_SOURCE_DIR}/.git")
+    execute_process(COMMAND ${GIT_EXECUTABLE} describe --always --tags
+            WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}
+            RESULT_VARIABLE GIT_RESULT
+            OUTPUT_VARIABLE GIT_HASH)
+    if(NOT GIT_RESULT EQUAL "0")
+        message(FATAL_ERROR "git describe --always --tags failed with ${GIT_RESULT}")
+    endif()
+    string(REGEX REPLACE "\n$" "" GIT_HASH "${GIT_HASH}")
+endif()
+add_definitions(-DAWS_CUSTOM_MEMORY_MANAGEMENT)
+
 add_definitions(-DTIP_GATEWAY_SERVICE="1")
 
 set(Boost_USE_STATIC_LIBS OFF)
@@ -52,8 +65,11 @@ endif()
 
 include_directories(/usr/local/include  /usr/local/opt/openssl/include src include/kafka /usr/local/opt/mysql-client/include)
 
+configure_file(src/ow_version.h.in ${PROJECT_SOURCE_DIR}/src/ow_version.h @ONLY)
+
 add_executable( owgw
         build
+        src/ow_version.h.in
         src/framework/CountryCodes.h
         src/framework/KafkaTopics.h
         src/framework/MicroService.h

Dockerfile

@@ -38,6 +38,7 @@ RUN make install
 ADD CMakeLists.txt build /owgw/
 ADD cmake /owgw/cmake
 ADD src /owgw/src
+ADD .git /owgw/.git
 
 WORKDIR /owgw
 RUN mkdir cmake-build
@@ -57,7 +58,7 @@ RUN addgroup -S "$OWGW_USER" && \
 RUN mkdir /openwifi
 RUN mkdir -p "$OWGW_ROOT" "$OWGW_CONFIG" && \
     chown "$OWGW_USER": "$OWGW_ROOT" "$OWGW_CONFIG"
-RUN apk add --update --no-cache librdkafka mariadb-connector-c libpq unixodbc su-exec gettext ca-certificates bash jq curl
+RUN apk add --update --no-cache librdkafka mariadb-connector-c libpq unixodbc su-exec gettext ca-certificates bash jq curl postgresql-client
 
 COPY --from=builder /owgw/cmake-build/owgw /openwifi/owgw
 COPY --from=builder /cppkafka/cmake-build/src/lib/* /lib/
@@ -65,6 +66,7 @@ COPY --from=builder /poco/cmake-build/lib/* /lib/
 
 COPY owgw.properties.tmpl /
 COPY docker-entrypoint.sh /
+COPY wait-for-postgres.sh /
 RUN wget https://raw.githubusercontent.com/Telecominfraproject/wlan-cloud-ucentral-deploy/main/docker-compose/certs/restapi-ca.pem \
     -O /usr/local/share/ca-certificates/restapi-ca-selfsigned.pem
 

build

@@ -1 +1 @@
-33
+44

docker-entrypoint.sh

@@ -38,6 +38,7 @@ if [[ "$TEMPLATE_CONFIG" = 'true' && ! -f "$OWGW_CONFIG"/owgw.properties ]]; the
   SYSTEM_URI_PRIVATE=${SYSTEM_URI_PRIVATE:-"https://localhost:17002"} \
   SYSTEM_URI_PUBLIC=${SYSTEM_URI_PUBLIC:-"https://localhost:16002"} \
   SYSTEM_URI_UI=${SYSTEM_URI_UI:-"http://localhost"} \
+  SIMULATORID=${SIMULATORID:-""} \
   RTTY_ENABLED=${RTTY_ENABLED:-"false"} \
   RTTY_SERVER=${RTTY_SERVER:-"localhost"} \
   RTTY_PORT=${RTTY_PORT:-"5912"} \

helm/templates/deployment.yaml

@@ -24,6 +24,9 @@ spec:
     metadata:
       annotations:
         checksum/config: {{ include "owgw.config" . | sha256sum }}
+        {{- if .Values.podSecurityPolicy.enabled }}
+        kubernetes.io/psp: {{ include "owgw.fullname" . }}-{{ .Release.Namespace }}-owgw-unsafe-sysctl
+        {{- end }}
         {{- with .Values.podAnnotations }}
         {{- toYaml . | nindent 8 }}
         {{- end }}

helm/templates/psp.yaml

@@ -0,0 +1,28 @@
+{{- if .Values.podSecurityPolicy.enabled }}
+---
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ include "owgw.fullname" . }}-{{ .Release.Namespace }}-owgw-unsafe-sysctl
+  labels:
+    app.kubernetes.io/name: {{ include "owgw.name" . }}
+    helm.sh/chart: {{ include "owgw.chart" . }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+spec:
+  allowedUnsafeSysctls:
+  {{- range $unsafeSysctl := .Values.securityContext.sysctls }}
+  - {{ $unsafeSysctl.name }}
+  {{- end }}
+  privileged: false
+  seLinux:
+    rule: RunAsAny
+  supplementalGroups:
+    rule: RunAsAny
+  runAsUser:
+    rule: RunAsAny
+  fsGroup:
+    rule: RunAsAny
+  volumes:
+  - '*'
+{{- end }}

