mirror of
https://github.com/mainflux/mainflux.git
synced 2025-04-29 13:49:28 +08:00
204aec6171
* MF-722 - Change UUID lib (#746) * Update uuid package and update things serivce Signed-off-by: Aleksandar Novakovic <anovakovic01@gmail.com> * Update bootstrap service tests Signed-off-by: Aleksandar Novakovic <anovakovic01@gmail.com> * Update existing postgres writer tests Signed-off-by: Aleksandar Novakovic <anovakovic01@gmail.com> Signed-off-by: mteodor <mirko.teodorovic@gmail.com> * MF-732 - Add Postgres reader (#740) * NOISSUE - Fix Readers logs Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * MF-732 - Add Postgres reader Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix total count Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Rm commented code Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add Postgres reader tests Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix editor format Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Change UUID lib Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> Signed-off-by: mteodor <mirko.teodorovic@gmail.com> * MF-742 - Things to support single user scenario (#749) * Add single user mode to things service Signed-off-by: Aleksandar Novakovic <anovakovic01@gmail.com> * Add tests for things/users package Signed-off-by: Aleksandar Novakovic <anovakovic01@gmail.com> * Update init order in main Signed-off-by: Aleksandar Novakovic <anovakovic01@gmail.com> Signed-off-by: mteodor <mirko.teodorovic@gmail.com> * Update grpc and protobuf deps in mqtt adapter (#751) Signed-off-by: Aleksandar Novakovic <anovakovic01@gmail.com> Signed-off-by: mteodor <mirko.teodorovic@gmail.com> * Fix MQTT raw message deserialization (#753) Signed-off-by: Aleksandar Novakovic <anovakovic01@gmail.com> Signed-off-by: mteodor <mirko.teodorovic@gmail.com> * NOISSUE - Add certificate fields to the Bootstrap service (#752) * Add cert fields to the BS Signed-off-by: Dušan Borovčanin <dusan.borovcanin@mainflux.com> * Add cert fields when creating a config Signed-off-by: Dušan Borovčanin <dusan.borovcanin@mainflux.com> * Add update cert endpoint Signed-off-by: Dušan Borovčanin <dusan.borovcanin@mainflux.com> * Fix key column name Signed-off-by: Dušan Borovčanin <dusan.borovcanin@mainflux.com> * Add cert fields to db converters Signed-off-by: Dušan Borovčanin <dusan.borovcanin@mainflux.com> * Secure cert update endpoint Signed-off-by: Dušan Borovčanin <dusan.borovcanin@mainflux.com> * Authroize cert update methods Signed-off-by: Dušan Borovčanin <dusan.borovcanin@mainflux.com> * Fix Bootstrap service tests Signed-off-by: Dušan Borovčanin <dusan.borovcanin@mainflux.com> * Add cert update service tests Signed-off-by: Dušan Borovčanin <dusan.borovcanin@mainflux.com> * Update endpoit tests Signed-off-by: Dušan Borovčanin <dusan.borovcanin@mainflux.com> * Update API docs Signed-off-by: Dušan Borovčanin <dusan.borovcanin@mainflux.com> * Update request tests Signed-off-by: Dušan Borovčanin <dusan.borovcanin@mainflux.com> * Fix request tests Signed-off-by: Dušan Borovčanin <dusan.borovcanin@mainflux.com> * Update repository tests Signed-off-by: Dušan Borovčanin <dusan.borovcanin@mainflux.com> * Fix typo in repo tests Signed-off-by: Dušan Borovčanin <dusan.borovcanin@mainflux.com> Signed-off-by: mteodor <mirko.teodorovic@gmail.com> * NOISSUE - Add searchable Things name (#750) * NOISSUE - Add searchable Things name Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix reviews Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix typo Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add postgres schema validation and tests Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add namme tests in requests_test Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Typo fix Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Rm requests_test Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add name in ListThings loggins Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add invalidName var for tests Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Set maxNameSize to 