Initial commit.

.gitignore

@@ -0,0 +1,6 @@
+# hidden files
+.*
+
+# data folder
+/data
+

README.md

@@ -0,0 +1,48 @@
+# LoRa Server Docker setup
+
+This repository contains a skeleton to setup the [LoRa Server](https://www.loraserver.io)
+project using [docker-compose](https://docs.docker.com/compose/).
+
+**Note:** Please use this `docker-compose.yml` file as a starting point for testing
+but keep in mind that for production usage it might need modifications. 
+
+## Directory layout
+
+* `docker-compose.yml`: the docker-compose file containing the services
+* `configuration/lora*`: directory containing the LoRa Server configuration files, see:
+    * https://www.loraserver.io/lora-gateway-bridge/install/config/
+    * https://www.loraserver.io/loraserver/install/config/
+    * https://www.loraserver.io/lora-app-server/install/config/
+* `configuration/postgresql/initdb/`: directory containing PostgreSQL initialization scripts
+* `data/postgresql`: directory containing the PostgreSQL data (auto-created)
+* `data/redis`: directory containing the Redis data (auto-created)
+
+## Configuration
+
+The LoRa Server components are pre-configured to work with the provided
+`docker-compose.yml` file and defaults to the EU868 LoRaWAN band. Please refer
+to the `configuration/loraserver/loraserver.toml` configuration file to
+configure a different band.
+
+## Requirements
+
+Before using this `docker-compose.yml` file, make sure you have [Docker](https://www.docker.com/community-edition)
+installed.
+
+## Usage
+
+To start all the LoRa Server components, simply run:
+
+```bash
+$ docker-compose up
+```
+
+After all the components have been initialized and started, you should be able
+to open https://localhost:8080/ in your browser. As the certificates under the
+`configuration/lora-app-server/certs` are self-signed, this will raise a warning.
+
+### Add network-server
+
+When adding the network-server in the LoRa App Server web-interface
+(see [network-servers](https://www.loraserver.io/lora-app-server/use/network-servers/)),
+you must enter `loraserver:8000` as the network-server `hostname:IP`.