helm/templates/role.yaml

@@ -0,0 +1,16 @@
+{{- if .Values.podSecurityPolicy.enabled }}
+---
+kind: Role
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: {{ include "owgw.fullname" . }}-owgw-use-unsafe-sysctl
+rules:
+- apiGroups:
+  - policy
+  resources:
+  - podsecuritypolicies
+  verbs:
+  - use
+  resourceNames:
+  - {{ include "owgw.fullname" . }}-{{ .Release.Namespace }}-owgw-unsafe-sysctl
+{{- end }}

helm/templates/rolebinding.yaml

@@ -0,0 +1,15 @@
+{{- if .Values.podSecurityPolicy.enabled }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: {{ include "owgw.fullname" . }}-owgw-use-unsafe-sysctl-to-default
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: {{ include "owgw.fullname" . }}-owgw-use-unsafe-sysctl
+subjects:
+- kind: ServiceAccount
+  name: default
+  namespace: {{ .Release.Namespace }}
+{{- end }}

helm/values.yaml

@@ -8,7 +8,7 @@ fullnameOverride: ""
 images:
   owgw:
     repository: tip-tip-wlan-cloud-ucentral.jfrog.io/owgw
-    tag: master
+    tag: v2.4.0
     pullPolicy: Always
 #    regcred:
 #      registry: tip-tip-wlan-cloud-ucentral.jfrog.io
@@ -112,6 +112,17 @@ resources: {}
 
 securityContext:
   fsGroup: 101
+  # Usage of unsafe sysctls requires multiple things:
+  # - allow these unsafe sysctls on kubelet level (by adding --allowed-unsafe-sysctls flag)
+  # - enabling addition of PodSecurityContext setting podSecurityPolicy.enabled to "true" below
+  # - uncommenting parameters below
+  #sysctls:
+  #- name: net.ipv4.tcp_keepalive_intvl
+  #  value: "5"
+  #- name: net.ipv4.tcp_keepalive_probes
+  #  value: "2"
+  #- name: net.ipv4.tcp_keepalive_time
+  #  value: "45"
 
 nodeSelector: {}
 
@@ -121,6 +132,9 @@ affinity: {}
 
 podAnnotations: {}
 
+podSecurityPolicy:
+  enabled: false
+
 persistence:
   enabled: true
   # storageClassName: "-"

owgw.properties.tmpl

@@ -76,6 +76,7 @@ openwifi.devicetypes.1 = SWITCH:edgecore_ecs4100-12ph
 openwifi.devicetypes.2 = IOT:esp32
 oui.download.uri = https://linuxnet.ca/ieee/oui.txt
 firmware.autoupdate.policy.default = auto
+simulatorid = ${SIMULATORID}
 
 #
 # rtty

src/DeviceRegistry.cpp

@@ -11,7 +11,6 @@
 
 #include "DeviceRegistry.h"
 #include "WebSocketServer.h"
-#include "framework/MicroService.h"
 #include "OUIServer.h"
 
 namespace OpenWifi {
@@ -42,7 +41,6 @@ namespace OpenWifi {
 		std::lock_guard		Guard(Mutex_);
 
         auto Device = Devices_.find(SerialNumber);
-
         if(Device != Devices_.end())
         {
 			Device->second->Conn_.LastContact = time(nullptr);
@@ -85,58 +83,47 @@ namespace OpenWifi {
 		std::lock_guard		Guard(Mutex_);
 
 		auto Device = Devices_.find(SerialNumber);
-
 		if(Device != Devices_.end())
 		{
 			Device->second->LastHealthcheck = CheckData;
 		}
 	}
 
-	std::shared_ptr<DeviceRegistry::ConnectionEntry> DeviceRegistry::Register(const std::string & SerialNumber, WSConnection *Ptr)
+	std::shared_ptr<DeviceRegistry::ConnectionEntry> DeviceRegistry::Register(const std::string & SerialNumber, WSConnection *Ptr, uint64_t & ConnectionId )
     {
 		std::lock_guard		Guard(Mutex_);
 
-        auto Device = Devices_.find(SerialNumber);
+		const auto & E = Devices_[SerialNumber] = std::make_shared<ConnectionEntry>();
-        if( Device == Devices_.end()) {
+		E->WSConn_ = Ptr;
-        	auto E = Devices_[SerialNumber] = std::make_shared<ConnectionEntry>();
+		E->Conn_.SerialNumber = SerialNumber;
-
+		E->Conn_.LastContact = std::time(nullptr);
-            E->WSConn_ = Ptr;
+		E->Conn_.Connected = true ;
-            E->Conn_.SerialNumber = SerialNumber;
+		E->Conn_.UUID = 0 ;
-            E->Conn_.LastContact = std::time(nullptr);
+		E->Conn_.MessageCount = 0 ;
-            E->Conn_.Connected = true ;
+		E->Conn_.Address = "";
-            E->Conn_.UUID = 0 ;
+		E->Conn_.TX = 0 ;
-            E->Conn_.MessageCount = 0 ;
+		E->Conn_.RX = 0;
-            E->Conn_.Address = "";
+		E->Conn_.VerifiedCertificate = GWObjects::CertificateValidation::NO_CERTIFICATE;
-            E->Conn_.TX = 0 ;
+		ConnectionId = E->ConnectionId = ++Id_;
-            E->Conn_.RX = 0;
+		return E;
-			E->Conn_.VerifiedCertificate = GWObjects::CertificateValidation::NO_CERTIFICATE;
-            return E;
-        }
-        else
-        {
-            Device->second->WSConn_ = Ptr;
-            Device->second->Conn_.Connected = true;
-            Device->second->Conn_.LastContact = std::time(nullptr);
-			Device->second->Conn_.VerifiedCertificate = GWObjects::CertificateValidation::NO_CERTIFICATE;
-            return Device->second;
-        }
     }
 
     bool DeviceRegistry::Connected(const std::string & SerialNumber) {
 		std::lock_guard		Guard(Mutex_);
-
         auto Device = Devices_.find(SerialNumber);
-
         if(Device == Devices_.end())
             return false;
-
         return Device->second->Conn_.Connected;
     }
 
