diff --git a/Dockerfile.data_gateway b/Dockerfile.data_gateway index 4588682..19e1c74 100644 --- a/Dockerfile.data_gateway +++ b/Dockerfile.data_gateway @@ -23,6 +23,8 @@ COPY docker/data_gateway/data_gateway.cfg ./config/ #Install Python3.9 and dependencies RUN apt-get -y update; apt-get -y upgrade; apt-get -y install --no-install-recommends python3.9-dev python3-pip python3.9 build-essential net-tools iputils-ping; apt-get clean; rm -rf /var/lib/apt/lists/* +RUN mkdir -p /opt/hbnet_data_gateway/log/ + RUN chown -R hbnet:hbnet /opt/hbnet_data_gateway/ # Switch user and install dependencies diff --git a/Dockerfile.hbnet b/Dockerfile.hbnet index a9b7aa4..2a68a07 100644 --- a/Dockerfile.hbnet +++ b/Dockerfile.hbnet @@ -6,6 +6,9 @@ WORKDIR /opt/hbnet RUN useradd -ms /bin/bash hbnet RUN mkdir -p /opt/hbnet/config/ +RUN mkdir -p /opt/hbnet/log/ +RUN chown -R hbnet:hbnet /opt/hbnet/log/ + #COPY . . @@ -20,6 +23,7 @@ COPY LICENSE.txt . COPY data_gateway.py . COPY docker/hbnet/hbnet.cfg ./config/ COPY docker/hbnet/rules.py ./config/ +COPY hotspot_proxy_v2.py . #Install Python3.9 and dependencies RUN apt-get -y update; apt-get -y upgrade; apt-get -y install --no-install-recommends python3.9-dev python3-pip python3.9 build-essential net-tools iputils-ping; apt-get clean; rm -rf /var/lib/apt/lists/* @@ -37,4 +41,4 @@ RUN python3.9 -m pip install --no-cache-dir -r requirements.txt #ENTRYPOINT ["/home/hbnet_web/.local/bin/supervisord"] -CMD sleep 10s; python3.9 /opt/hbnet/bridge.py -c config/hbnet.cfg -r config/rules.py +CMD sleep 5s; python3.9 /opt/hbnet/bridge.py -c config/hbnet.cfg -r config/rules.py diff --git a/data_gateway.py b/data_gateway.py index 723386f..d679074 100644 --- a/data_gateway.py +++ b/data_gateway.py @@ -1853,7 +1853,6 @@ if __name__ == '__main__': if CONFIG['WEB_SERVICE']['REMOTE_CONFIG_ENABLED']: CONFIG = download_config(CONFIG, cli_args.CONFIG_FILE) - data_id_str = str('[' + CONFIG['DATA_CONFIG']['DATA_DMR_ID'] + ']') data_id = ast.literal_eval(data_id_str) diff --git a/docker-compose.yml b/docker-compose.yml index 6d08336..5f266ec 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -9,13 +9,13 @@ services: context: ./web ports: # Port outside container:Port inside container - - 8082:80 + - 8084:80 - 8083:443 volumes: # Path to config.py - - ./hbnet/web/config.py:/opt/hbnet_web/config.py + - ./hbnet/web_service/config.py:/opt/hbnet_web/config.py # Persist SQLIte data - - ./hbnet/web/data:/opt/hbnet_web/data:rw + - ./hbnet/web_service/data:/opt/hbnet_web/data:rw # NGINX logs - ./hbnet/log/web_service:/var/log/nginx:rw # Path to custon logo @@ -31,10 +31,40 @@ services: dockerfile: ./Dockerfile.data_gateway context: . volumes: + - ./hbnet/data_gateway/data_gateway.cfg:/opt/hbnet_data_gateway/config/data_gateway.cfg # Persistent data - - ./hbnet/data/data_gateway:/opt/hbnet_data_gateway/data:rw - # Log file - - ./hbnet/log/data_gateway:/tmp/log:rw +# - ./hb_data/data/data_gateway:/opt/hbnet_data_gateway/data:rw +## # Log file +## - ./hbnet/log/data_gateway:/opt/hbnet_data_gateway/log:rw + depends_on: + - "hbnet_web_service" + networks: + - hbnet_internal + restart: always + + hbnet: + container_name: hbnet + image: kf7eel/hbnet:latest + hostname: hbnet + build: + dockerfile: ./Dockerfile.hbnet + context: . + ports: + # Port outside container:Port inside container + # Port for clients + - 62032:62032/udp + - 62033:62033/udp + # Reporting port for hbmon + - 4321:4321 + volumes: + # HBNet Configuration file location + - ./hbnet/hbnet/hbnet.cfg:/opt/hbnet/config/hbnet.cfg + # HBNet rules location + - ./hbnet/hbnet/rules.py:/opt/hbnet/config/rules.py + # Persistent data +# - ./hb_data/data/hbnet:/opt/hbnet/data:rw + ## # Log file + ## - ./hbnet/log/hbnet:/opt/hbnet/log:rw depends_on: - "hbnet_web_service" networks: @@ -43,6 +73,7 @@ services: + networks: hbnet_internal: name: hbnet_internal diff --git a/docker/data_gateway/data_gateway.cfg b/docker/data_gateway/data_gateway.cfg index 65d2f56..bd0bd59 100644 --- a/docker/data_gateway/data_gateway.cfg +++ b/docker/data_gateway/data_gateway.cfg @@ -84,8 +84,8 @@ REPORT_CLIENTS: 0.0.0.0 # used. # [LOGGER] -LOG_FILE: /opt/hbnet_data_gateway/data_gateway.log -LOG_HANDLERS: console,file-timed +LOG_FILE: /tmp/data_gateway.log +LOG_HANDLERS: console LOG_LEVEL: DEBUG LOG_NAME: Data Gateway @@ -109,23 +109,11 @@ STALE_DAYS: 3 # This is where to configure the details for use with a user managment script [WEB_SERVICE] THIS_SERVER_NAME: DATA_GATEWAY -REMOTE_CONFIG_ENABLED: True -# URL of the user managment server -URL: http://hbnet_web_service:8080/svr -# Integer appended to DMR ID during the generation of a passphrase -APPEND_INT: 1 -EXTRA_INT_1: 5 -EXTRA_INT_2: 8 -EXTRA_1: TeSt -EXTRA_2: DmR4 +REMOTE_CONFIG_ENABLED: False # Secret used to authenticate with user managment server, before checking if user login is approved SHARED_SECRET: test -# Shorten passphrases -SHORTEN_PASSPHRASE: True -SHORTEN_SAMPLE: 4 -SHORTEN_LENGTH: 4 -BURN_FILE: ./burn_ids.txt -BURN_INT: 5 +# URL of the user managment server +URL: http://hbnet_web_service:8080/svr [DATA_CONFIG] USE_DASHBOARD: False @@ -135,7 +123,7 @@ UNIT_SMS_TS: 2 USER_APRS_SSID: 5 USER_APRS_COMMENT: HBNet APRS Gateway -APRS_SERVER: hbl.ink +APRS_SERVER: aprs.hbnet.xyz APRS_PORT: 14580 APRS_LOGIN_CALL: N0CALL APRS_LOGIN_PASSCODE: 12345 @@ -150,74 +138,28 @@ IGATE_BEACON_ICON = /I IGATE_LATITUDE = 4730. N IGATE_LONGITUDE = 11930. W -# The following settings are for the static positions only, for