configuration/lora-app-server/certs/http-key.pem

@@ -0,0 +1,52 @@
+-----BEGIN PRIVATE KEY-----
+MIIJQQIBADANBgkqhkiG9w0BAQEFAASCCSswggknAgEAAoICAQCmylm1uvBfVYB3
+PnHzpSJm02Vi2dvZtpBPnrGXS8ZcCNiwHs0I/Z2VGJMtTWDUAUOLo1vt46F4Jscv
+KFF5+hXs3C/3BVgwfL5He7NdI3JOdq6Pla40tsuBSg8y9ZC13e2Ljst81eeW3R6d
+YYob3H8h5oEQjqwoWLyPiN7ZlpYKoROawaXVxeAr/MhZyWEdZtsE5h99hiRX8pIE
+4fp6gr8UtDTklx3a3lk5S6jBesvV6K/Myc8yjgXrPKnNXwbturkLdQJRmAfRTHu9
+ylSMXeKR9Ygj5ie3dzNAKZ3Y4BDTJ6RlmQTpR1pZSNluoK1Dhm0qtNOGvaMZe20O
+OUvROFIzY6LhbpYTLxgUoCCa9ZVhllCLHl55EOswubFoYIGUEfGHMno9g6MSmIns
+Qha/vcPzYn08E1/r8t4dBb1lXarcpLyPEsdOCUCgjGlEeHP8VGebWV9L95zblIty
+4G10/dSMlxQyNHj0bSWdKzC1nq6vZ5Di3Vtr+DUDlr7YjLVqP+rQ026Yamc/8B7H
+h8/uXLQ33wSyTyElHkNPf+zqjvocEAcN0itrJwTe2r5c6j+R8bPjLYu/oot+s/A7
+6u5bqr/VDC3USNM4knYvhJxt4a7QNdy7SA3X3W2T7nCEF+wOGqPiQDp/SZlSPtf0
+31d60UOEYGe1Mh8vs2+9jD2bPGx/twIDAQABAoICAGVQKvgRyqsOI8/LFarbFy+A
+n2hRT5NKqxRCIDv34lDLatxoiUE51PvZBqWRCA0fi2kJ3PB+wflbDMjfY8aFG8ZZ
+5aTWEUC6tVZ0lHox6uAwhU5grIYGt00csGjS84kVepK4NXDp+hgQzuTod9z+rhbo
+jmOBVp/Xbwp9KGjhaNiiCWeK03IsFUSC8yxe/+e9L7MlGeHEltT5WqsunVjHjMxF
+vo9QH+lwAKCmDachMSoJgqgRuhNKY9wFaFuAqpPDRV3pQHRRtgXzwIKDoaH18YeZ
+ro2n4141QONrpB810+J/hQPV1D7jgcUUVEc3wKdww2UanBaPoL/80jy+nwhCfuMO
+zkkIA5l48S9in2M4suPkM2l+fbFhVDQ6cKguHp0udYh4WwoaZVEM9VFKeGfPselP
+5OIRUqM3z+VY3os68L5SLoAF++L1wvZiz8r21uDD+Z7WDE2VZ/Tq0ZxuJTLDmIqv
+/s1VknmVWCrp/OaN/JNG7BoYuXCg0nyUvI7W8whIvzgQ7IGlG8TNHAgGzEhJmA+/
+DDx7eKSJAva8aANOG/ie55R/rOmPPO9JrgOMEZ8yK2kcbloFg5gHf4xKezCQNkFb
+hSuZ84UmVipJA9u3k0/84rvjz9vk701bICNQa7aikDt6fkkW/pYYuFfPlHfwsJVG
+JgkaWvWjcPib5RwyYga5AoIBAQDb/omzsVNMbxd+8S4pMa6jB3YgRY+iiaq6w/My
+3OnUgQOxxRwE0pyviNP/wZWOSQ+cvdNaeohPRHGZfo+nMQ6MTexPScqIlEe8Cy6a
+rEq9I09siIplhJAnyfRJbZhohWROCj/cD3Im7Mg4wASCIxxk0ygL7n5fbx0MJdlW
+fw/NPiCALFHEz9FBAN+tnZR+BAxfzsDNbtuPhsPGNfZqPzxE/3h3kiUcMwPWU0Ii
+HR0SHPLtolsSviiy5eFqijNW7y+Xqyu4dzIFg0UuVYYe71Yakk5VJYiCND5PnJD1
+OPeQ+GZbV96F4OUbGY+pHYSfqReC3kPpwGJThtDeVGBbna3jAoIBAQDCFqSjrlsC
+hSEKOQBWaTZ4dqVA09pyjqGZQ+h9HX78kYDwCFxLgeZzw4GbulZYMC2Acvr5d/rp
+gFaJ/PiLeU1Bt+zcjslzoduE/feS2bi162MIZma06EL4StcFIlZWTjxnThc6v58Z
+D40sRCzM6bYwnYf1bxsZSJbWeQAdf/vAMy6IikBPAyQOdaU2Rqb5j1HWCcloGFEf
+TvY1ih7jOZsZ4A7FOuUha6YgjqVKz9iR6mabmqpKbhtHO/ywsG6N+BUJJxwxk5YU
+FOxjIzDeX8Pg3pp2Pk9JdGRm4Kq3PGB4RpENiQgZBpw6zs895yMktM+Ijz3Lwxod
+ukAI9xm2Oo8dAoIBAGHoW4KEhcz7mBpf3ippOQ7HcFQWgUFWQYyTTrYxSUPRE0LX
+tYuT7DXXEHq/vf6wF2mrtdeLtwSIMoKcp/RByfa5a1UyQxgb3f0bgOdHjI+2mk90
+SRu7Lqj2oWjYhL7ntudgemFG4ofeU5GmK5t7YtSggS8mOkng2q2gXqS3MeInJzHE
+B7QuxTNH30SWYBLhXFx7WKVVFBRBZvnc5EkO0ZTnmcalXSy6q5eEQGeMS3bXOWp3
+Gk8yIEzWMEdJMGYdVzIJ9RBIxBNeA7kGSQWVgN2chY4xgRppg93MkVsBunRjiLJY
+Xel5WJ2B98TNJUwlZhhRMSpj+56u3mBEbwn3F/8CggEAQv4H1AuRlFwZXGryZ+En
+EQt63NaDNzluI/XhoJX2x/z9MVzhZpquzdR0vyjhNs1iV0zYvhUgwUowFK8Bpzq2
+ZPG0Syjp9gSvPcdflguaiwh1hWe7GcR1oThL4ZTJkj6s8MdukzOjGcZZZycdA5nD
+7iHh1OCFzQNWNS9Mz+HmJqBD9pMpwVwHLQqEfSiD5+4FREjagRirn4/kwfQr1yiC
+FbtVvdQnVJLQo7o46Yq2aR8sTZdkIg7BUaQuA1rSviQcNq2OOLqFeecC9PEnpAoQ
+FWUgkaHOQj9vjGcN5fNsJPfOh4p+Bg1XDaFmvSoz4i6a17sBjHyKXip0geOwt0qd
+LQKCAQBAm/OPeAyhQAsP+UajtlFcrKZGlfXGouMksReD7v8P+6uTs24Jl16PiYZt
+UrqdQQkpH+3mH+rWnoDTdRmJT4nlpI7Uqp3LRs0XJM6DaZf1eO3JSF1lnvapbbAZ
+Jr8YYNunoMxKwLCWPz/YqEljnRTgDl+0EcMGTYR7v76IxekfkfaNIXFAOEqTE8YQ
+8Lp/iKlrFv2paV9lrYx7nLS7cMKTfbtliuy868+4e5SSCGmhcUxjwFnymRGHXSBG
+6dn32/N8m1B/6AK9N+BBpjbzPR8JzXNh3iLmbigysDFms/g2V4whO9oOpop/x8he
+ndDmaPuGcW0282eQmdNL4J9QNcbg
+-----END PRIVATE KEY-----