-    void DeviceRegistry::UnRegister(const std::string & SerialNumber, WSConnection *Ptr) {
+    void DeviceRegistry::UnRegister(const std::string & SerialNumber, uint64_t ConnectionId) {
 		std::lock_guard		Guard(Mutex_);
-		Devices_.erase(SerialNumber);
+		auto It = Devices_.find(SerialNumber);
-    }
+		if(It!=Devices_.end()) {
+			if(It->second->ConnectionId == ConnectionId)
+				Devices_.erase(SerialNumber);
+		}
+	}
 
 	bool DeviceRegistry::SendFrame(const std::string & SerialNumber, const std::string & Payload) {
 		std::lock_guard		Guard(Mutex_);

src/DeviceRegistry.h

@@ -6,8 +6,7 @@
 //	Arilia Wireless Inc.
 //
 
-#ifndef UCENTRAL_UDEVICEREGISTRY_H
+#pragma once
-#define UCENTRAL_UDEVICEREGISTRY_H
 
 #include "Poco/JSON/Object.h"
 
@@ -26,6 +25,7 @@ namespace OpenWifi {
 			GWObjects::ConnectionState 	Conn_;
 			std::string        			LastStats;
 			GWObjects::HealthCheck		LastHealthcheck;
+			uint64_t 					ConnectionId=0;
 		};
 
         static DeviceRegistry *instance() {
@@ -41,17 +41,17 @@ namespace OpenWifi {
 		void SetState(const std::string & SerialNumber, GWObjects::ConnectionState & State);
 		bool GetHealthcheck(const std::string &SerialNumber, GWObjects::HealthCheck & CheckData);
 		void SetHealthcheck(const std::string &SerialNumber, const GWObjects::HealthCheck &H);
-		std::shared_ptr<ConnectionEntry> Register(const std::string & SerialNumber, WSConnection *);
+		std::shared_ptr<ConnectionEntry> Register(const std::string & SerialNumber, WSConnection *, uint64_t & ConnectionId);
-		void UnRegister(const std::string & SerialNumber, WSConnection *);
+		void UnRegister(const std::string & SerialNumber, uint64_t ConnectionId);
 		bool SendCommand(GWObjects::CommandDetails & Command);
 		bool Connected(const std::string & SerialNumber);
 		bool SendFrame(const std::string & SerialNumber, const std::string & Payload);
 		void SetPendingUUID(const std::string & SerialNumber, uint64_t PendingUUID);
-
 		bool AnalyzeRegistry(GWObjects::Dashboard &D);
 
 	  private:
-		std::map<std::string,std::shared_ptr<ConnectionEntry>>   Devices_;
+		inline static std::atomic_uint64_t 						Id_=1;
+		std::map<std::string,std::shared_ptr<ConnectionEntry>>  Devices_;
 
 		DeviceRegistry() noexcept:
     		SubSystemServer("DeviceRegistry", "DevStatus", "devicestatus") {
@@ -62,4 +62,3 @@ namespace OpenWifi {
 
 }  // namespace
 
-#endif //UCENTRAL_UDEVICEREGISTRY_H

src/RESTAPI/RESTAPI_device_commandHandler.cpp

@@ -33,6 +33,11 @@ namespace OpenWifi {
 			return BadRequest(RESTAPI::Errors::MissingOrInvalidParameters);
 		}
 
+		GWObjects::Device	TheDevice;
+		if(!StorageService()->GetDevice(SerialNumber_,TheDevice)) {
+			return NotFound();
+		}
+
 		if (Command_ == RESTAPI::Protocol::CAPABILITIES){
 			return GetCapabilities();
 		} else if (Command_ == RESTAPI::Protocol::LOGS) {
@@ -55,6 +60,12 @@ namespace OpenWifi {
 		if(!ValidateParameters()) {
 			return BadRequest(RESTAPI::Errors::MissingOrInvalidParameters);
 		}
+
+		GWObjects::Device	TheDevice;
+		if(!StorageService()->GetDevice(SerialNumber_,TheDevice)) {
+			return NotFound();
+		}
+
 		if (Command_ == RESTAPI::Protocol::CAPABILITIES) {
 			return DeleteCapabilities();
 		} else if (Command_ == RESTAPI::Protocol::LOGS){
@@ -72,6 +83,12 @@ namespace OpenWifi {
 		if(!ValidateParameters()) {
 			return BadRequest(RESTAPI::Errors::MissingOrInvalidParameters);
 		}
+
+		GWObjects::Device	TheDevice;
+		if(!StorageService()->GetDevice(SerialNumber_,TheDevice)) {
+			return NotFound();
+		}
+
 		if (Command_ == RESTAPI::Protocol::PERFORM) {
 			return ExecuteCommand();
 		} else if (Command_ == RESTAPI::Protocol::CONFIGURE) {

