diyfr · May 31, 2025 15:52 · May 31, 2025 · May 31, 2025 · May 31, 2025
diff --git a/README.md b/README.md
@@ -9,7 +9,7 @@ Modifier le compose de base
     entrypoint: tail -f /dev/null
 ```
 et commenter `restart: unless-stopped`
-on peut ensuite se connecter au conteneur
+Lancer votre commande docker compose. on peut ensuite se connecter au conteneur
 ```shell
 docker exec -ti lora-stack /bin/sh
 ttn-lw-stack is-db migrate

diff --git a/lora-compose.yml b/lora-compose.yml
@@ -7,6 +7,11 @@ services:
     container_name: lora-stack
     command: start
     restart: unless-stopped
+    logging:
+      driver: "json-file"
+      options:
+        max-size: "10m"
+        max-file: "5"    
     depends_on:
       - lora-redis
       - lora-postgres

diff --git a/README.md b/README.md
@@ -0,0 +1,70 @@
+## INSTALLATION :
+Se référer à la doc officielle [https://www.thethingsindustries.com/docs/enterprise/docker/configuration/](https://www.thethingsindustries.com/docs/enterprise/docker/configuration/)
+
+Voir `lora-compose.yml`  
+Voir `ttn-lw-stack-docker.yml`  
+### INITIALISATION.
+Modifier le compose de base
+```yaml
+    entrypoint: tail -f /dev/null
+```
+et commenter `restart: unless-stopped`
+on peut ensuite se connecter au conteneur
+```shell
+docker exec -ti lora-stack /bin/sh
+ttn-lw-stack is-db migrate
+
+ttn-lw-stack is-db create-admin-user --id admin --email admin@domain.tld
+
+ttn-lw-stack is-db create-oauth-client --id cli --name "Command Line Interface" --owner admin --no-secret --redirect-uri "local-callback" --redirect-uri "code"
+
+cd /tmp
+vi console.sh
+```
+
+Contenu de `console.sh`
+```shell
+#!/bin/sh
+SERVER_ADDRESS=https://lora.domain.tld
+ID=[UUID]  # Client ID same in ttn-lw-stack-docker.yml in console->oauth->client-id
+NAME=Console
+CLIENT_SECRET=[UUID] # Client Secret same in ttn-lw-stack-docker.yml in console->oauth->client-secret
+REDIRECT_URI=${SERVER_ADDRESS}/console/oauth/callback
+REDIRECT_PATH=/console/oauth/callback
+LOGOUT_REDIRECT_URI=${SERVER_ADDRESS}/console
+LOGOUT_REDIRECT_PATH=/console
+ttn-lw-stack is-db create-oauth-client \
+  --id ${ID} \
+  --name "${NAME}" \
+  --owner admin \
+  --secret "${CLIENT_SECRET}" \
+  --redirect-uri "${REDIRECT_URI}" \
+  --redirect-uri "${REDIRECT_PATH}" \
+  --logout-redirect-uri "${LOGOUT_REDIRECT_URI}" \
+  --logout-redirect-uri "${LOGOUT_REDIRECT_PATH}"
+```
+
+```shell
+chmod +x ./console.sh
+./console.sh
+```
+
+restaurer l'entrypoint de base 
+```yaml
+    entrypoint: ttn-lw-stack -c /config/ttn-lw-stack-docker.yml
+```
+et décommenter `restart: unless-stopped`  
+
+Pour se connecter https://lora.domain.tld   user: `admin` pwd `celui saisi` à l'étape `create-admin-user`
+
+### Elements non résolus
+```log
+WARN    Task failed     {"address": ":8889", "error": "error:pkg/gatewayserver:listen_frontend (start frontend listener `ttigw/tls` on address `:8889`)", "error_cause": "open cert.pem: no such file or directory", "invocation": 1585, "namespace": "gatewayserver", "protocol": "ttigw/tls", "task_id": "serve_ttigw/:8889"}
+```
+
+A voir 
+```log
+WARN    No cluster key configured, generated a random one       {"key": "[RANDOM]", "namespace": "cluster"}
+```
+
+
diff --git a/lora-compose.yml b/lora-compose.yml
@@ -0,0 +1,76 @@
+services:
+
+  lora-stack:
+    image: thethingsnetwork/lorawan-stack:3.34
