API tools faq
paste
Advertisement
Guest User

lora-app-server

a guest
Oct 27th, 2018
394
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 9.86 KB | None | 0 0
raw download clone embed print report
  1. [general]
  2. # Log level
  3. #
  4. # debug=5, info=4, warning=3, error=2, fatal=1, panic=0
  5. log_level=4
  6.  
  7. # The number of times passwords must be hashed. A higher number is safer as
  8. # an attack takes more time to perform.
  9. password_hash_iterations=100000
  10.  
  11.  
  12. # PostgreSQL settings.
  13. #
  14. # Please note that PostgreSQL 9.5+ is required.
  15. [postgresql]
  16. # PostgreSQL dsn (e.g.: postgres://user:password@hostname/database?sslmode=disable).
  17. #
  18. # Besides using an URL (e.g. 'postgres://user:password@hostname/database?sslmode=disable')
  19. # it is also possible to use the following format:
  20. # 'user=loraserver dbname=loraserver sslmode=disable'.
  21. #
  22. # The following connection parameters are supported:
  23. #
  24. # * dbname - The name of the database to connect to
  25. # * user - The user to sign in as
  26. # * password - The user's password
  27. # * host - The host to connect to. Values that start with / are for unix domain sockets. (default is localhost)
  28. # * port - The port to bind to. (default is 5432)
  29. # * sslmode - Whether or not to use SSL (default is require, this is not the default for libpq)
  30. # * fallback_application_name - An application_name to fall back to if one isn't provided.
  31. # * connect_timeout - Maximum wait for connection, in seconds. Zero or not specified means wait indefinitely.
  32. # * sslcert - Cert file location. The file must contain PEM encoded data.
  33. # * sslkey - Key file location. The file must contain PEM encoded data.
  34. # * sslrootcert - The location of the root certificate file. The file must contain PEM encoded data.
  35. #
  36. # Valid values for sslmode are:
  37. #
  38. # * disable - No SSL
  39. # * require - Always SSL (skip verification)
  40. # * verify-ca - Always SSL (verify that the certificate presented by the server was signed by a trusted CA)
  41. # * verify-full - Always SSL (verify that the certification presented by the server was signed by a trusted CA and the server host name matches the one in the certificate)
  42. dsn="postgres://loraserver_as:dbpassword@localhost/loraserver_as?sslmode=disable"
  43.  
  44. # Automatically apply database migrations.
  45. #
  46. # It is possible to apply the database-migrations by hand
  47. # (see https://github.com/brocaar/lora-app-server/tree/master/migrations)
  48. # or let LoRa App Server migrate to the latest state automatically, by using
  49. # this setting. Make sure that you always make a backup when upgrading Lora
  50. # App Server and / or applying migrations.
  51. automigrate=true
  52.  
  53.  
  54. # Redis settings
  55. #
  56. # Please note that Redis 2.6.0+ is required.
  57. [redis]
  58. # Redis url (e.g. redis://user:password@hostname/0)
  59. #
  60. # For more information about the Redis URL format, see:
  61. # https://www.iana.org/assignments/uri-schemes/prov/redis
  62. url="redis://localhost:6379"
  63.  
  64. # Max idle connections in the pool.
  65. max_idle=10
  66.  
  67. # Idle timeout.
  68. #
  69. # Close connections after remaining idle for this duration. If the value
  70. # is zero, then idle connections are not closed. You should set
  71. # the timeout to a value less than the server's timeout.
  72. idle_timeout="5m0s"
  73.  
  74.  
  75. # Application-server settings.
  76. [application_server]
  77. # Application-server identifier.
  78. #
  79. # Random UUID defining the id of the application-server installation (used by
  80. # LoRa Server as routing-profile id).
  81. # For now it is recommended to not change this id.
  82. id="6d5db27e-4ce2-4b2b-b5d7-91f069397978"
  83.  
  84.  
  85. # Integration configures the data integration.