configuration/lora-app-server/certs/http.pem

@@ -0,0 +1,27 @@
+-----BEGIN CERTIFICATE-----
+MIIEpDCCAowCCQD85f2p9nWwaTANBgkqhkiG9w0BAQsFADAUMRIwEAYDVQQDDAls
+b2NhbGhvc3QwHhcNMTgwNDAzMDk1OTU4WhcNMTkwNDAzMDk1OTU4WjAUMRIwEAYD
+VQQDDAlsb2NhbGhvc3QwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCm
+ylm1uvBfVYB3PnHzpSJm02Vi2dvZtpBPnrGXS8ZcCNiwHs0I/Z2VGJMtTWDUAUOL
+o1vt46F4JscvKFF5+hXs3C/3BVgwfL5He7NdI3JOdq6Pla40tsuBSg8y9ZC13e2L
+jst81eeW3R6dYYob3H8h5oEQjqwoWLyPiN7ZlpYKoROawaXVxeAr/MhZyWEdZtsE
+5h99hiRX8pIE4fp6gr8UtDTklx3a3lk5S6jBesvV6K/Myc8yjgXrPKnNXwbturkL
+dQJRmAfRTHu9ylSMXeKR9Ygj5ie3dzNAKZ3Y4BDTJ6RlmQTpR1pZSNluoK1Dhm0q
+tNOGvaMZe20OOUvROFIzY6LhbpYTLxgUoCCa9ZVhllCLHl55EOswubFoYIGUEfGH
+Mno9g6MSmInsQha/vcPzYn08E1/r8t4dBb1lXarcpLyPEsdOCUCgjGlEeHP8VGeb
+WV9L95zblIty4G10/dSMlxQyNHj0bSWdKzC1nq6vZ5Di3Vtr+DUDlr7YjLVqP+rQ
+026Yamc/8B7Hh8/uXLQ33wSyTyElHkNPf+zqjvocEAcN0itrJwTe2r5c6j+R8bPj
+LYu/oot+s/A76u5bqr/VDC3USNM4knYvhJxt4a7QNdy7SA3X3W2T7nCEF+wOGqPi
+QDp/SZlSPtf031d60UOEYGe1Mh8vs2+9jD2bPGx/twIDAQABMA0GCSqGSIb3DQEB
+CwUAA4ICAQCPWR/q0vMM7SjV3k/2ZjzLgGRCZiDLrSxALa/6nKEda+v8OBWUoPkH
+fzrm4XNi+THjZputAANtLpeY5eDvO2R2X3+p6q/+W0SgFfQCsymG9T2uYxnaD2w5
+1hJo0bj4BN5Hw3aqSHulJE82z1NAvQWZAf+O6J3HowJX0u2SQwEbSGLLim6sf1Pv
+7ZX3o3u3lDY+BjHtzzFZUprWXugAoyfeRPb4tvUL6s5pUhcMy7Dn5ly5SHXrUwRL
+zfoMnYZLcNgd9mQSsj9Qm0DCVekl9AcGl42LNgJUfF+8d12TglZnDX+6sgHI77KI
+gXEjjSj7N5i1M6jqkdFjQBKRsMc0bQj4hB4Gx4qeUtv+YXq8tvJut6Lt8KL9KBb4
+L6DTWByBTXuBpCXiNoAn5sXzstLfTq1PcWNnmxEZyib6hmT0NnAXlVJtcNwW3P76
+yhWCFWWQCb8LBXgo8RlNEHWqnCNo3cHoQDtQ5AOQZRBh3YghqvCaKq3vjz6phT8D
+ErzF0sEmN88EPfN0gV8IJqNxeLVf3Wjy/vWF5cWqeV8DuTshnxhwYTgOWD/6rGd4
+UOjWsMHDY9/Sv4+aLu8JsYug6BID8uCGLjqxlsTKq+nwaXGEYDfxeY4cDYoyExUn
+NuPbqGyr4eyFkpgViRPIGjBJXHWs1ejEJcpNSYRPUxbaBpArG/UOjw==
+-----END CERTIFICATE-----