+    entrypoint: ttn-lw-stack -c /config/ttn-lw-stack-docker.yml
+#    entrypoint: tail -f /dev/null
+    container_name: lora-stack
+    command: start
+    restart: unless-stopped
+    depends_on:
+      - lora-redis
+      - lora-postgres
+    networks:
+      - pg_lora
+      - traefik
+    volumes:
+      - /home/docker/vol/lora-stack:/srv/ttn-lorawan/public/blob
+      - /home/docker/config/lora-stack:/config:ro
+    environment:
+      TTN_LW_BLOB_LOCAL_DIRECTORY: /srv/ttn-lorawan/public/blob
+      TTN_LW_REDIS_ADDRESS: lora-redis:6379
+      TTN_LW_IS_DATABASE_URI: postgres://root:root@lora-postgres:5432/ttn_lorawan?sslmode=disable
+    ports:
+      - 1700:1700/udp
+    healthcheck:
+      test: curl --fail http://localhost:8089 || exit 1
+      interval: 30s
+      timeout: 10s
+      retries: 5
+    labels:
+      - "traefik.enable=true"
+      - "traefik.docker.network=traefik"
+      - "traefik.http.routers.lora.EntryPoints=websecure"
+      - "traefik.http.routers.lora.rule=Host(`lora.domain.tld`)"
+      - "traefik.http.routers.lora.tls.certresolver=letsencrypt"
+      - "traefik.http.routers.lora.tls=true"
+      - "traefik.http.routers.lora-http.rule=Host(`lora.domain.tld`)"
+      - "traefik.http.routers.lora-http.EntryPoints=web"
+      - "traefik.http.routers.lora-http.middlewares=https-redirect@file"
+      - "traefik.http.services.lora.loadbalancer.server.port=8089"
+
+  lora-postgres:
+    image: postgres:14.5-alpine
+    container_name: lora-postgres
+    restart: unless-stopped
+    environment:
+      - POSTGRES_PASSWORD=root
+      - POSTGRES_USER=root
+      - POSTGRES_DB=ttn_lorawan
+    networks:
+      - pg_lora
+    volumes:
+      - /home/docker/vol/lora-postgres:/var/lib/postgresql/data
+    labels:
+      - "traefik.enable=false"
+
+  lora-redis:
+    image: redis:7.0.4-alpine
+    container_name: lora-redis
+    command: redis-server --appendonly yes
+    restart: unless-stopped
+    networks:
+      - pg_lora
+    volumes:
+      - /home/docker/vol/lora-redis:/data
+    labels:
+      - "traefik.enable=false"
+
+networks:
+  pg_lora:
+    name: pg_lora
+    driver: bridge
+    ipam:
+      driver: default
+      config:
+        - subnet: 172.18.1.128/28
diff --git a/ttn-lw-stack-docker.yml b/ttn-lw-stack-docker.yml
@@ -0,0 +1,161 @@
+# Identity Server configuration
+# Email configuration for "lora.domain.tld"
+is:
+  email:
+    sender-name: "The DIY Lora network"
+    sender-address: "noreply@domain.tld"
+    network:
+      name: "DIY Lora network"
+      console-url: "https://lora.domain.tld/console"
+      identity-server-url: "https://lora.domain.tld/oauth"
+
+    # If sending email with Sendgrid
+    # provider: sendgrid
+    # sendgrid:
+    #   api-key: '...'              # enter Sendgrid API key
+
+    # If sending email with SMTP
+    # provider: smtp
+    # smtp:
+    #   address:  '...'             # enter SMTP server address
+    #   username: '...'             # enter SMTP server username
+    #   password: '...'             # enter SMTP server password
+
+  # Web UI configuration for "lora.domain.tld":
+  oauth:
+    ui:
+      canonical-url: "https://lora.domain.tld/oauth"
+      is:
+        base-url: "https://lora.domain.tld/api/v3"
+
+# HTTP server configuration
+http:
+  listen: "0.0.0.0:8089"
+  listen-tls: ""
+  cookie:
+    block-key: "" # generate 32 bytes (openssl rand -hex 32)