hotspots or repeaters connected to MASTER stanzas. -# Implementation by IU7IGU -# REPORT_INTERVAL in Minute (ALLOW only > 3 Minutes) -# MESSAGE: This message will print on APRS description together RX and TX Frequency -APRS_STATIC_REPORT_INTERVAL: 15 -APRS_STATIC_MESSAGE:Connected to HBLink - -# The options below are required for operation of the dashboard and will cause errors in gps_data.py -# if configured wrong. Leave them as default unless you know what you are doing. -# If you do change, you must use absolute paths. -LOCATION_FILE: ./data/gps_data_user_loc.txt -BULLETIN_BOARD_FILE: ./data/gps_data_user_bb.txt -MAILBOX_FILE: ./data/gps_data_user_mailbox.txt -EMERGENCY_SOS_FILE: ./data/gps_data_user_sos.txt -SMS_FILE: ./data/gps_data_user_sms.txt +### The following settings are for the static positions only, for hotspots or repeaters connected to MASTER stanzas. +### Implementation by IU7IGU +### REPORT_INTERVAL in Minute (ALLOW only > 3 Minutes) +### MESSAGE: This message will print on APRS description together RX and TX Frequency +##APRS_STATIC_REPORT_INTERVAL: 15 +##APRS_STATIC_MESSAGE:Connected to HBLink # User settings file, MUST configure using absolute path. USER_SETTINGS_FILE: ./user_settings.txt -# API settings -# Authorized Apps file - data used for the dashboard API -USE_API: True -AUTHORIZED_APPS_FILE: /tmp/authorized_apps.txt -AUTHORIZED_TOKENS_FILE: /tmp/hblink_auth_tokens.txt -AUTHORIZED_USERS_FILE: /home/eric/Sync/hblink3_sms_dev/authorized_users.txt -ACCESS_SYSTEMS_FILE: /home/eric/Sync/hblink3_sms_dev/access_systems.txt -MY_SERVER_SHORTCUT: XYZ -SERVER_NAME: Test HBLink Network -USE_PUBLIC_APPS: True -PUBLIC_APPS_LIST: https://raw.githubusercontent.com/kf7eel/hblink_sms_external_apps/main/public_systems.txt -RULES_PATH: /home/eric/Sync/hblink3_sms_dev/rules.py - -# The following options are used for the dashboard. The dashboard is optional. -# Title of the Dashboard -DASHBOARD_TITLE: HBNet D-APRS Dashboard -# Used for API, RSS feed link, etc -DASHBOARD_URL: http://localhost:8092 - -# Logo used on dashboard page -LOGO: https://raw.githubusercontent.com/kf7eel/hblink3/gps/HBlink.png - -# Port to run server -DASH_PORT: 8092 - -# IP to run server on -DASH_HOST: 127.0.0.1 - -#Description of dashboard to show on main page -DESCRIPTION: Welcome to the dashboard. - -# Gateway contact info displayed on about page. -CONTACT_NAME: your name -CONTACT_CALL: N0CALL -CONTACT_EMAIL: email@example.org -CONTACT_WEBSITE: https://hbl.ink - -# Time format for display -TIME_FORMAT: %%H:%%M:%%S - %%m/%%d/%%y - -# Center dashboard map over these coordinates -MAP_CENTER_LAT: 47.00 -MAP_CENTER_LON: -120.00 -ZOOM_LEVEL: 7 - -# List and preview of some map themes at http://leaflet-extras.github.io/leaflet-providers/preview/ -# The following are options for map themes and just work, you should use one of these: “OpenStreetMap”, “Stamen” (Terrain, Toner, and Watercolor), -MAP_THEME: Stamen Toner - +### API settings +### Authorized Apps file - data used for the dashboard API +##USE_API: True +##AUTHORIZED_APPS_FILE: /tmp/authorized_apps.txt +##AUTHORIZED_TOKENS_FILE: /tmp/hblink_auth_tokens.txt +##AUTHORIZED_USERS_FILE: /home/eric/Sync/hblink3_sms_dev/authorized_users.txt +##ACCESS_SYSTEMS_FILE: /home/eric/Sync/hblink3_sms_dev/access_systems.txt +##MY_SERVER_SHORTCUT: XYZ +##SERVER_NAME: Test HBLink Network +##USE_PUBLIC_APPS: True +##PUBLIC_APPS_LIST: https://raw.githubusercontent.com/kf7eel/hblink_sms_external_apps/main/public_systems.txt +##RULES_PATH: /home/eric/Sync/hblink3_sms_dev/rules.py # OPENBRIDGE INSTANCES - DUPLICATE SECTION FOR MULTIPLE CONNECTIONS # OpenBridge is a protocol originall created by DMR+ for connection between an @@ -238,10 +180,27 @@ MAP_THEME: Stamen Toner # HBlink can extend OPB to use both slots for unit calls only. # Setting "BOTH_SLOTS" True ONLY affects unit traffic! # Otherwise ACLs work as described in the global stanza -[OBP-1] +[HBNET] MODE: OPENBRIDGE ENABLED: True IP: +PORT: 53002 +NETWORK_ID: 99 +PASSPHRASE: passw0rd +TARGET_IP: hbnet +TARGET_PORT: 53001 +BOTH_SLOTS: True +USE_ACL: True +SUB_ACL: DENY:1 +TGID_ACL: PERMIT:ALL +ENCRYPT_ALL_TRAFFIC: False +ENCRYPTION_KEY: fFeyPS4g1FZW6OkXrHC47AiGLcl75cG3PW6ystfhXhE= +OTHER_OPTIONS: + +[OBP-1] +MODE: OPENBRIDGE +ENABLED: False +IP: PORT: 62036 NETWORK_ID: 1234 PASSPHRASE: passw0rd @@ -251,7 +210,7 @@ BOTH_SLOTS: True USE_ACL: True SUB_ACL: DENY:1 TGID_ACL: PERMIT:ALL -USE_ENCRYPTION: False +ENCRYPT_ALL_TRAFFIC: False ENCRYPTION_KEY: OTHER_OPTIONS: # MASTER INSTANCES - DUPLICATE SECTION FOR MULTIPLE MASTERS @@ -269,11 +228,7 @@ OTHER_OPTIONS: # See comments in the GLOBAL stanza [MASTER-1] MODE: MASTER -ENABLED: True - -# Use the user manager? If False, MASTER instance will operate as normal. -USE_USER_MAN: False - +ENABLED: False REPEAT: True MAX_PEERS: 3 EXPORT_AMBE: False @@ -365,3 +320,4 @@ SUB_ACL: DENY:1 TGID_TS1_ACL: PERMIT:ALL TGID_TS2_ACL: PERMIT:ALL OTHER_OPTIONS: + diff --git a/docker/hbnet/hbnet.cfg b/docker/hbnet/hbnet.cfg old mode 100644 new mode 100755 index 4e160b4..cc7f646 --- a/docker/hbnet/hbnet.cfg +++ b/docker/hbnet/hbnet.cfg @@ -64,7 +64,7 @@ TGID_TS2_ACL: PERMIT:ALL REPORT: True REPORT_INTERVAL: 60 REPORT_PORT: 4321 -REPORT_CLIENTS: 127.0.0.1 +REPORT_CLIENTS: 0.0.0.0 # SYSTEM LOGGER CONFIGURAITON @@ -84,10 +84,10 @@ REPORT_CLIENTS: 127.0.0.1 # used. # [LOGGER] -LOG_FILE: /tmp/hblink.log +LOG_FILE: /tmp/hbnet.log LOG_HANDLERS: console-timed LOG_LEVEL: DEBUG -LOG_NAME: HBlink +LOG_NAME: HBNet # DOWNLOAD AND IMPORT SUBSCRIBER, PEER and TGID ALIASES # Ok, not the TGID, there's no master list I know of to download @@ -96,7 +96,7 @@ LOG_NAME: HBlink # STALE_DAYS is the number of days since the last download before we # download again. Don't be an ass and change this to less than a few days. [ALIASES] -TRY_DOWNLOAD: True +TRY_DOWNLOAD: False PATH: ./ PEER_FILE: peer_ids.json SUBSCRIBER_FILE: subscriber_ids.json @@ -109,17 +109,17 @@ STALE_DAYS: 7 # This is where to configure the details for use with a user managment script [WEB_SERVICE] THIS_SERVER_NAME: MMDVM_Server -REMOTE_CONFIG_ENABLED: True +# Secret used to authenticate with user managment server, before checking if user login is approved +SHARED_SECRET: test +REMOTE_CONFIG_ENABLED: False # URL of the user managment server -URL: http://localhost:8080/svr +URL: http://hbnet_web_service:8080/svr # Integer appended to DMR ID during the generation of a passphrase APPEND_INT: 1 EXTRA_INT_1: 5 EXTRA_INT_2: 8 EXTRA_1: TeSt EXTRA_2: DmR4 -# Secret used to authenticate with user managment server, before checking if user login is approved -SHARED_SECRET: test # Shorten passphrases SHORTEN_PASSPHRASE: True SHORTEN_SAMPLE: 4 @@ -162,7 +162,27 @@ SUB_ACL: DENY:1 TGID_ACL: PERMIT:ALL # Experimental encryption ENCRYPTION_KEY: -USE_ENCRYPTION: False +ENCRYPT_ALL_TRAFFIC: False +OTHER_OPTIONS: + +[DATA_GATEWAY] +MODE: OPENBRIDGE +ENABLED: True +IP: +PORT: 53001 +NETWORK_ID: 99 +PASSPHRASE: passw0rd +TARGET_IP: hbnet_data_gateway +TARGET_PORT: 53002 +BOTH_SLOTS: True +USE_ACL: True +SUB_ACL: DENY:1 +TGID_ACL: PERMIT:ALL +# Experimental encryption +ENCRYPTION_KEY: fFeyPS4g1FZW6OkXrHC47AiGLcl75cG3PW6ystfhXhE= +ENCRYPT_ALL_TRAFFIC: False +OTHER_OPTIONS: + # MASTER INSTANCES - DUPLICATE SECTION FOR MULTIPLE MASTERS # HomeBrew Protocol Master instances go here. @@ -177,25 +197,50 @@ USE_ENCRYPTION: False # # ACLs: # See comments in the GLOBAL stanza + [MASTER-1] MODE: MASTER ENABLED: True - # Use the user manager? If False, MASTER instance will operate as normal. USE_USER_MAN: False - +STATIC_APRS_POSITION_ENABLED: False REPEAT: True -MAX_PEERS: 10 +MAX_PEERS: 3 EXPORT_AMBE: False IP: -PORT: 54000 -PASSPHRASE: s3cr37w0rd +PORT: 62033 +PASSPHRASE: passw0rd GROUP_HANGTIME: 5 USE_ACL: True REG_ACL: DENY:1 SUB_ACL: DENY:1 TGID_TS1_ACL: PERMIT:ALL TGID_TS2_ACL: PERMIT:ALL +OTHER_OPTIONS: + +[HOTSPOT] +MODE: PROXY +ENABLED: True +EXTERNAL_PROXY_SCRIPT: False +# Use the user manager? If False, MASTER instance will operate as normal. +USE_USER_MAN: False +STATIC_APRS_POSITION_ENABLED: False +REPEAT: True +MAX_PEERS: 10 +EXPORT_AMBE: False +IP: +EXTERNAL_PORT: 62032 +INTERNAL_PORT_START: 52000 +INTERNAL_PORT_STOP: 52009 +PASSPHRASE: passw0rd +GROUP_HANGTIME: 