takserver/README.md

108 lines
3.7 KiB
Markdown

# TAK Server Docker Setup
A self-contained Docker setup for TAK Server that automatically extracts and configures from the release files.
## Quick Start
1. **Build the Docker image:**
```bash
./build.sh
```
2. **Configure environment variables:**
Edit `EDIT_ME.env` and fill in the required values:
```bash
# Required fields to fill in:
POSTGRES_PASSWORD='your_db_password'
CA_NAME='your_ca_name'
CA_PASS='your_ca_password'
STATE='your_state'
CITY='your_city'
ORGANIZATION='your_organization'
ORGANIZATIONAL_UNIT='your_org_unit'
TAKSERVER_CERT_PASS='your_takserver_cert_password'
ADMIN_CERT_NAME='admin_username'
ADMIN_CERT_PASS='admin_password'
```
3. **Start the services:**
```bash
docker-compose up
```
## Features
- **Self-contained**: Automatically extracts TAK Server from release files
- **Single image**: Everything built into one Docker image (plus database)
- **Environment driven**: All configuration through environment variables
- **Automatic setup**: Certificates, database schema, and admin user created automatically
- **Persistent data**: Docker volumes for data persistence
- **Simple deployment**: Just build and run
## Structure
- `Dockerfile` - Self-contained TAK Server image
- `docker-compose.yml` - Orchestration with PostgreSQL database
- `EDIT_ME.env` - Environment variables configuration
- `build.sh` - Build script
- `scripts/docker_entrypoint.sh` - Main entrypoint with extraction and startup logic
- `scripts/coreConfigEnvHelper.py` - Configuration helper
## Environment Variables
### Required
- `POSTGRES_PASSWORD` - Database password
- `CA_NAME` - Certificate Authority name
- `CA_PASS` - Certificate Authority password
- `STATE` - State for certificate generation
- `CITY` - City for certificate generation
- `ORGANIZATION` - Organization for certificate generation
- `ORGANIZATIONAL_UNIT` - Organizational unit for certificate generation
- `TAKSERVER_CERT_PASS` - TAK Server certificate password
- `ADMIN_CERT_NAME` - Admin username
- `ADMIN_CERT_PASS` - Admin password
### Optional (with defaults)
- `CONFIG_MAX_HEAP=512` - Config service heap size (MB)
- `MESSAGING_MAX_HEAP=2048` - Messaging service heap size (MB)
- `API_MAX_HEAP=1024` - API service heap size (MB)
- `PLUGIN_MANAGER_MAX_HEAP=512` - Plugin Manager heap size (MB)
- `POSTGRES_DB=cot` - Database name
- `POSTGRES_USER=martiuser` - Database user
- `POSTGRES_URL=jdbc:postgresql://takdb:5432/cot` - Database URL
## Ports
- `8443` - HTTPS API
- `8444` - Certificate enrollment
- `8446` - Federation
- `8089` - Web interface
- `9000` - Messaging
- `9001` - Streaming
## Volumes
- `takserver_data` - TAK Server data (logs, certs, config)
- `takdb_data` - PostgreSQL data
## What the entrypoint does
1. **Extract TAK Server** - Automatically extracts from `/takserver-release/` if not already done
2. **Validate environment** - Checks all required environment variables
3. **Initialize directories** - Creates necessary data directories
4. **Generate certificates** - Creates CA, server, and admin certificates if needed
5. **Configure TAK Server** - Updates CoreConfig.xml with environment variables
6. **Initialize database** - Waits for database and runs schema setup
7. **Start services** - Launches all TAK Server services in correct order
8. **Create admin user** - Adds the admin user after services are ready
## Manual file editing
If you need to customize CoreConfig.xml or other configuration files beyond what environment variables provide, you can:
1. Start the container once to generate initial files
2. Stop the container
3. Edit files in the `takserver_data` volume
4. Restart the container
The entrypoint will preserve existing configuration files and only regenerate what's missing.