configuration/lora-app-server/lora-app-server.toml

@@ -0,0 +1,216 @@
+[general]
+# Log level
+#
+# debug=5, info=4, warning=3, error=2, fatal=1, panic=0
+log_level=4
+
+# The number of times passwords must be hashed. A higher number is safer as
+# an attack takes more time to perform.
+password_hash_iterations=100000
+
+
+# PostgreSQL settings.
+#
+# Please note that PostgreSQL 9.5+ is required.
+[postgresql]
+# PostgreSQL dsn (e.g.: postgres://user:password@hostname/database?sslmode=disable).
+#
+# Besides using an URL (e.g. 'postgres://user:password@hostname/database?sslmode=disable')
+# it is also possible to use the following format:
+# 'user=loraserver dbname=loraserver sslmode=disable'.
+#
+# The following connection parameters are supported:
+#
+# * dbname - The name of the database to connect to
+# * user - The user to sign in as
+# * password - The user's password
+# * host - The host to connect to. Values that start with / are for unix domain sockets. (default is localhost)
+# * port - The port to bind to. (default is 5432)
+# * sslmode - Whether or not to use SSL (default is require, this is not the default for libpq)
+# * fallback_application_name - An application_name to fall back to if one isn't provided.
+# * connect_timeout - Maximum wait for connection, in seconds. Zero or not specified means wait indefinitely.
+# * sslcert - Cert file location. The file must contain PEM encoded data.
+# * sslkey - Key file location. The file must contain PEM encoded data.
+# * sslrootcert - The location of the root certificate file. The file must contain PEM encoded data.
+#
+# Valid values for sslmode are:
+#
+# * disable - No SSL
+# * require - Always SSL (skip verification)
+# * verify-ca - Always SSL (verify that the certificate presented by the server was signed by a trusted CA)
+# * verify-full - Always SSL (verify that the certification presented by the server was signed by a trusted CA and the server host name matches the one in the certificate)
+dsn="postgres://loraserver_as:loraserver_as@postgresql/loraserver_as?sslmode=disable"
+
+# Automatically apply database migrations.
+#
+# It is possible to apply the database-migrations by hand
+# (see https://github.com/brocaar/lora-app-server/tree/master/migrations)
+# or let LoRa App Server migrate to the latest state automatically, by using
+# this setting. Make sure that you always make a backup when upgrading Lora
+# App Server and / or applying migrations.
+automigrate=true
+
+
+# Redis settings
+#
+# Please note that Redis 2.6.0+ is required.
+[redis]
+# Redis url (e.g. redis://user:password@hostname/0)
+#
+# For more information about the Redis URL format, see:
+# https://www.iana.org/assignments/uri-schemes/prov/redis
+url="redis://redis:6379"
+
+
+# Application-server settings.
+[application_server]
+# Application-server identifier.
+#
+# Random UUID defining the id of the application-server installation (used by
+# LoRa Server as routing-profile id).
+# For now it is recommended to not change this id.
+id="6d5db27e-4ce2-4b2b-b5d7-91f069397978"
+
+
+  # MQTT integration configuration used for publishing (data) events
+  # and scheduling downlink application payloads.
+  # Next to this integration which is always available, the user is able to
+  # configure additional per-application integrations.
+  [application_server.integration.mqtt]
+  # MQTT topic templates for the different MQTT topics.
+  #
+  # The meaning of these topics are documented at:
+  # https://docs.loraserver.io/lora-app-server/integrate/data/
+  #
+  # The following substitutions can be used:
+  # * "{{ .ApplicationID }}" for the application id.
+  # * "{{ .DevEUI }}" for the DevEUI of the device.
+  #
+  # Note: the downlink_topic_template must contain both the application id and
+  # DevEUI substitution!
+  uplink_topic_template="application/{{ .ApplicationID }}/node/{{ .DevEUI }}/rx"
+  downlink_topic_template="application/{{ .ApplicationID }}/node/{{ .DevEUI }}/tx"
+  join_topic_template="application/{{ .ApplicationID }}/node/{{ .DevEUI }}/join"
+  ack_topic_template="application/{{ .ApplicationID }}/node/{{ .DevEUI }}/ack"
+  error_topic_template="application/{{ .ApplicationID }}/node/{{ .DevEUI }}/error"
+
+  # MQTT server (e.g. scheme://host:port where scheme is tcp, ssl or ws)
+  server="tcp://mosquitto:1883"
+
+  # Connect with the given username (optional)
+  username=""
+
+  # Connect with the given password (optional)
+  password=""
+
+  # Quality of service level
+  #
+  # 0: at most once
+  # 1: at least once
+  # 2: exactly once
+  #
+  # Note: an increase of this value will decrease the performance.
+  # For more information: https://www.hivemq.com/blog/mqtt-essentials-part-6-mqtt-quality-of-service-levels
+  qos=0
+
+  # Clean session
+  #
+  # Set the "clean session" flag in the connect message when this client
+  # connects to an MQTT broker. By setting this flag you are indicating
+  # that no messages saved by the broker for this client should be delivered.
+  clean_session=true
+
+  # Client ID
+  #
+  # Set the client id to be used by this client when connecting to the MQTT
+  # broker. A client id must be no longer than 23 characters. When left blank,
+  # a random id will be generated. This requires clean_session=true.
+  client_id=""
+
+  # CA certificate file (optional)
+  #
+  # Use this when setting up a secure connection (when server uses ssl://...)
+  # but the certificate used by the server is not trusted by any CA certificate
+  # on the server (e.g. when self generated).
+  ca_cert=""
+
+  # TLS certificate file (optional)
+  tls_cert=""
+
+  # TLS key file (optional)
+  tls_key=""
+
+
+  # Settings for the "internal api"
+  #
+  # This is the API used by LoRa Server to communicate with LoRa App Server
+  # and should not be exposed to the end-user.
+  [application_server.api]
+  # ip:port to bind the api server
+  bind="0.0.0.0:8001"
+
+  # ca certificate used by the api server (optional)
+  ca_cert=""
+
+  # tls certificate used by the api server (optional)
+  tls_cert=""
+
+  # tls key used by the api server (optional)
+  tls_key=""
+
+  # Public ip:port of the application-server API.
+  #
+  # This is used by LoRa Server to connect to LoRa App Server. When running
+  # LoRa App Server on a different host than LoRa Server, make sure to set
+  # this to the host:ip on which LoRa Server can reach LoRa App Server.
+  # The port must be equal to the port configured by the 'bind' flag
+  # above.
+  public_host="appserver:8001"
+
+
+  # Settings for the "external api"
+  #
+  # This is the API and web-interface exposed to the end-user.
+  [application_server.external_api]
+  # ip:port to bind the (user facing) http server to (web-interface and REST / gRPC api)
+  bind="0.0.0.0:8080"
+
+  # http server TLS certificate
+  tls_cert="/etc/lora-app-server/certs/http.pem"
+
+  # http server TLS key
+  tls_key="/etc/lora-app-server/certs/http-key.pem"
+
+  # JWT secret used for api authentication / authorization
+  # You could generate this by executing 'openssl rand -base64 32' for example
+  jwt_secret="verysecret"
+
+  # when set, existing users can't be re-assigned (to avoid exposure of all users to an organization admin)"
+  disable_assign_existing_users=false
+
+
+
+# Join-server configuration.
+#
+# LoRa App Server implements a (subset) of the join-api specified by the
+# LoRaWAN Backend Interfaces specification. This API is used by LoRa Server
+# to handle join-requests.
+[join_server]
+# ip:port to bind the join-server api interface to
+bind="0.0.0.0:8003"
+
+# ca certificate used by the join-server api server
+ca_cert=""
+
+# tls certificate used by the join-server api server (optional)
+tls_cert=""
+
+# tls key used by the join-server api server (optional)
+tls_key=""
+
+
+# Network-server configuration.
+#
+# This configuration is only used to migrate from older LoRa App Server.
+[network_server]
+server="127.0.0.1:8000"