1024 Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix postgres test Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix total when filtering things by name Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix review Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> Signed-off-by: mteodor <mirko.teodorovic@gmail.com> * Add missing Websocket.js into docker ui image (#755) Signed-off-by: Ivan Milošević <iva@blokovi.com> Signed-off-by: mteodor <mirko.teodorovic@gmail.com> * MF-466 - ARM docker deployment (#756) * Add arm Dockerfiles Change version of postgres images in docker-compose to use versions with multiarch Signed-off-by: Ivan Milošević <iva@blokovi.com> * docker compose file Signed-off-by: Ivan Milošević <iva@blokovi.com> * remove bin qemu file Signed-off-by: Ivan Milošević <iva@blokovi.com> * remove unnecesarry comments Signed-off-by: Ivan Milošević <iva@blokovi.com> * Add make dockers_arm32v7 in Makefile Signed-off-by: Ivan Milošević <iva@blokovi.com> * Remove docker/Dockerfile.arm Signed-off-by: Ivan Milošević <iva@blokovi.com> * Add build for arm32v7 in ui Makefile Signed-off-by: Ivan Milošević <iva@blokovi.com> * Add arm32v7 tags Signed-off-by: Ivan Milošević <iva@blokovi.com> * add docker-compose for arm remove thing-db in docker compose (use same db as user) fix dockerfile and makefile Signed-off-by: Ivan Milošević <iva@blokovi.com> * fix thing database env variable Signed-off-by: Ivan Milošević <iva@blokovi.com> * Switch back to separate database for things and users Signed-off-by: Ivan Milošević <iva@blokovi.com> * rename arm32v7 to arm Signed-off-by: Ivan Milošević <iva@blokovi.com> * remove arm32v7 tag rename arm32v7 image names Signed-off-by: Ivan Milošević <iva@blokovi.com> * Rename command for making mqtt and ui individual images, to match other miscroservices Signed-off-by: Ivan Milošević <iva@blokovi.com> * Push arm docker images Signed-off-by: Ivan Milošević <iva@blokovi.com> * fix fucntion call in ci.sh Signed-off-by: Ivan Milošević <iva@blokovi.com> * mergiing ui/Dockerfile Signed-off-by: Ivan Milošević <iva@blokovi.com> Signed-off-by: mteodor <mirko.teodorovic@gmail.com> * NOISSUE - Add searchable Channels name (#754) * NOISSUE - Add searchable Things name Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix reviews Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix typo Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add postgres schema validation and tests Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add namme tests in requests_test Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * NOISSUE - Add searchable Channels name Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix test description Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix bootstrap mocks Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix reviews Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> Signed-off-by: mteodor <mirko.teodorovic@gmail.com> * NOISSUE - Remove installing non-existent package in ci (#758) * Remove installing non-existent package from ci Signed-off-by: Ivan Milošević <iva@blokovi.com> * remove branch master condition in ci.sh to test it Signed-off-by: Ivan Milošević <iva@blokovi.com> * fix syntax error Signed-off-by: Ivan Milošević <iva@blokovi.com> * update apt Signed-off-by: Ivan Milošević <iva@blokovi.com> * build arm images for latest release push ui and mqtt arm images install only qemu-user-static Signed-off-by: Ivan Milošević <iva@blokovi.com> * clean docker after pushing amd64 images Signed-off-by: Ivan Milošević <iva@blokovi.com> * installing all qemu app Signed-off-by: Ivan Milošević <iva@blokovi.com> * remove docker images before building ui and mqtt arm-images Signed-off-by: Ivan Milošević <iva@blokovi.com> * prune dockers and test only arm build Signed-off-by: Ivan Milošević <iva@blokovi.com> * fix syntax error Signed-off-by: Ivan Milošević <iva@blokovi.com> * fix moving qemu-arm-static Signed-off-by: Ivan Milošević <iva@blokovi.com> * installing qemu with apt-get Signed-off-by: Ivan Milošević <iva@blokovi.com> * add