5 +USE_ACL: True +REG_ACL: DENY:1 +SUB_ACL: DENY:1 +TG1_ACL: PERMIT:ALL +TG2_ACL: PERMIT:ALL +OTHER_OPTIONS: + # PEER INSTANCES - DUPLICATE SECTION FOR MULTIPLE PEERS # There are a LOT of errors in the HB Protocol specifications on this one! @@ -209,6 +254,7 @@ TGID_TS2_ACL: PERMIT:ALL # # ACLs: # See comments in the GLOBAL stanza + [REPEATER-1] MODE: PEER ENABLED: False @@ -240,6 +286,7 @@ USE_ACL: True SUB_ACL: DENY:1 TGID_TS1_ACL: PERMIT:ALL TGID_TS2_ACL: PERMIT:ALL +OTHER_OPTIONS: [XLX-1] MODE: XLXPEER @@ -272,3 +319,4 @@ USE_ACL: True SUB_ACL: DENY:1 TGID_TS1_ACL: PERMIT:ALL TGID_TS2_ACL: PERMIT:ALL +OTHER_OPTIONS: diff --git a/docker/hbnet/rules.py.save b/docker/hbnet/rules.py.save new file mode 100644 index 0000000..e69de29 diff --git a/docker/hbnet/rules.py.save.1 b/docker/hbnet/rules.py.save.1 new file mode 100644 index 0000000..758db00 --- /dev/null +++ b/docker/hbnet/rules.py.save.1 @@ -0,0 +1,11 @@ +BRIDGES = { + 'TG 9': [ + {'SYSTEM': 'CLIENT', 'TS': 2, 'TGID': 9, 'ACTIVE': True, 'TIMEOUT': 2, 'TO_TYPE': 'NONE', 'ON': [9,], 'OFF': [], 'RESET': []}, +# {'SYSTEM': 'MASTER-1', 'TS': 2, 'TGID': 3129, 'ACTIVE': True, 'TIMEOUT': 2, 'TO_TYPE': 'NONE', 'ON': [4,], 'OFF': [7,10], 'RESET': []}, + ], + 'Data Gateway': [ + {'SYSTEM': 'CLIENT', 'TS': 2, 'TGID': 9099, 'ACTIVE': True, 'TIMEOUT': 2, 'TO_TYPE': 'NONE', 'ON': [9099,], 'OFF': [], 'RESET': []}, + {'SYSTEM': 'DATA_GATEWAY', 'TS': 2, 'TGID': 9099, 'ACTIVE': True, 'TIMEOUT': 2, 'TO_TYPE': 'NONE', 'ON': [9099,], 'OFF': [], 'RESET': []}, +# {'SYSTEM': 'MASTER-1', 'TS': 2, 'TGID': 3129, 'ACTIVE': True, 'TIMEOUT': 2, 'TO_TYPE': 'NONE', 'ON': [4,], 'OFF': [7,10], 'RESET': []}, + ] +} diff --git a/docker/web_service/config.py b/docker/web_service/config.py index 0f1b3e6..21bc4db 100644 --- a/docker/web_service/config.py +++ b/docker/web_service/config.py @@ -1,3 +1,4 @@ + ''' Settings for HBNet Web Server. ''' @@ -13,7 +14,7 @@ db_location = 'sqlite:////opt/hbnet_web/data/hbnet.sqlite' # Title of the HBNet Web Service/DMR network -title = 'HBNet Web Service (Docker)' +title = 'HBNet Web Service (Docker, Unconfigured)' # Port to run server hws_port = 8080 # IP to run server on @@ -21,7 +22,7 @@ hws_host = '127.0.0.1' # Publicly accessible URL of the web server. THIS IS REQUIRED AND MUST BE CORRECT. url = 'http://localhost:8080' # Replace below with some random string such as an SHA256 -secret_key = 'SUPER SECRET LONG KEY' +secret_key = '123456789123456789123456789123456789123456789123456789' # Timezone to show time stamps in. Stored in DB as UTC. Offset in hours. hbnet_tz = -1 @@ -89,3 +90,5 @@ USER_ENABLE_CONFIRM_EMAIL = True USER_ENABLE_REGISTER = True USER_AUTO_LOGIN_AFTER_CONFIRM = False USER_SHOW_USERNAME_DOES_NOT_EXIST = True + +