From fd0fb2a8068bd94ec1f3b7f28adf840e9987d79d Mon Sep 17 00:00:00 2001
From: Mirko Teodorovic <mirko.teodorovic@gmail.com>
Date: Wed, 10 Jun 2020 10:40:13 +0200
Subject: [PATCH] update vars and docker-compose (#97)

Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com>
---
 .env                                          | 16 +++++-----
 docker/docker-compose.yml                     | 15 +++++----
 docker/nginx/entrypoint.sh                    |  4 +--
 docker/nginx/nginx-key.conf                   |  4 +--
 docker/nginx/nginx-x509.conf                  |  4 +--
 .../nginx/snippets/mqtt-upstream-cluster.conf |  8 ++---
 .../nginx/snippets/mqtt-upstream-single.conf  |  4 +--
 docker/ssl/authorization.js                   | 32 ++++++-------------
 8 files changed, 38 insertions(+), 49 deletions(-)

diff --git a/.env b/.env
index 8f2b38f5..6aa6a93f 100644
--- a/.env
+++ b/.env
@@ -32,7 +32,7 @@ MF_AUTHN_LOG_LEVEL=debug
 MF_AUTHN_HTTP_PORT=8189
 MF_AUTHN_GRPC_PORT=8181
 MF_AUTHN_GRPC_URL=authn:8181
-MF_AUTHN_GRPC_TIMEOUT=1
+MF_AUTHN_GRPC_TIMEOUT=1s
 MF_AUTHN_DB_PORT=5432
 MF_AUTHN_DB_USER=mainflux
 MF_AUTHN_DB_PASS=mainflux
@@ -66,7 +66,7 @@ MF_THINGS_HTTP_PORT=8182
 MF_THINGS_AUTH_HTTP_PORT=8989
 MF_THINGS_AUTH_GRPC_PORT=8183
 MF_THINGS_AUTH_GRPC_URL=things:8183
-MF_THINGS_AUTH_GRPC_TIMEOUT=1
+MF_THINGS_AUTH_GRPC_TIMEOUT=1s
 MF_THINGS_DB_PORT=5432
 MF_THINGS_DB_USER=mainflux
 MF_THINGS_DB_PASS=mainflux
@@ -76,16 +76,12 @@ MF_THINGS_ES_URL=localhost:6379
 MF_THINGS_ES_PASS=
 MF_THINGS_ES_DB=0
 
-### WS
-MF_WS_ADAPTER_LOG_LEVEL=debug
-MF_WS_ADAPTER_PORT=8186
-
 ### HTTP
 MF_HTTP_ADAPTER_PORT=8185
 
 ### MQTT
 MF_MQTT_ADAPTER_LOG_LEVEL=debug
-MF_MQTT_ADAPTER_PORT=1883
+MF_MQTT_ADAPTER_MQTT_PORT=1883
 MF_MQTT_BROKER_PORT=1883
 MF_MQTT_ADAPTER_WS_PORT=8080
 MF_MQTT_BROKER_WS_PORT=8080
@@ -136,6 +132,7 @@ MF_INFLUX_WRITER_DB_USER=mainflux
 MF_INFLUX_WRITER_DB_PASS=mainflux
 MF_INFLUX_WRITER_DB=mainflux
 MF_INFLUX_WRITER_GRAFANA_PORT=3001
+MF_INFLUX_WRITER_CONTENT_TYPE=application/senml+json
 
 ### InfluxDB Reader
 MF_INFLUX_READER_LOG_LEVEL=debug
@@ -162,4 +159,7 @@ MF_TWINS_SINGLE_USER_TOKEN=""
 MF_TWINS_CLIENT_TLS=""
 MF_TWINS_CA_CERTS=""
 MF_TWINS_MQTT_URL=tcp://mqtt-adapter:1883
-MF_TWINS_CHANNEL_ID=
+MF_TWINS_CHANNEL_ID=""
+MF_TWINS_CACHE_URL=localhost:6379
+MF_TWINS_CACHE_PASS=""
+MF_TWINS_CACHE_DB=0
diff --git a/docker/docker-compose.yml b/docker/docker-compose.yml
index f5290577..a02ebf0c 100644
--- a/docker/docker-compose.yml
+++ b/docker/docker-compose.yml
@@ -11,7 +11,7 @@ volumes:
   mainflux-authn-db-volume:
   mainflux-users-db-volume:
   mainflux-things-db-volume:
-  mainflux-things-redis-volume:
+  mainflux-auth-redis-volume:
   mainflux-es-redis-volume:
   mainflux-influxdb-volume:
   mainflux-bootstrap-db-volume:
@@ -174,14 +174,14 @@ services:
     volumes:
       - mainflux-things-db-volume:/var/lib/postgresql/data
 