configuration/lora-gateway-bridge/lora-gateway-bridge.toml

@@ -0,0 +1,83 @@
+[general]
+# debug=5, info=4, warning=3, error=2, fatal=1, panic=0
+log_level = 4
+
+
+# Configuration which relates to the packet-forwarder.
+[packet_forwarder]
+# ip:port to bind the UDP listener to
+#
+# Example: 0.0.0.0:1700 to listen on port 1700 for all network interfaces.
+# This is the listeren to which the packet-forwarder forwards its data
+# so make sure the 'serv_port_up' and 'serv_port_down' from your
+# packet-forwarder matches this port.
+udp_bind = "0.0.0.0:1700"
+
+# Skip the CRC status-check of received packets
+#
+# This is only has effect when the packet-forwarder is configured to forward
+# LoRa frames with CRC errors.
+skip_crc_check = false
+
+
+# Configuration for the MQTT backend.
+[backend.mqtt]
+# MQTT topic templates for the different MQTT topics.
+#
+# The meaning of these topics are documented at:
+# https://docs.loraserver.io/lora-gateway-bridge/use/data/
+#
+# The default values match the default expected configuration of the
+# LoRa Server MQTT backend. Therefore only change these values when
+# absolutely needed.
+# Use "{{ .MAC }}" as an substitution for the LoRa gateway MAC. 
+uplink_topic_template="gateway/{{ .MAC }}/rx"
+downlink_topic_template="gateway/{{ .MAC }}/tx"
+stats_topic_template="gateway/{{ .MAC }}/stats"
+ack_topic_template="gateway/{{ .MAC }}/ack"
+
+# MQTT server (e.g. scheme://host:port where scheme is tcp, ssl or ws)
+server="tcp://mosquitto:1883"
+
+# Connect with the given username (optional)
+username=""
+
+# Connect with the given password (optional)
+password=""
+
+# Quality of service level
+#
+# 0: at most once
+# 1: at least once
+# 2: exactly once
+#
+# Note: an increase of this value will decrease the performance.
+# For more information: https://www.hivemq.com/blog/mqtt-essentials-part-6-mqtt-quality-of-service-levels
+qos=0
+
+# Clean session
+#
+# Set the "clean session" flag in the connect message when this client
+# connects to an MQTT broker. By setting this flag you are indicating
+# that no messages saved by the broker for this client should be delivered.
+clean_session=true
+
+# Client ID
+#
+# Set the client id to be used by this client when connecting to the MQTT
+# broker. A client id must be no longer than 23 characters. When left blank,
+# a random id will be generated. This requires clean_session=true.
+client_id=""
+
+# CA certificate file (optional)
+#
+# Use this when setting up a secure connection (when server uses ssl://...)
+# but the certificate used by the server is not trusted by any CA certificate
+# on the server (e.g. when self generated).
+ca_cert=""
+
+# mqtt TLS certificate file (optional)
+tls_cert=""
+
+# mqtt TLS key file (optional)
+tls_key=""