  86. #
  87. # This is the data integration which is available for all applications,
  88. # besides the extra integrations that can be added on a per-application
  89. # basis.
  90. [application_server.integration]
  91. # The integration backend.
  92. #
  93. # This defines the backend to use for the data integration. Use the section
  94. # name of one of the following integration backend.
  95. # E.g. "mqtt" or "gcp_pub_sub".
  96. backend="mqtt"
  97.  
  98.  
  99. # MQTT integration backend.
  100. [application_server.integration.mqtt]
  101. # MQTT topic templates for the different MQTT topics.
  102. #
  103. # The meaning of these topics are documented at:
  104. # https://www.loraserver.io/lora-app-server/integrate/data/
  105. #
  106. # The following substitutions can be used:
  107. # * "{{ .ApplicationID }}" for the application id.
  108. # * "{{ .DevEUI }}" for the DevEUI of the device.
  109. #
  110. # Note: the downlink_topic_template must contain both the application id and
  111. # DevEUI substitution!
  112. uplink_topic_template="application/{{ .ApplicationID }}/device/{{ .DevEUI }}/rx"
  113. downlink_topic_template="application/{{ .ApplicationID }}/device/{{ .DevEUI }}/tx"
  114. join_topic_template="application/{{ .ApplicationID }}/device/{{ .DevEUI }}/join"
  115. ack_topic_template="application/{{ .ApplicationID }}/device/{{ .DevEUI }}/ack"
  116. error_topic_template="application/{{ .ApplicationID }}/device/{{ .DevEUI }}/error"
  117. status_topic_template="application/{{ .ApplicationID }}/device/{{ .DevEUI }}/status"
  118. location_topic_template="application/{{ .ApplicationID }}/device/{{ .DevEUI }}/location"
  119.  
  120. # MQTT server (e.g. scheme://host:port where scheme is tcp, ssl or ws)
  121. server="tcp://localhost:1884"
  122.  
  123. # Connect with the given username (optional)
  124. username="user"
  125.  
  126. # Connect with the given password (optional)
  127. password="password"
  128.  
  129. # Quality of service level
  130. #
  131. # 0: at most once
  132. # 1: at least once
  133. # 2: exactly once
  134. #
  135. # Note: an increase of this value will decrease the performance.
  136. # For more information: https://www.hivemq.com/blog/mqtt-essentials-part-6-mqtt-quality-of-service-levels
  137. qos=0
  138.  
  139. # Clean session
  140. #
  141. # Set the "clean session" flag in the connect message when this client
  142. # connects to an MQTT broker. By setting this flag you are indicating
  143. # that no messages saved by the broker for this client should be delivered.
  144. clean_session=true
  145.  
  146. # Client ID
  147. #
  148. # Set the client id to be used by this client when connecting to the MQTT
  149. # broker. A client id must be no longer than 23 characters. When left blank,
  150. # a random id will be generated. This requires clean_session=true.
  151. client_id="client_lora-app-server"
  152.  
  153. # CA certificate file (optional)
  154. #
  155. # Use this when setting up a secure connection (when server uses ssl://...)
  156. # but the certificate used by the server is not trusted by any CA certificate
  157. # on the server (e.g. when self generated).
  158. ca_cert=""
  159.  
  160. # TLS certificate file (optional)
  161. tls_cert=""
  162.  
  163. # TLS key file (optional)
  164. tls_key=""
  165.  
  166.  
  167. # Google Cloud Pub/Sub backend.
  168. [application_server.integration.gcp_pub_sub]
  169. # Path to the IAM service-account credentials file.
  170. #
  171. # Note: this service-account must have the following Pub/Sub roles:
  172. # * Pub/Sub Editor
  173. credentials_file=""
  174.  
  175. # Google Cloud project id.
  176. project_id=""
  177.  
  178. # Pub/Sub topic name.
  179. topic_name=""
  180.  
  181.  
  182. # Settings for the "internal api"
  183. #
  184. # This is the API used by LoRa Server to communicate with LoRa App Server
  185. # and should not be exposed to the end-user.