another apt-get update Signed-off-by: Ivan Milošević <iva@blokovi.com> * apt install one liner Signed-off-by: Ivan Milošević <iva@blokovi.com> * testing ci script Signed-off-by: Ivan Milošević <iva@blokovi.com> * After installing qemu, get appropriate version Signed-off-by: Ivan Milošević <iva@blokovi.com> * Test ci without amd64 dockers Signed-off-by: Ivan Milošević <iva@blokovi.com> * remove tests from ci for test purpose Signed-off-by: Ivan Milošević <iva@blokovi.com> * Uncomment commands Signed-off-by: Ivan Milošević <iva@blokovi.com> * Remove whitespace and change order of building images Signed-off-by: Ivan Milošević <iva@blokovi.com> Signed-off-by: mteodor <mirko.teodorovic@gmail.com> * nginx Signed-off-by: mteodor <mirko.teodorovic@gmail.com> * change to openresty Signed-off-by: mteodor <mirko.teodorovic@gmail.com> * change to openresty and accept env from docker compose Signed-off-by: mteodor <mirko.teodorovic@gmail.com> * revert to master Signed-off-by: mteodor <mirko.teodorovic@gmail.com> * revert to master Signed-off-by: mteodor <mirko.teodorovic@gmail.com> * revert to master Signed-off-by: mteodor <mirko.teodorovic@gmail.com> * NOISSUE - Fix Docker for ARM (#760) * NOISSUE - Fix Docker for ARM Signed-off-by: drasko <drasko.draskovic@gmail.com> * Correct ARGs Signed-off-by: drasko <drasko.draskovic@gmail.com> * Fix docker-compose for ARM Signed-off-by: drasko <drasko.draskovic@gmail.com> * Add docker manifest Signed-off-by: drasko <drasko.draskovic@gmail.com> * cp not mv qemu from mf root Signed-off-by: Ivan Milošević <iva@blokovi.com> * fix amd64 docker names for ui and mqtt images Signed-off-by: Ivan Milošević <iva@blokovi.com> * edit ci.sh for testing purposes Signed-off-by: Ivan Milošević <iva@blokovi.com> * remove bachslash from make manifest edits in ci for testing purposes Signed-off-by: Ivan Milošević <iva@blokovi.com> * fix manifest call Signed-off-by: Ivan Milošević <iva@blokovi.com> * add manifest on version realese delete space before latest argument fix for loop in manifest creation Signed-off-by: Ivan Milošević <iva@blokovi.com> * include tests Signed-off-by: Ivan Milošević <iva@blokovi.com> * docker system prune remove tests for testin purposes Signed-off-by: Ivan Milošević <iva@blokovi.com> * Add variant in manifest file for armv7 Signed-off-by: Ivan Milošević <iva@blokovi.com> * Remove white space Signed-off-by: Ivan Milošević <iva@blokovi.com> * paralelise the compilation Signed-off-by: Ivan Milošević <iva@blokovi.com> * fix place of -j$NPROC Signed-off-by: Ivan Milošević <iva@blokovi.com> Signed-off-by: mteodor <mirko.teodorovic@gmail.com> * adding env variable Signed-off-by: mteodor <mirko.teodorovic@gmail.com> * fix variant option for manifest annotate (#765) Signed-off-by: Ivan Milošević <iva@blokovi.com> Signed-off-by: mteodor <mirko.teodorovic@gmail.com> * enable port configure from env var in docker-compose Signed-off-by: mteodor <mirko.teodorovic@gmail.com> * enable port configure from env var in docker-compose Signed-off-by: mteodor <mirko.teodorovic@gmail.com> * enable port configure from env var in docker-compose Signed-off-by: mteodor <mirko.teodorovic@gmail.com> * use docker env to set port Signed-off-by: mteodor <mirko.teodorovic@gmail.com> * add env to conf port in nginx.conf Signed-off-by: mteodor <mirko.teodorovic@gmail.com> * replace string with docker env Signed-off-by: mteodor <mirko.teodorovic@gmail.com> * replace string with docker env Signed-off-by: mteodor <mirko.teodorovic@gmail.com> * Update docs (#766) Signed-off-by: Dušan Borovčanin <dusan.borovcanin@mainflux.com> Signed-off-by: mteodor <mirko.teodorovic@gmail.com> * remove not needed comment Signed-off-by: mteodor <mirko.teodorovic@gmail.com> * adding .env file for default UI_PORT - if no enviroment UI_PORT is set value from .env file is used Signed-off-by: mteodor <mirko.teodorovic@gmail.com> * get default UI_PORT variable value from .env file Signed-off-by: mteodor <mirko.teodorovic@gmail.com> * set default port value to 3000 Signed-off-by: mteodor <mirko.teodorovic@gmail.com>
