Commit Graph

7 Commits

Author SHA1 Message Date
Dušan Borovčanin 9d30006d31 NOISSUE - Update nginx version (#748)
* Update version of the Nginx image

Signed-off-by: Dušan Borovčanin <dusan.borovcanin@mainflux.com>

* Add undefined check for HTTP and WS

Signed-off-by: Dušan Borovčanin <dusan.borovcanin@mainflux.com>
2019-05-16 11:59:23 +02:00
Dušan Borovčanin f9b17d5f24 MF-651 - X509 Mutual TLS authentication (#676)
* Use NginX njs module for mutual authentication

Signed-off-by: Dušan Borovčanin <dusan.borovcanin@mainflux.com>

* Add Makefile for cert management

Signed-off-by: Dušan Borovčanin <dusan.borovcanin@mainflux.com>

* Move certificates make context to scripts dir

Signed-off-by: Dušan Borovčanin <dusan.borovcanin@mainflux.com>

* Move nginx.conf to separate directory

Signed-off-by: Dušan Borovčanin <dusan.borovcanin@mainflux.com>

* Choose between two NginX configurations

Signed-off-by: Dušan Borovčanin <dusan.borovcanin@mainflux.com>

* Move certs Makefile to docker/ssl/

Signed-off-by: Dušan Borovčanin <dusan.borovcanin@mainflux.com>

* Use default key-based authentication

Signed-off-by: Dušan Borovčanin <dusan.borovcanin@mainflux.com>

* Add mTLS docs

Signed-off-by: Dušan Borovčanin <dusan.borovcanin@mainflux.com>

* Update Makefile

Signed-off-by: Dušan Borovčanin <dusan.borovcanin@mainflux.com>

* Add check if Authorization is present

Signed-off-by: Dušan Borovčanin <dusan.borovcanin@mainflux.com>

* Add check if Will Flag is 1

Signed-off-by: Dušan Borovčanin <dusan.borovcanin@mainflux.com>

* Return MQTT over WS

Signed-off-by: Dušan Borovčanin <dusan.borovcanin@mainflux.com>

* Fix docker-compose.yml volume mapping

Signed-off-by: Dušan Borovčanin <dusan.borovcanin@mainflux.com>

* Rename security section in docs

Signed-off-by: Dušan Borovčanin <dusan.borovcanin@mainflux.com>

* Add message type check before message parsing

Signed-off-by: Dušan Borovčanin <dusan.borovcanin@mainflux.com>

* Remove double comments

Signed-off-by: Dušan Borovčanin <dusan.borovcanin@mainflux.com>

* Remove s.AGAIN in return

Signed-off-by: Dušan Borovčanin <dusan.borovcanin@mainflux.com>

* Update Makefile

Signed-off-by: Dušan Borovčanin <dusan.borovcanin@mainflux.com>

* Remove CSR and key from the root

Signed-off-by: Dušan Borovčanin <dusan.borovcanin@mainflux.com>

* Drop TLS version below 1.2

Signed-off-by: Dušan Borovčanin <dusan.borovcanin@mainflux.com>

* Add comments for cert and key paths

Signed-off-by: Dušan Borovčanin <dusan.borovcanin@mainflux.com>
2019-04-02 17:54:24 +02:00
nwest1 260df3ae40 MF-426 - Add optional MF_CA_CERTS env variable to allow GRPC client to use TLS certs (#430)
* MF-426-Add optional MF_CA_CERTS env variable to allow GRPC client to use TLS certs

Signed-off-by: nwest1 <nwest1@users.noreply.github.com>

* enable things client to be configured with a ca cert path

Signed-off-by: nwest1 <nwest1@users.noreply.github.com>

* MF_CA_CERTS docs for http adapter and things service, additional logging and improved error handling when setting up TLS gRPC client

