ua1zbe
/
gps
mirror of https://github.com/kf7eel/hbnet.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

WIP Docker stuf

This commit is contained in:
KF7EEL 2021-11-27 05:08:46 -08:00
parent 7b9cff2494
commit 705d33e66e
6 changed files with 861 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
Dockerfile.data_gateway Normal file
View File

@ -0,0 +1,40 @@
# HBNet Data Gateway Dockerfile
FROM debian:11
MAINTAINER Eric Craw "kf7eel@qsl.net"
WORKDIR /opt/hbnet_data_gateway
RUN useradd -ms /bin/bash hbnet
RUN mkdir -p /opt/hbnet_data_gateway/config/
#COPY . .
COPY data_gateway_config.py .
COPY config.py .
COPY bridge.py .
COPY const.py .
COPY hblink.py .
COPY log.py .
COPY reporting_const.py .
COPY requirements.txt .
COPY LICENSE.txt .
COPY data_gateway.py .
COPY docker/data_gateway/data_gateway.cfg ./config/
#Install Python3.9 and dependencies
RUN apt-get -y update; apt-get -y upgrade; apt-get -y install --no-install-recommends python3.9-dev python3-pip python3.9 build-essential net-tools iputils-ping; apt-get clean; rm -rf /var/lib/apt/lists/*
RUN chown -R hbnet:hbnet /opt/hbnet_data_gateway/
# Switch user and install dependencies
USER hbnet
#Upgrade PIP
RUN python3.9 -m pip install --upgrade pip
#Install from requirements.txt
RUN python3.9 -m pip install --no-cache-dir -r requirements.txt
#ENTRYPOINT ["/home/hbnet_web/.local/bin/supervisord"]
CMD sleep 10s; python3.9 /opt/hbnet_data_gateway/data_gateway.py -c config/data_gateway.cfg

40
Dockerfile.hbnet Normal file
View File

@ -0,0 +1,40 @@
# HBNet Data Gateway Dockerfile
FROM debian:11
MAINTAINER Eric Craw "kf7eel@qsl.net"
WORKDIR /opt/hbnet
RUN useradd -ms /bin/bash hbnet
RUN mkdir -p /opt/hbnet/config/
#COPY . .
COPY config.py .
COPY bridge.py .
COPY const.py .
COPY hblink.py .
COPY log.py .
COPY reporting_const.py .
COPY requirements.txt .
COPY LICENSE.txt .
COPY data_gateway.py .
COPY docker/hbnet/hbnet.cfg ./config/
COPY docker/hbnet/rules.py ./config/
#Install Python3.9 and dependencies
RUN apt-get -y update; apt-get -y upgrade; apt-get -y install --no-install-recommends python3.9-dev python3-pip python3.9 build-essential net-tools iputils-ping; apt-get clean; rm -rf /var/lib/apt/lists/*
RUN chown -R hbnet:hbnet /opt/hbnet/
# Switch user and install dependencies
USER hbnet
#Upgrade PIP
RUN python3.9 -m pip install --upgrade pip
#Install from requirements.txt
RUN python3.9 -m pip install --no-cache-dir -r requirements.txt
#ENTRYPOINT ["/home/hbnet_web/.local/bin/supervisord"]
CMD sleep 10s; python3.9 /opt/hbnet/bridge.py -c config/hbnet.cfg -r config/rules.py

49
docker-compose.yml Normal file
View File

@ -0,0 +1,49 @@
version: '3'
services:
hbnet_web_service:
container_name: hbnet_web_service
hostname: web_service
image: kf7eel/hbnet_web_service:latest
build:
dockerfile: ./Dockerfile
context: ./web
ports:
# Port outside container:Port inside container
- 8082:80
- 8083:443
volumes:
# Path to config.py
- ./hbnet/web/config.py:/opt/hbnet_web/config.py
# Persist SQLIte data
- ./hbnet/web/data:/opt/hbnet_web/data:rw
# NGINX logs
- ./hbnet/log/web_service:/var/log/nginx:rw
# Path to custon logo
# - /path/to/logo.png:/opt/hbnet_web/static/HBnet.png
networks:
- hbnet_internal
hbnet_data_gateway:
container_name: hbnet_data_gateway
image: kf7eel/hbnet_data_gateway:latest
hostname: data_gateway
build:
dockerfile: ./Dockerfile.data_gateway
context: .