configuration/loraserver/loraserver.toml

@@ -0,0 +1,389 @@
+[general]
+# Log level
+#
+# debug=5, info=4, warning=3, error=2, fatal=1, panic=0
+log_level=4
+
+
+# PostgreSQL settings.
+#
+# Please note that PostgreSQL 9.5+ is required.
+[postgresql]
+# PostgreSQL dsn (e.g.: postgres://user:password@hostname/database?sslmode=disable).
+#
+# Besides using an URL (e.g. 'postgres://user:password@hostname/database?sslmode=disable')
+# it is also possible to use the following format:
+# 'user=loraserver dbname=loraserver sslmode=disable'.
+#
+# The following connection parameters are supported:
+#
+# * dbname - The name of the database to connect to
+# * user - The user to sign in as
+# * password - The user's password
+# * host - The host to connect to. Values that start with / are for unix domain sockets. (default is localhost)
+# * port - The port to bind to. (default is 5432)
+# * sslmode - Whether or not to use SSL (default is require, this is not the default for libpq)
+# * fallback_application_name - An application_name to fall back to if one isn't provided.
+# * connect_timeout - Maximum wait for connection, in seconds. Zero or not specified means wait indefinitely.
+# * sslcert - Cert file location. The file must contain PEM encoded data.
+# * sslkey - Key file location. The file must contain PEM encoded data.
+# * sslrootcert - The location of the root certificate file. The file must contain PEM encoded data.
+#
+# Valid values for sslmode are:
+#
+# * disable - No SSL
+# * require - Always SSL (skip verification)
+# * verify-ca - Always SSL (verify that the certificate presented by the server was signed by a trusted CA)
+# * verify-full - Always SSL (verify that the certification presented by the server was signed by a trusted CA and the server host name matches the one in the certificate)
+dsn="postgres://loraserver_ns:loraserver_ns@postgresql/loraserver_ns?sslmode=disable"
+
+# Automatically apply database migrations.
+#
+# It is possible to apply the database-migrations by hand
+# (see https://github.com/brocaar/loraserver/tree/master/migrations)
+# or let LoRa App Server migrate to the latest state automatically, by using
+# this setting. Make sure that you always make a backup when upgrading Lora
+# App Server and / or applying migrations.
+automigrate=true
+
+
+# Redis settings
+#
+# Please note that Redis 2.6.0+ is required.
+[redis]
+# Redis url (e.g. redis://user:password@hostname/0)
+#
+# For more information about the Redis URL format, see:
+# https://www.iana.org/assignments/uri-schemes/prov/redis
+url="redis://redis:6379"
+
+
+# Network-server settings.
+[network_server]
+# Network identifier (NetID, 3 bytes) encoded as HEX (e.g. 010203)
+net_id="010203"
+
+# Time to wait for uplink de-duplication.
+#
+# This is the time that LoRa Server will wait for other gateways to receive
+# the same uplink frame. Valid units are 'ms' or 's'.
+# Please note that this value has influence on the uplink / downlink
+# roundtrip time. Setting this value too high means LoRa Server will be
+# unable to respond to the device within its receive-window.
+deduplication_delay="200ms"
+
+# Device session expiration.
+#
+# The TTL value defines the time after which a device-session expires
+# after no activity. Valid units are 'ms', 's', 'm', 'h'. Note that these
+# values can be combined, e.g. '24h30m15s'.
+device_session_ttl="744h0m0s"
+
+# Get downlink data delay.
+#
+# This is the time that LoRa Server waits between forwarding data to the
+# application-server and reading data from the queue. A higher value
+# means that the application-server has more time to schedule a downlink
+# queue item which can be processed within the same uplink / downlink
+# transaction.
+# Please note that this value has influence on the uplink / downlink
+# roundtrip time. Setting this value too high means LoRa Server will be
+# unable to respond to the device within its receive-window.
+get_downlink_data_delay="100ms"
+
+
+  # LoRaWAN regional band configuration.
+  #
+  # Note that you might want to consult the LoRaWAN Regional Parameters
+  # specification for valid values that apply to your region.
+  # See: https://www.lora-alliance.org/lorawan-for-developers
+  [network_server.band]
+  # LoRaWAN band to use.
+  #
+  # Valid values are:
+  # *	AS_923
+  # * AU_915_928
+  # * CN_470_510
+  # * CN_779_787
+  # * EU_433
+  # * EU_863_870
+  # * IN_865_867
+  # * KR_920_923
+  # * RU_864_870
+  # * US_902_928
+  name="EU_863_870"
+
+  # Enforce 400ms dwell time
+  #
+  # Some band configurations define the max payload size for both dwell-time
+  # limitation enabled as disabled (e.g. AS 923). In this case the
+  # dwell time setting must be set to enforce the max payload size
+  # given the dwell-time limitation. For band configuration where the dwell-time is
+  # always enforced, setting this flag is not required.
+  dwell_time_400ms=false
+
+  # Enforce repeater compatibility
+  #
+  # Most band configurations define the max payload size for both an optional
+  # repeater encapsulation layer as for setups where a repeater will never
+  # be used. The latter case increases the max payload size for some data-rates.
+  # In case a repeater might used, set this flag to true.
+  repeater_compatible=false
+
+
+  # LoRaWAN network related settings.
+  [network_server.network_settings]
+  # Installation margin (dB) used by the ADR engine.
+  #
+  # A higher number means that the network-server will keep more margin,
+  # resulting in a lower data-rate but decreasing the chance that the
+  # device gets disconnected because it is unable to reach one of the
+  # surrounded gateways.
+  installation_margin=10
+
+  # Class A RX1 delay
+  #
+  # 0=1sec, 1=1sec, ... 15=15sec. A higher value means LoRa Server has more
+  # time to respond to the device as the delay between the uplink and the
+  # first receive-window will be increased.
+  rx1_delay=1
+
+  # RX1 data-rate offset
+  #
+  # Please consult the LoRaWAN Regional Parameters specification for valid
+  # options of the configured network_server.band.name.
+  rx1_dr_offset=0
+
+  # RX2 data-rate
+  #
+  # When set to -1, the default RX2 data-rate will be used for the configured
+  # LoRaWAN band.
+  #
+  # Please consult the LoRaWAN Regional Parameters specification for valid
+  # options of the configured network_server.band.name.
+  rx2_dr=-1
+
+  # RX2 frequency
+  #
+  # When set to -1, the default RX2 frequency will be used.
+  #
+  # Please consult the LoRaWAN Regional Parameters specification for valid
+  # options of the configured network_server.band.name.