src/SerialNumberCache.h

@@ -21,6 +21,11 @@ namespace OpenWifi {
 		void AddSerialNumber(const std::string &S);
 		void DeleteSerialNumber(const std::string &S);
 		void FindNumbers(const std::string &S, uint HowMany, std::vector<uint64_t> &A);
+		inline bool NumberExists(const std::string &S) {
+			std::lock_guard		G(M_);
+			uint64_t SN = std::stoull(S,0,16);
+			return std::find(SNs_.begin(),SNs_.end(),SN)!=SNs_.end();
+		}
 
 	  private:
 		uint64_t 					LastUpdate_ = 0 ;

src/StorageArchiver.cpp

@@ -51,7 +51,7 @@ namespace OpenWifi {
 
 	int StorageArchiver::Start() {
 
-		Enabled_ = MicroService::instance().ConfigGetBool("archiver.enabled",false);
+		Enabled_ = MicroService::instance().ConfigGetBool("archiver.enabled",true);
 		if(!Enabled_) {
 			Logger_.information("Archiver is disabled.");
 			return 0;

src/WebSocketServer.cpp

@@ -25,6 +25,7 @@
 #include "framework/uCentral_Protocol.h"
 #include "framework/MicroService.h"
 #include "Daemon.h"
+#include "SerialNumberCache.h"
 
 namespace OpenWifi {
 
@@ -60,6 +61,9 @@ namespace OpenWifi {
             Acceptors_.push_back(std::move(NewSocketAcceptor));
         }
 		ReactorThread_.start(Reactor_);
+
+        SimulatorId_ = MicroService::instance().ConfigGetString("simulatorid","");
+		SimulatorEnabled_ = !SimulatorId_.empty();
         return 0;
     }
 
@@ -110,6 +114,12 @@ namespace OpenWifi {
 				Logger_.error(Poco::format("%s: No certificates available..", CId_));
 			}
 
+			if(WebSocketServer::IsSim(CN_) && !WebSocketServer()->IsSimEnabled()) {
+				Logger_.debug(Poco::format("CONNECTION(%s): Sim Device %s is not allowed. Disconnecting.", CId_, CN_));
+				delete this;
+				return;
+			}
+
 			SerialNumber_ = CN_;
 			if(!CN_.empty() && StorageService()->IsBlackListed(SerialNumber_)) {
 				Logger_.debug(Poco::format("CONNECTION(%s): Device %s is black listed. Disconnecting.", CId_, CN_));
@@ -179,7 +189,8 @@ namespace OpenWifi {
 	}
 
     WSConnection::~WSConnection() {
-        DeviceRegistry()->UnRegister(SerialNumber_,this);
+		if(ConnectionId_)
+			DeviceRegistry()->UnRegister(SerialNumber_, ConnectionId_);
         if(Registered_ && WS_)
         {
         	Reactor_.removeEventHandler(*WS_,
@@ -273,10 +284,6 @@ namespace OpenWifi {
 		CommandManager()->PostCommandResult(SerialNumber_, Doc);
     }
 
-    static bool IsSimSerialNumber(const std::string & SerialNumber) {
-		return SerialNumber.substr(0,6) == "53494d";
-	}
-
     void WSConnection::ProcessJSONRPCEvent(Poco::JSON::Object::Ptr & Doc) {
 
         auto Method = Doc->get(uCentralProtocol::METHOD).toString();
@@ -339,7 +346,7 @@ namespace OpenWifi {
 						auto Firmware = ParamsObj->get(uCentralProtocol::FIRMWARE).toString();
 						auto Capabilities = ParamsObj->get(uCentralProtocol::CAPABILITIES).toString();
 
-						Conn_ = DeviceRegistry()->Register(Serial, this);
+						Conn_ = DeviceRegistry()->Register(Serial, this, ConnectionId_);
 						SerialNumber_ = Serial;
 						Conn_->Conn_.SerialNumber = Serial;
 						Conn_->Conn_.UUID = UUID;
@@ -350,7 +357,7 @@ namespace OpenWifi {
 						CId_ = SerialNumber_ + "@" + CId_ ;
 
 						//	We need to verify the certificate if we have one
-						if(!CN_.empty() && (Utils::SerialNumberMatch(CN_,SerialNumber_) || IsSimSerialNumber(CN_))) {
+						if(!CN_.empty() && (Utils::SerialNumberMatch(CN_,SerialNumber_) || WebSocketServer()->IsSimSerialNumber(CN_))) {
 							CertValidation_ = GWObjects::VERIFIED;
 							Logger_.information(Poco::format("CONNECT(%s): Fully validated and authenticated device..", CId_));
 						} else {
@@ -361,19 +368,21 @@ namespace OpenWifi {
 						}
 						Conn_->Conn_.VerifiedCertificate = CertValidation_;
 
-						if (Daemon()->AutoProvisioning() && !StorageService()->DeviceExists(SerialNumber_)) {
+						auto DeviceExists = SerialNumberCache()->NumberExists(SerialNumber_);
+						if (Daemon()->AutoProvisioning() && !DeviceExists) {
 							StorageService()->CreateDefaultDevice(SerialNumber_, Capabilities, Firmware, Compatible_);
-						} else if (StorageService()->DeviceExists(SerialNumber_)) {
+							Conn_->Conn_.Compatible = Compatible_;
+						} else if (DeviceExists) {
 							StorageService()->UpdateDeviceCapabilities(SerialNumber_, Capabilities, Compatible_);
+							Conn_->Conn_.Compatible = Compatible_;
 							if(!Firmware.empty()) {
 								StorageService()->SetConnectInfo(SerialNumber_, Firmware );
 							}
+							LookForUpgrade(UUID);
 						}
-						Conn_->Conn_.Compatible = Compatible_;
 