  186. [application_server.api]
  187. # ip:port to bind the api server
  188. bind="0.0.0.0:8001"
  189.  
  190. # ca certificate used by the api server (optional)
  191. ca_cert=""
  192.  
  193. # tls certificate used by the api server (optional)
  194. tls_cert=""
  195.  
  196. # tls key used by the api server (optional)
  197. tls_key=""
  198.  
  199. # Public ip:port of the application-server API.
  200. #
  201. # This is used by LoRa Server to connect to LoRa App Server. When running
  202. # LoRa App Server on a different host than LoRa Server, make sure to set
  203. # this to the host:ip on which LoRa Server can reach LoRa App Server.
  204. # The port must be equal to the port configured by the 'bind' flag
  205. # above.
  206. public_host="localhost:8001"
  207.  
  208.  
  209. # Settings for the "external api"
  210. #
  211. # This is the API and web-interface exposed to the end-user.
  212. [application_server.external_api]
  213. # ip:port to bind the (user facing) http server to (web-interface and REST / gRPC api)
  214. bind="0.0.0.0:8082"
  215.  
  216. # http server TLS certificate
  217. tls_cert="/opt/lora-app-server/certs/http.pem"
  218.  
  219. # http server TLS key
  220. tls_key="/opt/lora-app-server/certs/http-key.pem"
  221.  
  222. # JWT secret used for api authentication / authorization
  223. # You could generate this by executing 'openssl rand -base64 32' for example
  224. jwt_secret="0yXXXXXPsOZrHTevsf+VpwXXXXXzpY3g6V4adUOxV9Y="
  225.  
  226. # when set, existing users can't be re-assigned (to avoid exposure of all users to an organization admin)"
  227. disable_assign_existing_users=false
  228.  
  229.  
  230.  
  231. # Join-server configuration.
  232. #
  233. # LoRa App Server implements a (subset) of the join-api specified by the
  234. # LoRaWAN Backend Interfaces specification. This API is used by LoRa Server
  235. # to handle join-requests.
  236. [join_server]
  237. # ip:port to bind the join-server api interface to
  238. bind="0.0.0.0:8003"
  239.  
  240. # CA certificate (optional).
  241. #
  242. # When set, the server requires a client-certificate and will validate this
  243. # certificate on incoming requests.
  244. ca_cert=""
  245.  
  246. # TLS server-certificate (optional).
  247. #
  248. # Set this to enable TLS.
  249. tls_cert=""
  250.  
  251. # TLS server-certificate key (optional).
  252. #
  253. # Set this to enable TLS.
  254. tls_key=""
  255.  
  256.  
  257. # Key Encryption Key (KEK) configuration.
  258. #
  259. # The KEK meganism is used to encrypt the session-keys sent from the
  260. # join-server to the network-server.
  261. #
  262. # The LoRa App Server join-server will use the NetID of the requesting
  263. # network-server as the KEK label. When no such label exists in the set,
  264. # the session-keys will be sent unencrypted (which can be fine for
  265. # private networks).
  266. #
  267. # Please refer to the LoRaWAN Backend Interface specification
  268. # 'Key Transport Security' section for more information.
  269. [join_server.kek]
  270.  
  271. # Application-server KEK label.
  272. #
  273. # This defines the KEK label used to encrypt the AppSKey (note that the
  274. # AppSKey is signaled to the NS and on the first received uplink from the
  275. # NS to the AS).
  276. #
  277. # When left blank, the AppSKey will be sent unencrypted (which can be fine
  278. # for private networks).
  279. as_kek_label=""
  280.  
  281. # KEK set.
  282. #
  283. # Example (the [[join_server.kek.set]] can be repeated):
  284. # [[join_server.kek.set]]
  285. # # KEK label.
  286. # label="000000"
  287.  
  288. # # Key Encryption Key.
  289. # kek="01020304050607080102030405060708"
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!