+  rx2_frequency=-1
+
+  # Enable only a given sub-set of channels
+  #
+  # Use this when ony a sub-set of the by default enabled channels are being
+  # used. For example when only using the first 8 channels of the US band.
+  # 
+  # Example:
+  # enabled_uplink_channels=[0, 1, 2, 3, 4, 5, 6, 7]
+  enabled_uplink_channels=[]
+
+
+  # Extra channel configuration.
+  #
+  # Use this for LoRaWAN regions where it is possible to extend the by default
+  # available channels with additional channels (e.g. the EU band).
+  # The first 5 channels will be configured as part of the OTAA join-response
+  # (using the CFList field).
+  # The other channels (or channel / data-rate changes) will be (re)configured
+  # using the NewChannelReq mac-command.
+  #
+  # Example:
+  # [[network_server.network_settings.extra_channels]]
+  # frequency=867100000
+  # min_dr=0
+  # max_dr=5
+
+  # [[network_server.network_settings.extra_channels]]
+  # frequency=867300000
+  # min_dr=0
+  # max_dr=5
+
+  # [[network_server.network_settings.extra_channels]]
+  # frequency=867500000
+  # min_dr=0
+  # max_dr=5
+
+  # [[network_server.network_settings.extra_channels]]
+  # frequency=867700000
+  # min_dr=0
+  # max_dr=5
+
+  # [[network_server.network_settings.extra_channels]]
+  # frequency=867900000
+  # min_dr=0
+  # max_dr=5
+
+
+  # Class B settings
+  [network_server.network_settings.class_b]
+  # Ping-slot data-rate.
+  ping_slot_dr=0
+
+  # Ping-slot frequency (Hz)
+  #
+  # Set this to 0 to use the default frequency plan for the configured region
+  # (which could be frequency hopping).
+  ping_slot_frequency=0
+
+
+  # Network-server API
+  #
+  # This is the network-server API that is used by LoRa App Server or other
+  # custom components interacting with LoRa Server.
+  [network_server.api]
+  # ip:port to bind the api server
+  bind="0.0.0.0:8000"
+
+  # ca certificate used by the api server (optional)
+  ca_cert=""
+
+  # tls certificate used by the api server (optional)
+  tls_cert=""
+
+  # tls key used by the api server (optional)
+  tls_key=""
+
+  # Gateway API
+  # 
+  # This API is used by the LoRa Channel Manager component to fetch
+  # channel configuration.
+  [network_server.gateway.api]
+  # ip:port to bind the api server
+  bind="0.0.0.0:8002"
+
+  # CA certificate used by the api server (optional)
+  ca_cert=""
+
+  # tls certificate used by the api server (optional)
+  tls_cert=""
+
+  # tls key used by the api server (optional)
+  tls_key=""
+
+  # JWT secret used by the gateway api server for gateway authentication / authorization
+  jwt_secret="verysecret"
+
+  # Gateway statistics settings.
+  [network_server.gateway.stats]
+  # Create non-existing gateways on receiving of stats
+  #
+  # When set to true, LoRa Server will create the gateway when it receives
+  # statistics for a gateway that does not yet exist.
+  create_gateway_on_stats=true
+
+  # Aggregation timezone
+  #
+  # This timezone is used for correctly aggregating the statistics (for example
+  # 'Europe/Amsterdam').
+  # To get the list of supported timezones by your PostgreSQL database,
+  # execute the following SQL query:
+  #   select * from pg_timezone_names;
+  # When left blank, the default timezone of your database will be used.
+  timezone=""
+
+  # Aggregation intervals to use for aggregating the gateway stats
+  #
+  # Valid options: second, minute, hour, day, week, month, quarter, year.
+  # When left empty, no statistics will be stored in the database.
+  # Note, LoRa App Server expects at least "minute", "day", "hour"!
+  aggregation_intervals=["minute", "hour", "day"]
+
+
+  # MQTT gateway backend settings.
+  #
+  # This is the backend communicating with the LoRa gateways over a MQTT broker.
+  [network_server.gateway.backend.mqtt]
+  # MQTT topic templates for the different MQTT topics.
+  #
+  # The meaning of these topics are documented at:
+  # https://docs.loraserver.io/lora-gateway-bridge/use/data/
+  #
+  # The default values match the default expected configuration of the
+  # LoRa Gateway Bridge MQTT backend. Therefore only change these values when
+  # absolutely needed.
+  # Use "{{ .MAC }}" as an substitution for the LoRa gateway MAC. 
+  uplink_topic_template="gateway/+/rx"
+  downlink_topic_template="gateway/{{ .MAC }}/tx"
+  stats_topic_template="gateway/+/stats"
+  ack_topic_template="gateway/+/ack"
+
+  # MQTT server (e.g. scheme://host:port where scheme is tcp, ssl or ws)
+  server="tcp://mosquitto:1883"
+
+  # Connect with the given username (optional)
+  username=""
+
+  # Connect with the given password (optional)
+  password=""
+
+  # Quality of service level
+  #
+  # 0: at most once
+  # 1: at least once
+  # 2: exactly once
+  #
+  # Note: an increase of this value will decrease the performance.
+  # For more information: https://www.hivemq.com/blog/mqtt-essentials-part-6-mqtt-quality-of-service-levels
+  qos=0
+
+  # Clean session
+  #
+  # Set the "clean session" flag in the connect message when this client
+  # connects to an MQTT broker. By setting this flag you are indicating
+  # that no messages saved by the broker for this client should be delivered.
+  clean_session=true
+
+  # Client ID
+  #
+  # Set the client id to be used by this client when connecting to the MQTT
+  # broker. A client id must be no longer than 23 characters. When left blank,
+  # a random id will be generated. This requires clean_session=true.
+  client_id=""
+
+  # CA certificate file (optional)
+  #
+  # Use this when setting up a secure connection (when server uses ssl://...)
+  # but the certificate used by the server is not trusted by any CA certificate
+  # on the server (e.g. when self generated).
+  ca_cert=""
+
+  # TLS certificate file (optional)
+  tls_cert=""
+
+  # TLS key file (optional)
+  tls_key=""
+
+
+# Default join-server settings.
+[join_server.default]
+# hostname:port of the default join-server
+#
+# This API is provided by LoRa App Server.
+server="http://appserver:8003"
+
+# ca certificate used by the default join-server client (optional)
+ca_cert=""
+
+# tls certificate used by the default join-server client (optional)
+tls_cert=""
+
+# tls key used by the default join-server client (optional)
+tls_key=""
+
+
+# Network-controller configuration.
+[network_controller]
+# hostname:port of the network-controller api server (optional)
+server=""
+
+# ca certificate used by the network-controller client (optional)
+ca_cert=""
+
+# tls certificate used by the network-controller client (optional)
+tls_cert=""
+
+# tls key used by the network-controller client (optional)
+tls_key=""