 						StatsProcessor_ = std::make_unique<StateProcessor>(Conn_, Logger_);
 						StatsProcessor_->Initialize(Serial);
-						LookForUpgrade(UUID);
 
 						if(KafkaManager()->Enabled()) {
 							Poco::JSON::Stringifier		Stringify;

src/WebSocketServer.h

@@ -110,6 +110,7 @@ namespace OpenWifi {
 		uint64_t 							Errors_=0;
 		std::unique_ptr<StateProcessor>		StatsProcessor_;
 		bool 								Connected_=false;
+		uint64_t 							ConnectionId_=0;
 
 		void CompleteStartup();
 	};
@@ -128,12 +129,26 @@ namespace OpenWifi {
 		bool ValidateCertificate(const std::string & ConnectionId, const Poco::Crypto::X509Certificate & Certificate);
 		Poco::Net::SocketReactor & GetNextReactor() { return ReactorPool_.NextReactor(); }
 
+		inline bool IsSimSerialNumber(const std::string & SerialNumber) const {
+			return IsSim(SerialNumber) && SerialNumber == SimulatorId_;
+		}
+
+		inline static bool IsSim(const std::string & SerialNumber) {
+			return SerialNumber.substr(0,6) == "53494d";
+		}
+
+		inline bool IsSimEnabled() const {
+			return SimulatorEnabled_;
+		}
+
 	  private:
 		std::unique_ptr<Poco::Crypto::X509Certificate>	IssuerCert_;
 		std::vector<std::unique_ptr<Poco::Net::ParallelSocketAcceptor<WSConnection, Poco::Net::SocketReactor>>>	Acceptors_;
 		Poco::Net::SocketReactor		Reactor_;
 		Poco::Thread					ReactorThread_;
 		ReactorPool						ReactorPool_;
+		std::string 					SimulatorId_;
+		bool 							SimulatorEnabled_=false;
 
 		WebSocketServer() noexcept:
 		    SubSystemServer("WebSocketServer", "WS-SVR", "ucentral.websocket") {

src/framework/MicroService.h

@@ -69,6 +69,8 @@ using namespace std::chrono_literals;
 #include "RESTObjects/RESTAPI_SecurityObjects.h"
 #include "nlohmann/json.hpp"
 
+#include "ow_version.h"
+
 namespace OpenWifi {
 
     enum UNAUTHORIZED_REASON {
@@ -1900,7 +1902,7 @@ namespace OpenWifi {
 	            QB_.SerialNumber = GetParameter(RESTAPI::Protocol::SERIALNUMBER, "");
 	            QB_.StartDate = GetParameter(RESTAPI::Protocol::STARTDATE, 0);
 	            QB_.EndDate = GetParameter(RESTAPI::Protocol::ENDDATE, 0);
-	            QB_.Offset = GetParameter(RESTAPI::Protocol::OFFSET, 1);
+	            QB_.Offset = GetParameter(RESTAPI::Protocol::OFFSET, 0);
 	            QB_.Limit = GetParameter(RESTAPI::Protocol::LIMIT, 100);
 	            QB_.Filter = GetParameter(RESTAPI::Protocol::FILTER, "");
 	            QB_.Select = GetParameter(RESTAPI::Protocol::SELECT, "");
@@ -1912,7 +1914,7 @@ namespace OpenWifi {
 	            QB_.AdditionalInfo = GetBoolParameter(RESTAPI::Protocol::WITHEXTENDEDINFO,false);
 
 	            if(QB_.Offset<1)
-	                QB_.Offset=1;
+	                QB_.Offset=0;
 	            return true;
 	        }
 
@@ -2393,10 +2395,10 @@ namespace OpenWifi {
                                                             Poco::Logger & L, RESTAPI_GenericServer & S);
 
 
-	class RESTAPI_server : public SubSystemServer {
+	class RESTAPI_ExtServer : public SubSystemServer {
 	public:
-	    static RESTAPI_server *instance() {
+	    static RESTAPI_ExtServer *instance() {
-	        static RESTAPI_server *instance_ = new RESTAPI_server;
+	        static RESTAPI_ExtServer *instance_ = new RESTAPI_ExtServer;
 	        return instance_;
 	    }
 	    int Start() override;
@@ -2410,7 +2412,7 @@ namespace OpenWifi {
 
 	    inline void reinitialize(Poco::Util::Application &self) override;
 
-	    inline Poco::Net::HTTPRequestHandler *CallServer(const char *Path) {
+	    inline Poco::Net::HTTPRequestHandler *CallServer(const char *Path, uint64_t Id) {
 	        RESTAPIHandler::BindingMap Bindings;
 	        return RESTAPI_external_server(Path, Bindings, Logger_, Server_);
 	    }
@@ -2420,19 +2422,19 @@ namespace OpenWifi {
 	    Poco::ThreadPool	    Pool_;
 	    RESTAPI_GenericServer   Server_;
 
