# TAK Server Docker Setup

A self-contained Docker setup for TAK Server that automatically extracts and configures from the release files.

## Quick Start

1. **Build the Docker image:**
   ```bash
   ./build.sh
   ```

2. **Configure environment variables:**
   Edit `EDIT_ME.env` and fill in the required values:
   ```bash
   # Required fields to fill in:
   POSTGRES_PASSWORD='your_db_password'
   CA_NAME='your_ca_name'
   CA_PASS='your_ca_password'
   STATE='your_state'
   CITY='your_city'
   ORGANIZATION='your_organization'
   ORGANIZATIONAL_UNIT='your_org_unit'
   TAKSERVER_CERT_PASS='your_takserver_cert_password'
   ADMIN_CERT_NAME='admin_username'
   ADMIN_CERT_PASS='admin_password'
   ```

3. **Start the services:**
   ```bash
   docker-compose up
   ```

## Features

- **Self-contained**: Automatically extracts TAK Server from release files
- **Single image**: Everything built into one Docker image (plus database)
- **Environment driven**: All configuration through environment variables
- **Automatic setup**: Certificates, database schema, and admin user created automatically
- **Persistent data**: Docker volumes for data persistence
- **Simple deployment**: Just build and run

## Structure

- `Dockerfile` - Self-contained TAK Server image
- `docker-compose.yml` - Orchestration with PostgreSQL database
- `EDIT_ME.env` - Environment variables configuration
- `build.sh` - Build script
- `scripts/docker_entrypoint.sh` - Main entrypoint with extraction and startup logic
- `scripts/coreConfigEnvHelper.py` - Configuration helper

## Environment Variables

### Required
- `POSTGRES_PASSWORD` - Database password
- `CA_NAME` - Certificate Authority name
- `CA_PASS` - Certificate Authority password
- `STATE` - State for certificate generation
- `CITY` - City for certificate generation
- `ORGANIZATION` - Organization for certificate generation
- `ORGANIZATIONAL_UNIT` - Organizational unit for certificate generation
- `TAKSERVER_CERT_PASS` - TAK Server certificate password
- `ADMIN_CERT_NAME` - Admin username
- `ADMIN_CERT_PASS` - Admin password

### Optional (with defaults)
- `CONFIG_MAX_HEAP=512` - Config service heap size (MB)
- `MESSAGING_MAX_HEAP=2048` - Messaging service heap size (MB)
- `API_MAX_HEAP=1024` - API service heap size (MB)
- `PLUGIN_MANAGER_MAX_HEAP=512` - Plugin Manager heap size (MB)
- `POSTGRES_DB=cot` - Database name
- `POSTGRES_USER=martiuser` - Database user
- `POSTGRES_URL=jdbc:postgresql://takdb:5432/cot` - Database URL

## Ports

- `8443` - HTTPS API
- `8444` - Certificate enrollment
- `8446` - Federation
- `8089` - Web interface
- `9000` - Messaging
- `9001` - Streaming

## Volumes

- `takserver_data` - TAK Server data (logs, certs, config)
- `takdb_data` - PostgreSQL data

## What the entrypoint does

1. **Extract TAK Server** - Automatically extracts from `/takserver-release/` if not already done
2. **Validate environment** - Checks all required environment variables
3. **Initialize directories** - Creates necessary data directories
4. **Generate certificates** - Creates CA, server, and admin certificates if needed
5. **Configure TAK Server** - Updates CoreConfig.xml with environment variables
6. **Initialize database** - Waits for database and runs schema setup
7. **Start services** - Launches all TAK Server services in correct order
8. **Create admin user** - Adds the admin user after services are ready

## Manual file editing

If you need to customize CoreConfig.xml or other configuration files beyond what environment variables provide, you can:

1. Start the container once to generate initial files
2. Stop the container
3. Edit files in the `takserver_data` volume
4. Restart the container

The entrypoint will preserve existing configuration files and only regenerate what's missing.