volumes:
# Persistent data
- ./hbnet/data/data_gateway:/opt/hbnet_data_gateway/data:rw
# Log file
- ./hbnet/log/data_gateway:/tmp/log:rw
depends_on:
- "hbnet_web_service"
networks:
- hbnet_internal
restart: always
networks:
hbnet_internal:
name: hbnet_internal
driver: bridge

367
docker/data_gateway/data_gateway.cfg Normal file
View File

@ -0,0 +1,367 @@
# PROGRAM-WIDE PARAMETERS GO HERE
# PATH - working path for files, leave it alone unless you NEED to change it
# PING_TIME - the interval that peers will ping the master, and re-try registraion
# - how often the Master maintenance loop runs
# MAX_MISSED - how many pings are missed before we give up and re-register
# - number of times the master maintenance loop runs before de-registering a peer
#
# ACLs:
#
# Access Control Lists are a very powerful tool for administering your system.
# But they consume packet processing time. Disable them if you are not using them.
# But be aware that, as of now, the configuration stanzas still need the ACL
# sections configured even if you're not using them.
#
# REGISTRATION ACLS ARE ALWAYS USED, ONLY SUBSCRIBER AND TGID MAY BE DISABLED!!!
#
# The 'action' May be PERMIT|DENY
# Each entry may be a single radio id, or a hypenated range (e.g. 1-2999)
# Format:
# ACL = 'action:id|start-end|,id|start-end,....'
# --for example--
# SUB_ACL: DENY:1,1000-2000,4500-60000,17
#
# ACL Types:
# REG_ACL: peer radio IDs for registration (only used on HBP master systems)
# SUB_ACL: subscriber IDs for end-users
# TGID_TS1_ACL: destination talkgroup IDs on Timeslot 1
# TGID_TS2_ACL: destination talkgroup IDs on Timeslot 2
#
# ACLs may be repeated for individual systems if needed for granularity
# Global ACLs will be processed BEFORE the system level ACLs
# Packets will be matched against all ACLs, GLOBAL first. If a packet 'passes'
# All elements, processing continues. Packets are discarded at the first
# negative match, or 'reject' from an ACL element.
#
# If you do not wish to use ACLs, set them to 'PERMIT:ALL'
# TGID_TS1_ACL in the global stanza is used for OPENBRIDGE systems, since all
# traffic is passed as TS 1 between OpenBridges
[GLOBAL]
PATH: ./
PING_TIME: 5
MAX_MISSED: 3
USE_ACL: True
REG_ACL: PERMIT:ALL
SUB_ACL: DENY:1
TGID_TS1_ACL: PERMIT:ALL
TGID_TS2_ACL: PERMIT:ALL
# NOT YET WORKING: NETWORK REPORTING CONFIGURATION
# Enabling "REPORT" will configure a socket-based reporting
# system that will send the configuration and other items
# to a another process (local or remote) that may process
# the information for some useful purpose, like a web dashboard.
#
# REPORT - True to enable, False to disable
# REPORT_INTERVAL - Seconds between reports
# REPORT_PORT - TCP port to listen on if "REPORT_NETWORKS" = NETWORK
# REPORT_CLIENTS - comma separated list of IPs you will allow clients
# to connect on. Entering a * will allow all.
#
# ****FOR NOW MUST BE TRUE - USE THE LOOPBACK IF YOU DON'T USE THIS!!!****
[REPORTS]