-	    RESTAPI_server() noexcept:
+	    RESTAPI_ExtServer() noexcept:
 	    SubSystemServer("RESTAPIServer", "RESTAPIServer", "openwifi.restapi")
             {
             }
 	};
 
-	inline RESTAPI_server * RESTAPI_server() { return RESTAPI_server::instance(); };
+	inline RESTAPI_ExtServer * RESTAPI_ExtServer() { return RESTAPI_ExtServer::instance(); };
 
-	class RequestHandlerFactory : public Poco::Net::HTTPRequestHandlerFactory {
+	class ExtRequestHandlerFactory : public Poco::Net::HTTPRequestHandlerFactory {
 	public:
-	    RequestHandlerFactory(RESTAPI_GenericServer & Server) :
+	  	explicit ExtRequestHandlerFactory(RESTAPI_GenericServer & Server) :
-	    Logger_(RESTAPI_server::instance()->Logger()),
+			Logger_(RESTAPI_ExtServer::instance()->Logger()),
-	    Server_(Server)
+			Server_(Server)
 	    {
 
 	    }
@@ -2440,15 +2442,16 @@ namespace OpenWifi {
 	    inline Poco::Net::HTTPRequestHandler *createRequestHandler(const Poco::Net::HTTPServerRequest &Request) override {
 	        Poco::URI uri(Request.getURI());
 	        auto *Path = uri.getPath().c_str();
-	        return RESTAPI_server()->CallServer(Path);
+	        return RESTAPI_ExtServer()->CallServer(Path, TransactionId_++);
 	    }
 
 	private:
-	    Poco::Logger            &Logger_;
+		static inline std::atomic_uint64_t  TransactionId_ = 1;
-	    RESTAPI_GenericServer   &Server_;
+	    Poco::Logger            			&Logger_;
+	    RESTAPI_GenericServer   			&Server_;
 	};
 
-	inline int RESTAPI_server::Start() {
+	inline int RESTAPI_ExtServer::Start() {
 	    Logger_.information("Starting.");
 	    Server_.InitLogging();
 
@@ -2467,7 +2470,7 @@ namespace OpenWifi {
 	        Params->setMaxQueued(200);
 	        Params->setKeepAlive(true);
 
-	        auto NewServer = std::make_unique<Poco::Net::HTTPServer>(new RequestHandlerFactory(Server_), Pool_, Sock, Params);
+	        auto NewServer = std::make_unique<Poco::Net::HTTPServer>(new ExtRequestHandlerFactory(Server_), Pool_, Sock, Params);
 	        NewServer->start();
 	        RESTServers_.push_back(std::move(NewServer));
 	    }
@@ -2475,11 +2478,11 @@ namespace OpenWifi {
 	    return 0;
 	}
 
-	class RESTAPI_InternalServer : public SubSystemServer {
+	class RESTAPI_IntServer : public SubSystemServer {
 
 	public:
-	    static RESTAPI_InternalServer *instance() {
+	    static RESTAPI_IntServer *instance() {
-	        static RESTAPI_InternalServer *instance_ = new RESTAPI_InternalServer;
+	        static RESTAPI_IntServer *instance_ = new RESTAPI_IntServer;
 	        return instance_;
 	    }
 
@@ -2488,12 +2491,13 @@ namespace OpenWifi {
 	        Logger_.information("Stopping ");
 	        for( const auto & svr : RESTServers_ )
 	            svr->stop();
-	        Pool_.stopAll();
+			Pool_.joinAll();
+			RESTServers_.clear();
 	    }
 
 	    inline void reinitialize(Poco::Util::Application &self) override;
 
-	    inline Poco::Net::HTTPRequestHandler *CallServer(const char *Path) {
+	    inline Poco::Net::HTTPRequestHandler *CallServer(const char *Path, uint64_t Id) {
 	        RESTAPIHandler::BindingMap Bindings;
 	        return RESTAPI_internal_server(Path, Bindings, Logger_, Server_);
 	    }
@@ -2502,30 +2506,31 @@ namespace OpenWifi {
 	    Poco::ThreadPool	    Pool_;
 	    RESTAPI_GenericServer   Server_;
 
-	    RESTAPI_InternalServer() noexcept: SubSystemServer("RESTAPIInternalServer", "REST-ISRV", "openwifi.internal.restapi")
+	    RESTAPI_IntServer() noexcept: SubSystemServer("RESTAPIInternalServer", "REST-ISRV", "openwifi.internal.restapi")
 	    {
 	    }
 	};
 
-	inline RESTAPI_InternalServer * RESTAPI_InternalServer() { return RESTAPI_InternalServer::instance(); };
+	inline RESTAPI_IntServer * RESTAPI_IntServer() { return RESTAPI_IntServer::instance(); };
 
-	class InternalRequestHandlerFactory : public Poco::Net::HTTPRequestHandlerFactory {
+	class IntRequestHandlerFactory : public Poco::Net::HTTPRequestHandlerFactory {
 	public:
-	    InternalRequestHandlerFactory(RESTAPI_GenericServer & Server) :
+	  	explicit IntRequestHandlerFactory(RESTAPI_GenericServer & Server) :
-	    Logger_(RESTAPI_InternalServer()->Logger()),
+	    Logger_(RESTAPI_IntServer()->Logger()),
 	    Server_(Server){}
 
 	    inline Poco::Net::HTTPRequestHandler *createRequestHandler(const Poco::Net::HTTPServerRequest &Request) override {
 	        Poco::URI uri(Request.getURI());
 	        auto *Path = uri.getPath().c_str();
-	        return RESTAPI_InternalServer()->CallServer(Path);
+	        return RESTAPI_IntServer()->CallServer(Path, TransactionId_++);
 	    }
 	private:
+		static inline std::atomic_uint64_t  TransactionId_ = 1;
 	    Poco::Logger    & Logger_;
 	    RESTAPI_GenericServer   & Server_;
 	};
 