configuration/postgresql/initdb/001-init-loraserver_ns.sh

@@ -0,0 +1,7 @@
+#!/bin/bash
+set -e
+
+psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" <<-EOSQL
+    create role loraserver_ns with login password 'loraserver_ns';
+    create database loraserver_ns with owner loraserver_ns;
+EOSQL

configuration/postgresql/initdb/002-init-loraserver_as.sh

@@ -0,0 +1,7 @@
+#!/bin/bash
+set -e
+
+psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" <<-EOSQL
+    create role loraserver_as with login password 'loraserver_as';
+    create database loraserver_as with owner loraserver_as;
+EOSQL

configuration/postgresql/initdb/003-loraserver_as_trgm.sh

@@ -0,0 +1,6 @@
+#!/bin/bash
+set -e
+
+psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --dbname="loraserver_as" <<-EOSQL
+    create extension pg_trgm;
+EOSQL

docker-compose.yml

@@ -0,0 +1,41 @@
+version: "2"
+
+services:
+  loraserver:
+    image: loraserver/loraserver:latest
+    volumes:
+      - ./configuration/loraserver:/etc/loraserver
+
+  appserver:
+    image: loraserver/lora-app-server:latest
+    ports:
+      - 8080:8080
+    volumes:
+      - ./configuration/lora-app-server:/etc/lora-app-server
+
+  gatewaybridge:
+    image: loraserver/lora-gateway-bridge:latest
+    ports:
+      - 1700:1700/udp
+    volumes:
+      - ./configuration/lora-gateway-bridge:/etc/lora-gateway-bridge
+  
+  postgresql:
+    image: postgres:9.6-alpine
+    ports:
+      - 5432
+    volumes:
+      - ./configuration/postgresql/initdb:/docker-entrypoint-initdb.d
+      - ./data/postgresql:/var/lib/postgresql/data
+
+  redis:
+    ports:
+      - 6379
+    image: redis:4-alpine
+    volumes:
+      - ./data/redis:/data
+
+  mosquitto:
+    image: eclipse-mosquitto
+    ports:
+      - 1883:1883