-
Notifications
You must be signed in to change notification settings - Fork 1
Deployment Guide
aredn-cloud-tunnel requires a PostgreSQL database for operation. The deployment of the database is left as an exercise to the reader. The Docker Compose option contains a database.
Connect to the database with psql
(docs) and run the following commands. Make sure to change the changeme
password below to a more appropriate secure password.
CREATE USER aredn WITH ENCRYPTED PASSWORD 'changeme';
CREATE DATABASE "aredn";
ALTER DATABASE aredn OWNER TO aredn;
GRANT ALL PRIVILEGES ON DATABASE aredn TO aredn;
\c aredn
GRANT ALL ON schema public TO aredn;
Docker images are published in GitHub here: https://github.com/USA-RedDragon/aredn-cloud-tunnel/pkgs/container/aredn-cloud-tunnel.
The Docker image supports the following architectures:
- linux/amd64
- linux/arm64
Docker images are based on aredn-base. Tags are formed based on the Git tag. For example, v1.0.4 will be tagged ghcr.io/usa-reddragon/aredn-cloud-tunnel:v1.0.4
.
Several environment variables are required to be set for operation. These are described below
-
SERVER_NAME
is the desired DNS hostname of the node -
VTUN_STARTING_ADDRESS
is the beginning address for VTun clients. Make sure this is in the172.16.0.0/12
range and that you don't conflict with any peers in the address space. -
NODE_IP
is the desired AREDN IP for the node in the10.0.0.0/8
range. -
SERVER_LAT
is the server's latitude, used in the/cgi-bin/sysinfo.json
route for MeshMap. -
SERVER_LON
is the server's longitude, used in the/cgi-bin/sysinfo.json
route for MeshMap. -
SERVER_GRIDSQUARE
is the server's HAM gridsquare. This can be found with https://www.qrz.com/gridmapper. -
PG_USER
is the user to connect to the PostgreSQL database with. -
PG_PASSWORD
is the password used to connect to PostgreSQL with. -
PG_PORT
is the port to connect to PostgreSQL on. -
PG_DATABASE
is the database to connect to in PostgreSQL. -
PASSWORD_SALT
is the password salt. It is recommended to generate a 15+ character random password different from theSESSION_SECRET
. -
SESSION_SECRET
is the session encryption secret. It is recommended to generate a 15+ character random password different from thePASSWORD_SALT
.
A docker-compose.yml
file can be found at https://github.com/USA-RedDragon/aredn-cloud-tunnel/blob/main/docker-compose.yml. Save this to a folder on your deployment target. Edit any environment variables to fit your configuration. The PostgreSQL-related variables do not need to be changed.
With Docker and Docker Compose installed, run docker-compose up -d
in the same directory as the docker-compose.yml
file to start aredn-cloud-tunnel and PostgreSQL.
To run aredn-cloud-tunnel, replace the -e ENVIRONMENT_VAR=value
line in the following command with the environment variables required to configure the app. Multiple environment variables require multiple -e
arguments before them. For example -e ENV1=val1 -e ENV2=val2
.
sudo docker run \
-d \
--restart unless-stopped \
-e ENVIRONMENT_VAR=value \
-p 5525:5525 \
-p 8080:80 \
--name aredn-cloud-tunnel \
ghcr.io/usa-reddragon/aredn-cloud-tunnel:1.0
To change the port mapping of aredn-cloud-tunnel, replace the port number of the -p
options before the :
to the port you want aredn-cloud-tunnel to listen on locally. In the example above, port 8080 on the host corresponds with port 80 inside the container. Port 5525 is used for TCP VTun connections.
Terraform configurations for GCP exist at https://github.com/USA-RedDragon/aredn-cloud-tunnel/tree/main/infra-gcp
Terraform configurations for AWS exist at https://github.com/USA-RedDragon/aredn-cloud-tunnel/tree/main/infra
Multiple aredn-cloud-tunnels need to be deployed in the same Docker network with one having the SUPERNODE
and SUPERNODE_ZONE
environment variables set in order to use supernode functionality.