REPORT: True
REPORT_INTERVAL: 60
REPORT_PORT: 4329
REPORT_CLIENTS: 0.0.0.0
# SYSTEM LOGGER CONFIGURAITON
# This allows the logger to be configured without chaning the individual
# python logger stuff. LOG_FILE should be a complete path/filename for *your*
# system -- use /dev/null for non-file handlers.
# LOG_HANDLERS may be any of the following, please, no spaces in the
# list if you use several:
# null
# console
# console-timed
# file
# file-timed
# syslog
# LOG_LEVEL may be any of the standard syslog logging levels, though
# as of now, DEBUG, INFO, WARNING and CRITICAL are the only ones
# used.
#
[LOGGER]
LOG_FILE: /opt/hbnet_data_gateway/data_gateway.log
LOG_HANDLERS: console,file-timed
LOG_LEVEL: DEBUG
LOG_NAME: Data Gateway
# DOWNLOAD AND IMPORT SUBSCRIBER, PEER and TGID ALIASES
# Ok, not the TGID, there's no master list I know of to download
# This is intended as a facility for other applcations built on top of
# HBlink to use, and will NOT be used in HBlink directly.
# STALE_DAYS is the number of days since the last download before we
# download again. Don't be an ass and change this to less than a few days.
[ALIASES]
TRY_DOWNLOAD: True
PATH: ./
PEER_FILE: peer_ids.json
SUBSCRIBER_FILE: subscriber_ids.json
TGID_FILE: talkgroup_ids.json
PEER_URL: https://www.radioid.net/static/rptrs.json
SUBSCRIBER_URL: https://www.radioid.net/static/users.json
STALE_DAYS: 3
# USER MANAGER
# This is where to configure the details for use with a user managment script
[WEB_SERVICE]
THIS_SERVER_NAME: DATA_GATEWAY
REMOTE_CONFIG_ENABLED: True
# URL of the user managment server
URL: http://hbnet_web_service:8080/svr
# Integer appended to DMR ID during the generation of a passphrase
APPEND_INT: 1
EXTRA_INT_1: 5
EXTRA_INT_2: 8
EXTRA_1: TeSt
EXTRA_2: DmR4
# Secret used to authenticate with user managment server, before checking if user login is approved
SHARED_SECRET: test
# Shorten passphrases
SHORTEN_PASSPHRASE: True
SHORTEN_SAMPLE: 4
SHORTEN_LENGTH: 4
BURN_FILE: ./burn_ids.txt
BURN_INT: 5
[DATA_CONFIG]
USE_DASHBOARD: False
DATA_DMR_ID: 9099
CALL_TYPE: both
UNIT_SMS_TS: 2
USER_APRS_SSID: 5
USER_APRS_COMMENT: HBNet APRS Gateway
APRS_SERVER: hbl.ink
APRS_PORT: 14580
APRS_LOGIN_CALL: N0CALL
APRS_LOGIN_PASSCODE: 12345
APRS_FILTER: r/47/-120/500 t/m
# The following settings are only applicable if you are using the gps_data_beacon_igate script.
# They do not affect the operation gps_data itself.
# Time in minutes.
IGATE_BEACON_TIME = 45
IGATE_BEACON_COMMENT = HBLink3 D-APRS Gateway
IGATE_BEACON_ICON = /I
IGATE_LATITUDE = 4730. N
IGATE_LONGITUDE = 11930. W
# The following settings are for the static positions only, for hotspots or repeaters connected to MASTER stanzas.
# Implementation by IU7IGU
# REPORT_INTERVAL in Minute (ALLOW only > 3 Minutes)
# MESSAGE: This message will print on APRS description together RX and TX Frequency
APRS_STATIC_REPORT_INTERVAL: 15
APRS_STATIC_MESSAGE:Connected to HBLink
# The options below are required for operation of the dashboard and will cause errors in gps_data.py
# if configured wrong. Leave them as default unless you know what you are doing.
# If you do change, you must use absolute paths.
LOCATION_FILE: ./data/gps_data_user_loc.txt
BULLETIN_BOARD_FILE: ./data/gps_data_user_bb.txt
MAILBOX_FILE: ./data/gps_data_user_mailbox.txt
EMERGENCY_SOS_FILE: ./data/gps_data_user_sos.txt
SMS_FILE: ./data/gps_data_user_sms.txt
# User settings file, MUST configure using absolute path.
USER_SETTINGS_FILE: ./user_settings.txt
# API settings
# Authorized Apps file - data used for the dashboard API
USE_API: True
AUTHORIZED_APPS_FILE: /tmp/authorized_apps.txt
AUTHORIZED_TOKENS_FILE: /tmp/hblink_auth_tokens.txt
AUTHORIZED_USERS_FILE: /home/eric/Sync/hblink3_sms_dev/authorized_users.txt
ACCESS_SYSTEMS_FILE: /home/eric/Sync/hblink3_sms_dev/access_systems.txt
MY_SERVER_SHORTCUT: XYZ
SERVER_NAME: Test HBLink Network
USE_PUBLIC_APPS: True
PUBLIC_APPS_LIST: https://raw.githubusercontent.com/kf7eel/hblink_sms_external_apps/main/public_systems.txt