219 lines
7.1 KiB
Plaintext
219 lines
7.1 KiB
Plaintext
#
|
|
# Copyright (c) 2018
|
|
# Mainflux
|
|
#
|
|
# SPDX-License-Identifier: Apache-2.0
|
|
#
|
|
# This is the default Mainflux NGINX configuration.
|
|
|
|
user nginx;
|
|
worker_processes auto;
|
|
pid /run/nginx.pid;
|
|
include /etc/nginx/modules-enabled/*.conf;
|
|
|
|
events {
|
|
worker_connections 768;
|
|
}
|
|
|
|
http {
|
|
sendfile on;
|
|
tcp_nopush on;
|
|
tcp_nodelay on;
|
|
keepalive_timeout 65;
|
|
types_hash_max_size 2048;
|
|
|
|
include /etc/nginx/mime.types;
|
|
default_type application/octet-stream;
|
|
|
|
ssl_protocols TLSv1.2 TLSv1.3;
|
|
ssl_prefer_server_ciphers on;
|
|
|
|
access_log /var/log/nginx/access.log;
|
|
error_log /var/log/nginx/error.log;
|
|
|
|
server {
|
|
listen 80 default_server;
|
|
listen [::]:80 default_server;
|
|
listen 443 ssl http2 default_server;
|
|
listen [::]:443 ssl http2 default_server;
|
|
|
|
# These paths are set to its default values as
|
|
# a volume in the docker/docker-compose.yml file.
|
|
ssl_certificate /etc/ssl/certs/mainflux-server.crt;
|
|
ssl_certificate_key /etc/ssl/private/mainflux-server.key;
|
|
ssl_dhparam /etc/ssl/certs/dhparam.pem;
|
|
|
|
ssl_protocols TLSv1.2 TLSv1.3;
|
|
ssl_prefer_server_ciphers on;
|
|
ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";
|
|
ssl_ecdh_curve secp384r1;
|
|
ssl_session_tickets off;
|
|
ssl_stapling off;
|
|
ssl_stapling_verify on;
|
|
resolver 8.8.8.8 8.8.4.4 valid=300s;
|
|
resolver_timeout 5s;
|
|
|
|
add_header Strict-Transport-Security "max-age=63072000; includeSubdomains";
|
|
add_header X-Frame-Options DENY;
|
|
add_header X-Content-Type-Options nosniff;
|
|
add_header Access-Control-Allow-Origin '*';
|
|
add_header Access-Control-Allow-Methods '*';
|
|
add_header Access-Control-Allow-Headers '*';
|
|
|
|
server_name localhost;
|
|
|
|
# Proxy pass to users service
|
|
location ~ ^/(users|tokens) {
|
|
proxy_redirect off;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
proxy_pass http://users:8180;
|
|
|
|
# Allow OPTIONS method CORS
|
|
if ($request_method = OPTIONS ) {
|
|
add_header Content-Length 0;
|
|
add_header Content-Type text/plain;
|
|
return 200;
|
|
}
|
|
}
|
|
|
|
# Proxy pass to things service
|
|
location ~ ^/(things|channels) {
|
|
proxy_redirect off;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
add_header Access-Control-Expose-Headers Location;
|
|
proxy_pass http://things:8182;
|
|
|
|
# Allow OPTIONS method CORS
|
|
if ($request_method = OPTIONS ) {
|
|
add_header Content-Length 0;
|
|
add_header Content-Type text/plain;
|
|
return 200;
|
|
}
|
|
}
|
|
|
|
location /version {
|
|
proxy_redirect off;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
