Skip to content

Server Installation

The server can be installed natively or with docker. The docker-compose.yml file below is the recommended install medium.

Native

TBD

From Source

TBD

Docker

services:
  userdb:
    image: postgres:16-alpine
    ports:
      - "5432:5432"
    volumes:
      - ./postgres:/var/lib/postgresql/data
    networks:
      wc-local:
        ipv4_address: 10.5.0.2
    environment:
      - POSTGRES_PASSWORD=CHANGE-TO-SECURE
      - POSTGRES_USER=warecached
      - POSTGRES_DB=wc_demo

  itemdb:
    image: redis/redis-stack:7.2.0-v0
    ports:
      - "6379:6379"
      - "8001:8001"
    networks:
      wc-local:
        ipv4_address: 10.5.0.3
    volumes:
      - ./redis:/data
      - ./redis.conf:/redis-stack.conf

  mqtt:
    image: eclipse-mosquitto
    ports:
      - "1883:1883"
      - "8883:8883"
    networks:
      wc-local:
        ipv4_address: 10.5.0.4
      wc-external:
    volumes:
      - "./mosquitto/config:/mosquitto/config:rw"
      - "./mosquitto/data:/mosquitto/data:rw"
      - "./mosquitto/log:/mosquitto/log:rw"

  warecached:
    image: gitlab.slant.tech:5050/products/warecache/software/server-rust/warecache:staging
    depends_on:
      - userdb
      - itemdb
      - mqtt
    ports:
      - "127.0.0.1:8118:8118"
    networks:
      wc-local:
        ipv4_address: 10.5.0.5
      wc-external:
    environment:
      WCD_GENERAL_DEBUG: True
      WCD_LOG_OUTPUT: "std"
      WCD_LOG_LEVEL: "debug"
      WCD_API_EXTENRUL: "https://warecache.example.com"
      WCD_API_ADDRESS: "0.0.0.0"
      WCD_API_PORT: 8118
      WCD_DB_ADDRESS: "itemdb"
      WCD_DB_PORT: 6379
      WCD_USERDB_ADDRESS: "userdb"
      WCD_USERDB_PORT: 5432
      WCD_USERDB_USER: "warecached"
      WCD_USERDB_PASS: "CHANGE-TO-SECURE"
      WCD_USERDB_DB: "wc_demo"
      WCD_MQTT_ADDRESS: "mqtt"
      WCD_MQTT_PORT: 8883
      WCD_MQTT_CLIENTID: "warecache-demo-server"
      WCD_MQTT_KEEPALIVE: 30
      WCD_MQTT_CERTPATH: "/app/certs/client.crt"
      WCD_MQTT_KEYPATH: "/app/certs/client.key"
      WCD_MQTT_ROOTCAPATH: "/app/certs/ca.crt"
    volumes:
      - "./certs:/app/certs"
networks:
  wc-local:
    driver: bridge
    ipam:
      config:
        - subnet: 10.5.0.0/16
          gateway: 10.5.0.1
  wc-external:

Certificate Setup

In order to provide a secure MQTT authentication scheme, x509 certificates are utilized for authentication.

Due to specific requirements for the certificates, the easiest option for installation requires a custom root certificate authority. The following steps will generate all the required files.

EXT File

Create the mqtt.ext file to be used for proper DNS resolution. The 'IP.1' and 'DNS.1' value should be changed to the ip address and domain name of the MQTT service used. The values shown below are for the docker-compose.yml predetermined IP addresses.

authorityKeyIdentifier=keyid,issuer
basicConstraints=CA:FALSE
subjectAltName = @alt_names
[alt_names]
DNS.1 = mqtt
IP.1 = 10.5.0.4

Certificate Generation

openssl req -x509 -sha256 -nodes -subj "/C=FI/CN=warecache" -days 3650 -newkey rsa:4096 -keyout ca.key -out ca.crt

openssl req -newkey rsa:4096 -nodes -subj "/C=FI/CN=warecache-mqtt" -keyout server.key -out server.csr

openssl x509 -signkey server.key -in server.csr -req -days 3650 -out server.crt

openssl x509 -req -in server.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out server.crt -days 3650 -extfile mqtt.ext

openssl req -newkey rsa:4096 -nodes -subj "/C=FI/CN=warecache-server" -keyout client.key -out client.csr

openssl x509 -req -in client.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out client.crt -days 3650

cp ./{ca.crt,server.key,server.crt} ../mosquitto/config