RULES_PATH: /home/eric/Sync/hblink3_sms_dev/rules.py
# The following options are used for the dashboard. The dashboard is optional.
# Title of the Dashboard
DASHBOARD_TITLE: HBNet D-APRS Dashboard
# Used for API, RSS feed link, etc
DASHBOARD_URL: http://localhost:8092
# Logo used on dashboard page
LOGO: https://raw.githubusercontent.com/kf7eel/hblink3/gps/HBlink.png
# Port to run server
DASH_PORT: 8092
# IP to run server on
DASH_HOST: 127.0.0.1
#Description of dashboard to show on main page
DESCRIPTION: Welcome to the dashboard.
# Gateway contact info displayed on about page.
CONTACT_NAME: your name
CONTACT_CALL: N0CALL
CONTACT_EMAIL: email@example.org
CONTACT_WEBSITE: https://hbl.ink
# Time format for display
TIME_FORMAT: %%H:%%M:%%S - %%m/%%d/%%y
# Center dashboard map over these coordinates
MAP_CENTER_LAT: 47.00
MAP_CENTER_LON: -120.00
ZOOM_LEVEL: 7
# List and preview of some map themes at http://leaflet-extras.github.io/leaflet-providers/preview/
# The following are options for map themes and just work, you should use one of these: “OpenStreetMap”, “Stamen” (Terrain, Toner, and Watercolor),
MAP_THEME: Stamen Toner
# OPENBRIDGE INSTANCES - DUPLICATE SECTION FOR MULTIPLE CONNECTIONS
# OpenBridge is a protocol originall created by DMR+ for connection between an
# IPSC2 server and Brandmeister. It has been implemented here at the suggestion
# of the Brandmeister team as a way to legitimately connect HBlink to the
# Brandemiester network.
# It is recommended to name the system the ID of the Brandmeister server that
# it connects to, but is not necessary. TARGET_IP and TARGET_PORT are of the
# Brandmeister or IPSC2 server you are connecting to. PASSPHRASE is the password
# that must be agreed upon between you and the operator of the server you are
# connecting to. NETWORK_ID is a number in the format of a DMR Radio ID that
# will be sent to the other server to identify this connection.
# other parameters follow the other system types.
#
# ACLs:
# OpenBridge does not 'register', so registration ACL is meaningless.
# Proper OpenBridge passes all traffic on TS1.
# HBlink can extend OPB to use both slots for unit calls only.
# Setting "BOTH_SLOTS" True ONLY affects unit traffic!
# Otherwise ACLs work as described in the global stanza
[OBP-1]
MODE: OPENBRIDGE
ENABLED: True
IP:
PORT: 62036
NETWORK_ID: 1234
PASSPHRASE: passw0rd
TARGET_IP: 127.0.0.1
TARGET_PORT: 62037
BOTH_SLOTS: True
USE_ACL: True
SUB_ACL: DENY:1
TGID_ACL: PERMIT:ALL
USE_ENCRYPTION: False
ENCRYPTION_KEY:
OTHER_OPTIONS:
# MASTER INSTANCES - DUPLICATE SECTION FOR MULTIPLE MASTERS
# HomeBrew Protocol Master instances go here.
# IP may be left blank if there's one interface on your system.
# Port should be the port you want this master to listen on. It must be unique
# and unused by anything else.
# Repeat - if True, the master repeats traffic to peers, False, it does nothing.
#
# MAX_PEERS -- maximun number of peers that may be connect to this master
# at any given time. This is very handy if you're allowing hotspots to
# connect, or using a limited computer like a Raspberry Pi.
#
# ACLs:
# See comments in the GLOBAL stanza
[MASTER-1]
MODE: MASTER
ENABLED: True
# Use the user manager? If False, MASTER instance will operate as normal.
USE_USER_MAN: False
REPEAT: True
MAX_PEERS: 3
EXPORT_AMBE: False
IP:
PORT: 62033
PASSPHRASE: passw0rd
GROUP_HANGTIME: 5
USE_ACL: True
REG_ACL: DENY:1
SUB_ACL: DENY:1
TGID_TS1_ACL: PERMIT:ALL
TGID_TS2_ACL: PERMIT:ALL
OTHER_OPTIONS:
# PEER INSTANCES - DUPLICATE SECTION FOR MULTIPLE PEERS
# There are a LOT of errors in the HB Protocol specifications on this one!
# MOST of these items are just strings and will be properly dealt with by the program
# The TX & RX Frequencies are 9-digit numbers, and are the frequency in Hz.
# Latitude is an 8-digit unsigned floating point number.
# Longitude is a 9-digit signed floating point number.
# Height is in meters
# Setting Loose to True relaxes the validation on packets received from the master.
# This will allow HBlink to connect to a non-compliant system such as XLXD, DMR+ etc.
#
# ACLs:
# See comments in the GLOBAL stanza
[REPEATER-1]
MODE: PEER
ENABLED: False
LOOSE: False
EXPORT_AMBE: False
IP:
PORT: 54001
MASTER_IP: 172.16.1.1
MASTER_PORT: 54000
PASSPHRASE: homebrew
CALLSIGN: W1ABC
RADIO_ID: 312000
RX_FREQ: 449000000
TX_FREQ: 444000000
TX_POWER: 25
COLORCODE: 1
SLOTS: 1
LATITUDE: 38.0000
LONGITUDE: -095.0000
HEIGHT: 75
LOCATION: Anywhere, USA
DESCRIPTION: This is a cool repeater
URL: www.w1abc.org
SOFTWARE_ID: 20170620
PACKAGE_ID: MMDVM_HBlink
GROUP_HANGTIME: 5
OPTIONS:
USE_ACL: True
SUB_ACL: DENY:1
TGID_TS1_ACL: PERMIT:ALL
TGID_TS2_ACL: PERMIT:ALL
OTHER_OPTIONS:
[XLX-1]
MODE: XLXPEER
ENABLED: False
LOOSE: True
EXPORT_AMBE: False
IP:
PORT: 54002
MASTER_IP: 172.16.1.1
MASTER_PORT: 62030
PASSPHRASE: passw0rd
CALLSIGN: W1ABC
RADIO_ID: 312000
RX_FREQ: 449000000
TX_FREQ: 444000000
TX_POWER: 25
COLORCODE: 1
SLOTS: 1
LATITUDE: 38.0000
LONGITUDE: -095.0000
HEIGHT: 75
LOCATION: Anywhere, USA
DESCRIPTION: This is a cool repeater
URL: www.w1abc.org
SOFTWARE_ID: 20170620
PACKAGE_ID: MMDVM_HBlink
GROUP_HANGTIME: 5
XLXMODULE: 4004
USE_ACL: True
SUB_ACL: DENY:1
TGID_TS1_ACL: PERMIT:ALL
TGID_TS2_ACL: PERMIT:ALL
OTHER_OPTIONS:

274
docker/hbnet/hbnet.cfg Normal file
View File