+    hash-key: "" # generate 64 bytes (openssl rand -hex 64)
+  metrics:
+    password: "" # choose a password -> Generate UUID
+  pprof:
+    password: "" # choose a password -> Generate UUID
+
+
+# Disable TLS behind proxy
+as:
+  mqtt:
+    listen-tls: ""
+grpc:
+  listen-tls: ""
+gs:
+  basic-station:
+    listen-tls: ""
+  tabs-hubs:
+    listen-tls: ""
+  mqtt:
+    listen-tls: ""
+  mqtt-v2:
+    listen-tls: ""
+interop:
+  listen-tls: ""
+
+tls:
+  source: ""
+
+ttgc:
+  enabled: false
+#  domain: lora.domain.tld
+#  listen-tls: ""
+#  tls:
+#    source: ""
+
+
+
+# If using custom certificates:
+# tls:
+#   source: file
+#   root-ca: /run/secrets/ca.pem
+#   certificate: /run/secrets/cert.pem
+#   key: /run/secrets/key.pem
+
+#  acme:
+#    dir: "/var/lib/acme"
+#    email: "you@lora.domain.tld"
+#    hosts: ["lora.domain.tld"]
+#    default-host: "lora.domain.tld"
+
+# If Gateway Server enabled, defaults for "lora.domain.tld":
+#gs:
+#  mqtt:
+#    public-address: "lora.domain.tld:1882"
+#    public-tls-address: "lora.domain.tld:8882"
+#  mqtt-v2:
+#    public-address: "lora.domain.tld:1881"
+#    public-tls-address: "lora.domain.tld:8881"
+
+# If Gateway Configuration Server enabled, defaults for "lora.domain.tld":
+#gcs:
+#  basic-station:
+#    default:
+#      lns-uri: "wss://lora.domain.tld:8887"
+#  the-things-gateway:
+#    default:
+#      mqtt-server: "mqtts://lora.domain.tld:8881"
+
+# Web UI configuration for "lora.domain.tld":
+console:
+  ui:
+    canonical-url: "https://lora.domain.tld/console"
+    account-url: "https://lora.domain.tld/console"
+    is:
+      base-url: "https://lora.domain.tld/api/v3"
+    gs:
+      base-url: "https://lora.domain.tld/api/v3"
+    gcs:
+      base-url: "https://lora.domain.tld/api/v3"
+    ns:
+      base-url: "https://lora.domain.tld/api/v3"
+    as:
+      base-url: "https://lora.domain.tld/api/v3"
+    js:
+      base-url: "https://lora.domain.tld/api/v3"
+    qrg:
+      base-url: "https://lora.domain.tld/api/v3"
+    edtc:
+      base-url: "https://lora.domain.tld/api/v3"
+    dcs:
+      base-url: "https://lora.domain.tld/api/v3"
+  oauth:
+    authorize-url: "https://lora.domain.tld/oauth/authorize"
+    token-url: "https://lora.domain.tld/oauth/token"
+    logout-url: "https://lora.domain.tld/oauth/logout"
+    client-id: ""   # Generate UUID
+    client-secret: "" # Generate UUID
+
+# If Application Server enabled, defaults for "lora.domain.tld":
+#as:
+#  mqtt:
+#    public-address: "lora.domain.tld:1883"
+#    public-tls-address: "lora.domain.tld:8883"
+#  webhooks:
+#    downlink:
+#      public-address: "lora.domain.tld:1885/api/v3"
+
+# If Device Claiming Server enabled, defaults for "lora.domain.tld":
+#dcs:
+#  oauth:
+#    authorize-url: "https://lora.domain.tld/oauth/authorize"
+#    token-url: "https://lora.domain.tld/oauth/token"
+#    logout-url: "https://lora.domain.tld/oauth/logout"
+#    client-id: "device-claiming"
+#    client-secret: "device-claiming" # choose or generate a secret
+#  ui:
+#    canonical-url: "https://lora.domain.tld/claim"
+#    as:
+#      base-url: "https://lora.domain.tld/api/v3"
+#    dcs:
+#      base-url: "https://lora.domain.tld/api/v3"
+#    is:
+#      base-url: "https://lora.domain.tld/api/v3"
+#    ns:
+#      base-url: "https://lora.domain.tld/api/v3"
No results found