proxy_pass http://things:8182;
|
|
|
|
# Allow OPTIONS method CORS
|
|
if ($request_method = OPTIONS ) {
|
|
add_header Content-Length 0;
|
|
add_header Content-Type text/plain;
|
|
return 200;
|
|
}
|
|
}
|
|
|
|
# Proxy pass to mainflux-http-adapter
|
|
location /http/ {
|
|
proxy_redirect off;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
proxy_pass http://http-adapter:8185/;
|
|
|
|
# Allow OPTIONS method CORS
|
|
if ($request_method = OPTIONS ) {
|
|
add_header Content-Length 0;
|
|
add_header Content-Type text/plain;
|
|
return 200;
|
|
}
|
|
}
|
|
|
|
# Proxy pass to mainflux-ws-adapter
|
|
location /ws/ {
|
|
proxy_redirect off;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
proxy_http_version 1.1;
|
|
proxy_set_header Upgrade $http_upgrade;
|
|
proxy_set_header Connection "Upgrade";
|
|
proxy_connect_timeout 7d;
|
|
proxy_send_timeout 7d;
|
|
proxy_read_timeout 7d;
|
|
proxy_pass http://ws-adapter:8186/;
|
|
|
|
# Allow OPTIONS method CORS
|
|
if ($request_method = OPTIONS ) {
|
|
add_header Content-Length 0;
|
|
add_header Content-Type text/plain;
|
|
return 200;
|
|
}
|
|
}
|
|
|
|
# Proxy pass to mainflux-mqtt-adapter over WS
|
|
location /mqtt {
|
|
proxy_redirect off;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
proxy_http_version 1.1;
|
|
proxy_set_header Upgrade $http_upgrade;
|
|
proxy_set_header Connection "Upgrade";
|
|
proxy_connect_timeout 7d;
|
|
proxy_send_timeout 7d;
|
|
proxy_read_timeout 7d;
|
|
proxy_pass http://mqtt-adapter:8880/;
|
|
|
|
# Allow OPTIONS method CORS
|
|
if ($request_method = OPTIONS ) {
|
|
add_header Content-Length 0;
|
|
add_header Content-Type text/plain;
|
|
return 200;
|
|
}
|
|
}
|
|
|
|
location / {
|
|
proxy_redirect off;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
proxy_pass http://ui:UI_PORT/;
|
|
# Allow OPTIONS method CORS
|
|
if ($request_method = OPTIONS ) {
|
|
add_header Content-Length 0;
|
|
add_header Content-Type text/plain;
|
|
return 200;
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
# MQTT
|
|
stream {
|
|
server {
|
|
listen 8883 ssl;
|
|
listen [::]:8883 ssl;
|
|
|
|
# These paths are set to its default values as
|
|
# a volume in the docker/docker-compose.yml file.
|
|
ssl_certificate /etc/ssl/certs/mainflux-server.crt;
|
|
ssl_certificate_key /etc/ssl/private/mainflux-server.key;
|
|
ssl_dhparam /etc/ssl/certs/dhparam.pem;
|
|
|
|
ssl_protocols TLSv1.2 TLSv1.3;
|
|
ssl_prefer_server_ciphers on;
|
|
ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";
|
|
ssl_ecdh_curve secp384r1;
|
|
ssl_session_tickets off;
|
|
resolver 8.8.8.8 8.8.4.4 valid=300s;
|
|
resolver_timeout 5s;
|
|
|
|
proxy_pass mqtt-adapter:1883;
|
|
}
|
|
}
|