@ -0,0 +1,274 @@
# PROGRAM-WIDE PARAMETERS GO HERE
# PATH - working path for files, leave it alone unless you NEED to change it
# PING_TIME - the interval that peers will ping the master, and re-try registraion
# - how often the Master maintenance loop runs
# MAX_MISSED - how many pings are missed before we give up and re-register
# - number of times the master maintenance loop runs before de-registering a peer
#
# ACLs:
#
# Access Control Lists are a very powerful tool for administering your system.
# But they consume packet processing time. Disable them if you are not using them.
# But be aware that, as of now, the configuration stanzas still need the ACL
# sections configured even if you're not using them.
#
# REGISTRATION ACLS ARE ALWAYS USED, ONLY SUBSCRIBER AND TGID MAY BE DISABLED!!!
#
# The 'action' May be PERMIT|DENY
# Each entry may be a single radio id, or a hypenated range (e.g. 1-2999)
# Format:
# ACL = 'action:id|start-end|,id|start-end,....'
# --for example--
# SUB_ACL: DENY:1,1000-2000,4500-60000,17
#
# ACL Types:
# REG_ACL: peer radio IDs for registration (only used on HBP master systems)
# SUB_ACL: subscriber IDs for end-users
# TGID_TS1_ACL: destination talkgroup IDs on Timeslot 1
# TGID_TS2_ACL: destination talkgroup IDs on Timeslot 2
#
# ACLs may be repeated for individual systems if needed for granularity
# Global ACLs will be processed BEFORE the system level ACLs
# Packets will be matched against all ACLs, GLOBAL first. If a packet 'passes'
# All elements, processing continues. Packets are discarded at the first
# negative match, or 'reject' from an ACL element.
#
# If you do not wish to use ACLs, set them to 'PERMIT:ALL'
# TGID_TS1_ACL in the global stanza is used for OPENBRIDGE systems, since all
# traffic is passed as TS 1 between OpenBridges
[GLOBAL]
PATH: ./
PING_TIME: 5
MAX_MISSED: 3
USE_ACL: True
REG_ACL: PERMIT:ALL
SUB_ACL: DENY:1
TGID_TS1_ACL: PERMIT:ALL
TGID_TS2_ACL: PERMIT:ALL
# NOT YET WORKING: NETWORK REPORTING CONFIGURATION
# Enabling "REPORT" will configure a socket-based reporting
# system that will send the configuration and other items
# to a another process (local or remote) that may process
# the information for some useful purpose, like a web dashboard.
#
# REPORT - True to enable, False to disable
# REPORT_INTERVAL - Seconds between reports
# REPORT_PORT - TCP port to listen on if "REPORT_NETWORKS" = NETWORK
# REPORT_CLIENTS - comma separated list of IPs you will allow clients
# to connect on. Entering a * will allow all.
#
# ****FOR NOW MUST BE TRUE - USE THE LOOPBACK IF YOU DON'T USE THIS!!!****
[REPORTS]
REPORT: True
REPORT_INTERVAL: 60
REPORT_PORT: 4321
REPORT_CLIENTS: 127.0.0.1
# SYSTEM LOGGER CONFIGURAITON
# This allows the logger to be configured without chaning the individual
# python logger stuff. LOG_FILE should be a complete path/filename for *your*
# system -- use /dev/null for non-file handlers.
# LOG_HANDLERS may be any of the following, please, no spaces in the
# list if you use several:
# null
# console
# console-timed
# file
# file-timed
# syslog
# LOG_LEVEL may be any of the standard syslog logging levels, though
# as of now, DEBUG, INFO, WARNING and CRITICAL are the only ones
# used.
#
[LOGGER]
LOG_FILE: /tmp/hblink.log
LOG_HANDLERS: console-timed
LOG_LEVEL: DEBUG
LOG_NAME: HBlink
# DOWNLOAD AND IMPORT SUBSCRIBER, PEER and TGID ALIASES
# Ok, not the TGID, there's no master list I know of to download
# This is intended as a facility for other applcations built on top of
# HBlink to use, and will NOT be used in HBlink directly.
# STALE_DAYS is the number of days since the last download before we
# download again. Don't be an ass and change this to less than a few days.
[ALIASES]
TRY_DOWNLOAD: True
PATH: ./
PEER_FILE: peer_ids.json
SUBSCRIBER_FILE: subscriber_ids.json
TGID_FILE: talkgroup_ids.json
PEER_URL: https://www.radioid.net/static/rptrs.json
SUBSCRIBER_URL: https://www.radioid.net/static/users.json
STALE_DAYS: 7
# USER MANAGER
# This is where to configure the details for use with a user managment script
[WEB_SERVICE]