-	inline int RESTAPI_InternalServer::Start() {
+	inline int RESTAPI_IntServer::Start() {
 	    Logger_.information("Starting.");
 	    Server_.InitLogging();
 
@@ -2543,7 +2548,7 @@ namespace OpenWifi {
 	        Params->setMaxQueued(200);
 	        Params->setKeepAlive(true);
 
-	        auto NewServer = std::make_unique<Poco::Net::HTTPServer>(new InternalRequestHandlerFactory(Server_), Pool_, Sock, Params);
+	        auto NewServer = std::make_unique<Poco::Net::HTTPServer>(new IntRequestHandlerFactory(Server_), Pool_, Sock, Params);
 	        NewServer->start();
 	        RESTServers_.push_back(std::move(NewServer));
 	    }
@@ -2673,7 +2678,7 @@ namespace OpenWifi {
 		std::string 				MyPrivateEndPoint_;
 		std::string 				MyPublicEndPoint_;
 		std::string                 UIURI_;
-		std::string 				Version_{std::string(APP_VERSION) + "("+ BUILD_NUMBER + ")"};
+		std::string 				Version_{ OW_VERSION::VERSION + "("+ OW_VERSION::BUILD + ")" + " - " + OW_VERSION::HASH };
 		BusEventManager				BusEventManager_;
 		std::mutex 					InfraMutex_;
 		std::default_random_engine  RandomEngine_;
@@ -2824,8 +2829,8 @@ namespace OpenWifi {
 	    // add the default services
 	    SubSystems_.push_back(KafkaManager());
 	    SubSystems_.push_back(ALBHealthCheckServer());
-	    SubSystems_.push_back(RESTAPI_server());
+	    SubSystems_.push_back(RESTAPI_ExtServer());
-	    SubSystems_.push_back(RESTAPI_InternalServer());
+	    SubSystems_.push_back(RESTAPI_IntServer());
 
 	    Poco::Net::initializeSSL();
 	    Poco::Net::HTTPStreamFactory::registerFactory();
@@ -3395,14 +3400,14 @@ namespace OpenWifi {
 	    Consumer.unsubscribe();
 	}
 
-	inline void RESTAPI_server::reinitialize(Poco::Util::Application &self) {
+	inline void RESTAPI_ExtServer::reinitialize(Poco::Util::Application &self) {
 	    MicroService::instance().LoadConfigurationFile();
 	    Logger_.information("Reinitializing.");
 	    Stop();
 	    Start();
 	}
 
-	void RESTAPI_InternalServer::reinitialize(Poco::Util::Application &self) {
+	void RESTAPI_IntServer::reinitialize(Poco::Util::Application &self) {
 	    MicroService::instance().LoadConfigurationFile();
 	    Logger_.information("Reinitializing.");
 	    Stop();
@@ -3726,7 +3731,7 @@ namespace OpenWifi {
             if (AuthClient()->IsAuthorized( SessionToken_, UserInfo_, Expired)) {
 #endif
                 if(Server_.LogIt(Request->getMethod(),true)) {
-                    Logger_.debug(Poco::format("X-REQ-ALLOWED(%s): User='%s@%s' Method='%s' Path='%s",
+                    Logger_.debug(Poco::format("X-REQ-ALLOWED(%s): User='%s@%s' Method='%s' Path='%s'",
                                                UserInfo_.userinfo.email,
                                                Utils::FormatIPv6(Request->clientAddress().toString()),
                                                Request->clientAddress().toString(),
@@ -3736,7 +3741,7 @@ namespace OpenWifi {
                 return true;
             } else {
                 if(Server_.LogBadTokens(true)) {
-                    Logger_.debug(Poco::format("X-REQ-DENIED(%s): Method='%s' Path='%s",
+                    Logger_.debug(Poco::format("X-REQ-DENIED(%s): Method='%s' Path='%s'",
                                                Utils::FormatIPv6(Request->clientAddress().toString()),
                                                Request->getMethod(), Request->getURI()));
                 }

src/framework/StorageClass.h

@@ -2,8 +2,7 @@
 // Created by stephane bourque on 2021-10-06.
 //
 
-#ifndef OPENWIFI_STORAGE_H
+#pragma once
-#define OPENWIFI_STORAGE_H
 
 #include "Poco/Data/Session.h"
 #include "Poco/Data/SessionPool.h"
@@ -54,13 +53,13 @@ namespace OpenWifi {
 