Signed-off-by: nwest1 <nwest1@users.noreply.github.com>

* refactor things connect to separate function

Signed-off-by: nwest1 <nwest1@users.noreply.github.com>

* getting-started updates, corrected things env variable

Signed-off-by: nwest1 <nwest1@users.noreply.github.com>

* clarifying ca certs default functionality

Signed-off-by: nwest1 <nwest1@users.noreply.github.com>

* configuring tls termination at service endpoint

Signed-off-by: nwest1 <nwest1@users.noreply.github.com>

* enable TLS configuration for users and things

Signed-off-by: nwest1 <nwest1@users.noreply.github.com>

* nginx forwarding

Signed-off-by: nwest1 <nwest1@users.noreply.github.com>

* go imports

Signed-off-by: nwest1 <nwest1@users.noreply.github.com>

* bad logging change

Signed-off-by: nwest1 <nwest1@users.noreply.github.com>

* naming specifically to the http adapter component

Signed-off-by: nwest1 <nwest1@users.noreply.github.com>

* updated tls keys, slightly different grpc configuration

set localhost, users and things as subject alternative names

Signed-off-by: nwest1 <nwest1@users.noreply.github.com>

* log message consistency

Signed-off-by: nwest1 <nwest1@users.noreply.github.com>

* readme updates related to server ssl configuration

Signed-off-by: nwest1 <nwest1@users.noreply.github.com>

* Trying to resolve confilcts

Signed-off-by: nwest1 <nwest1@users.noreply.github.com>

* removing conflicting lines from docker-compose

Signed-off-by: nwest1 <nwest1@users.noreply.github.com>

* adding back http-adapter configuration

Signed-off-by: nwest1 <nwest1@users.noreply.github.com>

* slight readme update

Signed-off-by: nwest1 <nwest1@users.noreply.github.com>

* readme tweaks

Signed-off-by: nwest1 <nwest1@users.noreply.github.com>
2018-11-06 21:09:17 +01:00
Drasko DRASKOVIC 301d855015
Add CA cert (#215)
Signed-off-by: drasko <drasko.draskovic@gmail.com>
2018-04-04 02:29:29 +02:00
Dejan Mijić ccd8965d6f Use PostgreSQL as primary persistence solution (#175)
* Use normalizer as stream source

Renamed 'writer' service to 'normalizer' and dropped Cassandra
facilities from it. Extracted the common dependencies to 'mainflux'
package for easier sharing. Fixed the API docs and unified environment
variables.

Signed-off-by: Dejan Mijic <dejan@mainflux.com>

* Use docker build arguments to specify build

Signed-off-by: Dejan Mijic <dejan@mainflux.com>

* Remove cassandra libraries

Signed-off-by: Dejan Mijic <dejan@mainflux.com>

* Update go-kit version to 0.6.0

Signed-off-by: Dejan Mijic <dejan@mainflux.com>

* Fix manager configuration

Signed-off-by: Dejan Mijic <dejan@mainflux.com>

* Refactor docker-compose

Merged individual compose files and dropped external links. Remove CoAP
container since it is not referenced from NginX config at the moment.
Update port mapping in compose and nginx.conf. Dropped bin scripts.
Updated service documentation.

Signed-off-by: Dejan Mijic <dejan@mainflux.com>

* Drop content-type check

Signed-off-by: Dejan Mijic <dejan@mainflux.com>

* Implement users data access layer in PostgreSQL

Signed-off-by: Dejan Mijic <dejan@mainflux.com>

* Bump version to 0.1.0

Signed-off-by: Dejan Mijic <dejan@mainflux.com>

* Use go-kit logger everywhere (except CoAP)

Signed-off-by: Dejan Mijic <dejan@mainflux.com>

* Improve factory methods naming

Signed-off-by: Dejan Mijic <dejan@mainflux.com>

* Implement clients data access layer on PostgreSQL

Signed-off-by: Dejan Mijic <dejan@mainflux.com>

* Make tests stateless

All tests are refactored to use map-based table-driven tests. No
cross-tests dependencies is present anymore.

Signed-off-by: Dejan Mijic <dejan@mainflux.com>

* Remove gitignore

Signed-off-by: Dejan Mijic <dejan@mainflux.com>

* Fix nginx proxying

Signed-off-by: Dejan Mijic <dejan@mainflux.com>

* Mark client-user FK explicit

Signed-off-by: Dejan Mijic <dejan@mainflux.com>

* Update API documentation

Signed-off-by: Dejan Mijic <dejan@mainflux.com>

* Update channel model

Signed-off-by: Dejan Mijic <dejan@mainflux.com>

* Add channel PostgreSQL repository tests

Signed-off-by: Dejan Mijic <dejan@mainflux.com>

* Implement PostgreSQL channels DAO

Replaced update queries with raw SQL. Explicitly defined M2M table due
to difficulties of ensuring the referential integrity through GORM.

Signed-off-by: Dejan Mijic <dejan@mainflux.com>

* Expose connection endpoints

Signed-off-by: Dejan Mijic <dejan@mainflux.com>

* Fix swagger docs and remove DB logging

Signed-off-by: Dejan Mijic <dejan@mainflux.com>

* Fix nested query remarks

Signed-off-by: Dejan Mijic <dejan@mainflux.com>

* Add unique indices

Signed-off-by: Dejan Mijic <dejan@mainflux.com>
2018-03-11 18:06:01 +01:00
Dejan Mijic 6347d6cbf3
Reorganize utility scripts
Moved docker composition management into 'bin' directory. Removed unused
monitoring composition and fixed versions of NATS, Cassandra and NGINX.

Signed-off-by: Dejan Mijic <dejan@mainflux.com>
2017-09-25 12:29:48 +02:00
Drasko DRASKOVIC cc3283c32b Add NGINX Docker support
Signed-off-by: Drasko DRASKOVIC <drasko.draskovic@gmail.com>
2017-09-19 00:28:31 +02:00