THIS_SERVER_NAME: MMDVM_Server
REMOTE_CONFIG_ENABLED: True
# URL of the user managment server
URL: http://localhost:8080/svr
# Integer appended to DMR ID during the generation of a passphrase
APPEND_INT: 1
EXTRA_INT_1: 5
EXTRA_INT_2: 8
EXTRA_1: TeSt
EXTRA_2: DmR4
# Secret used to authenticate with user managment server, before checking if user login is approved
SHARED_SECRET: test
# Shorten passphrases
SHORTEN_PASSPHRASE: True
SHORTEN_SAMPLE: 4
SHORTEN_LENGTH: 4
BURN_FILE: ./burn_ids.txt
BURN_INT: 5
# OPENBRIDGE INSTANCES - DUPLICATE SECTION FOR MULTIPLE CONNECTIONS
# OpenBridge is a protocol originall created by DMR+ for connection between an
# IPSC2 server and Brandmeister. It has been implemented here at the suggestion
# of the Brandmeister team as a way to legitimately connect HBlink to the
# Brandemiester network.
# It is recommended to name the system the ID of the Brandmeister server that
# it connects to, but is not necessary. TARGET_IP and TARGET_PORT are of the
# Brandmeister or IPSC2 server you are connecting to. PASSPHRASE is the password
# that must be agreed upon between you and the operator of the server you are
# connecting to. NETWORK_ID is a number in the format of a DMR Radio ID that
# will be sent to the other server to identify this connection.
# other parameters follow the other system types.
#
# ACLs:
# OpenBridge does not 'register', so registration ACL is meaningless.
# Proper OpenBridge passes all traffic on TS1.
# HBlink can extend OPB to use both slots for unit calls only.
# Setting "BOTH_SLOTS" True ONLY affects unit traffic!
# Otherwise ACLs work as described in the global stanza
[OBP-1]
MODE: OPENBRIDGE
ENABLED: False
IP:
PORT: 62035
NETWORK_ID: 3129100
PASSPHRASE: password
TARGET_IP: 1.2.3.4
TARGET_PORT: 62035
BOTH_SLOTS: True
USE_ACL: True
SUB_ACL: DENY:1
TGID_ACL: PERMIT:ALL
# Experimental encryption
ENCRYPTION_KEY:
USE_ENCRYPTION: False
# MASTER INSTANCES - DUPLICATE SECTION FOR MULTIPLE MASTERS
# HomeBrew Protocol Master instances go here.
# IP may be left blank if there's one interface on your system.
# Port should be the port you want this master to listen on. It must be unique
# and unused by anything else.
# Repeat - if True, the master repeats traffic to peers, False, it does nothing.
#
# MAX_PEERS -- maximun number of peers that may be connect to this master
# at any given time. This is very handy if you're allowing hotspots to
# connect, or using a limited computer like a Raspberry Pi.
#
# ACLs:
# See comments in the GLOBAL stanza
[MASTER-1]
MODE: MASTER
ENABLED: True
# Use the user manager? If False, MASTER instance will operate as normal.
USE_USER_MAN: False
REPEAT: True
MAX_PEERS: 10
EXPORT_AMBE: False
IP:
PORT: 54000
PASSPHRASE: s3cr37w0rd
GROUP_HANGTIME: 5
USE_ACL: True
REG_ACL: DENY:1
SUB_ACL: DENY:1
TGID_TS1_ACL: PERMIT:ALL
TGID_TS2_ACL: PERMIT:ALL
# PEER INSTANCES - DUPLICATE SECTION FOR MULTIPLE PEERS
# There are a LOT of errors in the HB Protocol specifications on this one!
# MOST of these items are just strings and will be properly dealt with by the program
# The TX & RX Frequencies are 9-digit numbers, and are the frequency in Hz.
# Latitude is an 8-digit unsigned floating point number.
# Longitude is a 9-digit signed floating point number.
# Height is in meters
# Setting Loose to True relaxes the validation on packets received from the master.
# This will allow HBlink to connect to a non-compliant system such as XLXD, DMR+ etc.
#
# ACLs:
# See comments in the GLOBAL stanza
[REPEATER-1]
MODE: PEER
ENABLED: False
LOOSE: False
EXPORT_AMBE: False
IP:
PORT: 54001
MASTER_IP: 172.16.1.1
MASTER_PORT: 54000
PASSPHRASE: homebrew
CALLSIGN: W1ABC
RADIO_ID: 312000
RX_FREQ: 449000000
TX_FREQ: 444000000
TX_POWER: 25
COLORCODE: 1
SLOTS: 1
LATITUDE: 38.0000
LONGITUDE: -095.0000
HEIGHT: 75
LOCATION: Anywhere, USA
DESCRIPTION: This is a cool repeater
URL: www.w1abc.org
SOFTWARE_ID: 20170620
PACKAGE_ID: MMDVM_HBlink
GROUP_HANGTIME: 5
OPTIONS:
USE_ACL: True
SUB_ACL: DENY:1
TGID_TS1_ACL: PERMIT:ALL
TGID_TS2_ACL: PERMIT:ALL
[XLX-1]
MODE: XLXPEER
ENABLED: False
LOOSE: True
EXPORT_AMBE: False
IP:
PORT: 54002
MASTER_IP: 172.16.1.1
MASTER_PORT: 62030
PASSPHRASE: passw0rd
CALLSIGN: W1ABC
RADIO_ID: 312000
RX_FREQ: 449000000
TX_FREQ: 444000000
TX_POWER: 25
COLORCODE: 1
SLOTS: 1
LATITUDE: 38.0000
LONGITUDE: -095.0000
HEIGHT: 75
LOCATION: Anywhere, USA
DESCRIPTION: This is a cool repeater
URL: www.w1abc.org
SOFTWARE_ID: 20170620
PACKAGE_ID: MMDVM_HBlink
GROUP_HANGTIME: 5
XLXMODULE: 4004
USE_ACL: True
SUB_ACL: DENY:1
TGID_TS1_ACL: PERMIT:ALL
TGID_TS2_ACL: PERMIT:ALL

91
docker/web_service/config.py Normal file
View File

@ -0,0 +1,91 @@
'''
Settings for HBNet Web Server.