         [[nodiscard]] inline std::string ComputeRange(uint64_t From, uint64_t HowMany) {
             if(dbType_==sqlite) {
-                return " LIMIT " + std::to_string(From-1) + ", " + std::to_string(HowMany) + " ";
+                return " LIMIT " + std::to_string(From) + ", " + std::to_string(HowMany) + " ";
             } else if(dbType_==pgsql) {
-                return " LIMIT " + std::to_string(HowMany) + " OFFSET " + std::to_string(From-1) + " ";
+                return " LIMIT " + std::to_string(HowMany) + " OFFSET " + std::to_string(From) + " ";
             } else if(dbType_==mysql) {
-                return " LIMIT " + std::to_string(HowMany) + " OFFSET " + std::to_string(From-1) + " ";
+                return " LIMIT " + std::to_string(HowMany) + " OFFSET " + std::to_string(From) + " ";
             }
-            return " LIMIT " + std::to_string(HowMany) + " OFFSET " + std::to_string(From-1) + " ";
+            return " LIMIT " + std::to_string(HowMany) + " OFFSET " + std::to_string(From) + " ";
         }
 
         inline std::string ConvertParams(const std::string & S) const {
@@ -165,5 +164,3 @@ namespace OpenWifi {
 #endif
 
 }
-
-#endif //OPENWIFI_STORAGE_H

src/ow_version.h.in

@@ -0,0 +1,13 @@
+//
+// Created by stephane bourque on 2021-12-06.
+//
+
+#pragma once
+
+#include <string>
+
+namespace OW_VERSION {
+    inline static const std::string VERSION{"@CMAKE_PROJECT_VERSION@"};
+    inline static const std::string BUILD{"@BUILD_NUM@"};
+    inline static const std::string HASH{"@GIT_HASH@"};
+}

src/storage/storage_command.cpp

@@ -360,11 +360,9 @@ typedef Poco::Tuple<
 			std::string st{"SELECT " +
 							   DB_Command_SelectFields +
 							   " FROM CommandList WHERE SerialNumber=? ORDER BY Submitted DESC " + ComputeRange(0, HowMany)};
-
 			Select << 	ConvertParams(st),
 						Poco::Data::Keywords::into(Records),
-						Poco::Data::Keywords::use(SerialNumber),
+						Poco::Data::Keywords::use(SerialNumber);
-						Poco::Data::Keywords::limit(HowMany);
 			Select.execute();
 
 			for (auto i : Records) {
@@ -681,7 +679,7 @@ typedef Poco::Tuple<
 			while(More) {
 				auto Command = RSet[0].convert<std::string>();
 				if(!Command.empty())
-					Types::UpdateCountedMap(R,Command);
+					OpenWifi::Types::UpdateCountedMap(R,Command);
 				More = RSet.moveNext();
 			}
 			return true;
@@ -691,4 +689,4 @@ typedef Poco::Tuple<
 		return false;
 	}
 
-}
+}

src/storage/storage_healthcheck.cpp

@@ -114,7 +114,7 @@ namespace OpenWifi {
 
 			std::string st{"SELECT " + DB_HealthCheckSelectFields + " FROM HealthChecks WHERE SerialNumber=? ORDER BY Recorded DESC "};
 
-			Select << 	ConvertParams(st) + ComputeRange(1,HowMany),
+			Select << 	ConvertParams(st) + ComputeRange(0,HowMany),
 						Poco::Data::Keywords::into(Records),
 						Poco::Data::Keywords::use(SerialNumber);
 			Select.execute();

src/storage/storage_logs.cpp

@@ -161,7 +161,7 @@ namespace OpenWifi {
 			Poco::Data::Statement   Select(Sess);
 
 
-			std::string st{"SELECT " + DB_LogsSelectFields + " FROM DeviceLogs WHERE SerialNumber=? AND LogType=? ORDER BY Recorded DESC " + ComputeRange(1, HowMany)};
+			std::string st{"SELECT " + DB_LogsSelectFields + " FROM DeviceLogs WHERE SerialNumber=? AND LogType=? ORDER BY Recorded DESC " + ComputeRange(0, HowMany)};
 			Select << 	ConvertParams(st),
 						Poco::Data::Keywords::into(Records),
 						Poco::Data::Keywords::use(SerialNumber),

src/storage/storage_statistics.cpp

@@ -112,7 +112,7 @@ namespace OpenWifi {
 			std::string St{"SELECT " +
 						   		DB_StatsSelectFields +
 						   		" FROM Statistics WHERE SerialNumber=? ORDER BY Recorded DESC "};
-			Select << 	ConvertParams(St) + ComputeRange(1, HowMany),
+			Select << 	ConvertParams(St) + ComputeRange(0, HowMany),
 						Poco::Data::Keywords::into(Records),
 						Poco::Data::Keywords::use(SerialNumber);
 			Select.execute();

wait-for-postgres.sh

@@ -0,0 +1,26 @@
+#!/bin/sh
+# wait-for-postgres.sh
+
+set -e
+  
+host="$1"
+shift
+
+export PGUSER=$(grep 'storage.type.postgresql.username' $OWGW_CONFIG/owgw.properties | awk -F '= ' '{print $2}')
+export PGPASSWORD=$(grep 'storage.type.postgresql.password' $OWGW_CONFIG/owgw.properties | awk -F '= ' '{print $2}')
+  
+until psql -h "$host" -c '\q'; do
+  >&2 echo "Postgres is unavailable - sleeping"
+  sleep 1
+done
+  
+>&2 echo "Postgres is up - executing command"
+
+if [ "$1" = '/openwifi/owgw' -a "$(id -u)" = '0' ]; then
+    if [ "$RUN_CHOWN" = 'true' ]; then
+      chown -R "$OWGW_USER": "$OWGW_ROOT" "$OWGW_CONFIG"
+    fi
+    exec su-exec "$OWGW_USER" "$@"
+fi
+
+exec "$@"