'''
# Database options
# Using SQLite is simple and easiest. Comment out this line and uncomment the MySQL
# line to use a MySQL/MariaDB server.
db_location = 'sqlite:////opt/hbnet_web/data/hbnet.sqlite'
# Uncomment and change this line to use a MySQL DB. It is best to start with a fresh
# DB without data in it.
#db_location = 'mysql+pymysql://DB_USERNAME:DB_PASSWORD@DB_HOST:MySQL_PORT/DB_NAME'
# Title of the HBNet Web Service/DMR network
title = 'HBNet Web Service (Docker)'
# Port to run server
hws_port = 8080
# IP to run server on
hws_host = '127.0.0.1'
# Publicly accessible URL of the web server. THIS IS REQUIRED AND MUST BE CORRECT.
url = 'http://localhost:8080'
# Replace below with some random string such as an SHA256
secret_key = 'SUPER SECRET LONG KEY'
# Timezone to show time stamps in. Stored in DB as UTC. Offset in hours.
hbnet_tz = -1
# Time format for display on some pages
time_format = '%H:%M:%S - %m/%d/%y'
# Default state for newly created user accounts. Setting to False will require
# the approval of an admin user before the user can login.
default_account_state = True
# Legacy passphrase used in hblink.cfg
legacy_passphrase = 'passw0rd'
# Coordinates to center map over
center_map = [45.372, -121.6972]
# Default map zoom level
map_zoom = 5
# Passphrase calculation config. If REMOTE_CONFIG is not used in your DMR server config
# (hblink.cfg), then the values in section [USER_MANAGER] MUST match the values below.
# If REMOTE_CONFIG is enabled, the DMR server (hblink) will automatically use the values below.
# These config options affect the generation of user passphrases.
# Set to a value between 1 - 99. This value is used in the normal calculation.
append_int = 1
# Set to a value between 1 - 99. This value is used for compromised passphrases.
burn_int = 5
# Set to a value between 1 - 99 This value is used in the normal calculation.
extra_int_1 = 5
# Set to a value between 1 - 99 This value is used in the normal calculation.
extra_int_2 = 8
# Set to a length of about 10 characters.
extra_1 = 'TeSt'
extra_2 = 'DmR4'
# Shorten generated passphrases
use_short_passphrase = True
# Character length of shortened passphrase
shorten_length = 6
# How often to pick character from long passphrase when shortening.
shorten_sample = 4
# Email settings
MAIL_SERVER = 'smtp.gmail.com'
MAIL_PORT = 465
MAIL_USE_SSL = True
MAIL_USE_TLS = False
MAIL_USERNAME = 'app@gmail.com'
MAIL_PASSWORD = 'password'
MAIL_DEFAULT_SENDER = '"' + title + '" <app@gmail.com>'
# User settings settings
USER_ENABLE_EMAIL = True
USER_ENABLE_USERNAME = True
USER_REQUIRE_RETYPE_PASSWORD = True
USER_ENABLE_CHANGE_USERNAME = False
USER_ENABLE_MULTIPLE_EMAILS = True
USER_ENABLE_CONFIRM_EMAIL = True
USER_ENABLE_REGISTER = True
USER_AUTO_LOGIN_AFTER_CONFIRM = False
USER_SHOW_USERNAME_DOES_NOT_EXIST = True