-  things-redis:
+  auth-redis:
     image: redis:5.0-alpine
-    container_name: mainflux-things-redis
+    container_name: mainflux-auth-redis
     restart: on-failure
     networks:
       - mainflux-base-net
     volumes:
-      - mainflux-things-redis-volume:/data
+      - mainflux-auth-redis-volume:/data
 
   things:
     image: mainflux/things:latest
@@ -197,7 +197,7 @@ services:
       MF_THINGS_DB_USER: ${MF_THINGS_DB_USER}
       MF_THINGS_DB_PASS: ${MF_THINGS_DB_PASS}
       MF_THINGS_DB: ${MF_THINGS_DB}
-      MF_THINGS_CACHE_URL: things-redis:${MF_REDIS_TCP_PORT}
+      MF_THINGS_CACHE_URL: auth-redis:${MF_REDIS_TCP_PORT}
       MF_THINGS_ES_URL: es-redis:${MF_REDIS_TCP_PORT}
       MF_THINGS_HTTP_PORT: ${MF_THINGS_HTTP_PORT}
       MF_THINGS_AUTH_HTTP_PORT: ${MF_THINGS_AUTH_HTTP_PORT}
@@ -225,7 +225,7 @@ services:
       - mainflux-base-net
 
   vernemq:
-    image: mainflux/vernemq:1.10.1-alpine
+    image: mainflux/vernemq:latest
     container_name: mainflux-vernemq
     restart: on-failure
     environment:
@@ -247,7 +247,7 @@ services:
     restart: on-failure
     environment:
       MF_MQTT_ADAPTER_LOG_LEVEL: ${MF_MQTT_ADAPTER_LOG_LEVEL}
-      MF_MQTT_ADAPTER_PORT: ${MF_MQTT_ADAPTER_PORT}
+      MF_MQTT_ADAPTER_MQTT_PORT: ${MF_MQTT_ADAPTER_MQTT_PORT}
       MF_MQTT_ADAPTER_WS_PORT: ${MF_MQTT_ADAPTER_WS_PORT}
       MF_MQTT_ADAPTER_ES_URL: es-redis:${MF_REDIS_TCP_PORT}
       MF_NATS_URL: ${MF_NATS_URL}
@@ -258,6 +258,7 @@ services:
       MF_JAEGER_URL: ${MF_JAEGER_URL}
       MF_THINGS_AUTH_GRPC_URL: ${MF_THINGS_AUTH_GRPC_URL}
       MF_THINGS_AUTH_GRPC_TIMEOUT: ${MF_THINGS_AUTH_GRPC_TIMEOUT}
+      MF_AUTH_CACHE_URL: auth-redis:${MF_REDIS_TCP_PORT}
     networks:
       - mainflux-base-net
 
diff --git a/docker/nginx/entrypoint.sh b/docker/nginx/entrypoint.sh
index cbea7b41..b5d15cab 100755
--- a/docker/nginx/entrypoint.sh
+++ b/docker/nginx/entrypoint.sh
@@ -2,10 +2,10 @@
 
 if [ -z "$MF_MQTT_CLUSTER" ]
 then
-      envsubst '${MF_MQTT_ADAPTER_PORT}' < /etc/nginx/snippets/mqtt-upstream-single.conf > /etc/nginx/snippets/mqtt-upstream.conf
+      envsubst '${MF_MQTT_ADAPTER_MQTT_PORT}' < /etc/nginx/snippets/mqtt-upstream-single.conf > /etc/nginx/snippets/mqtt-upstream.conf
       envsubst '${MF_MQTT_ADAPTER_WS_PORT}' < /etc/nginx/snippets/mqtt-ws-upstream-single.conf > /etc/nginx/snippets/mqtt-ws-upstream.conf
 else
-      envsubst '${MF_MQTT_ADAPTER_PORT}' < /etc/nginx/snippets/mqtt-upstream-cluster.conf > /etc/nginx/snippets/mqtt-upstream.conf
+      envsubst '${MF_MQTT_ADAPTER_MQTT_PORT}' < /etc/nginx/snippets/mqtt-upstream-cluster.conf > /etc/nginx/snippets/mqtt-upstream.conf
       envsubst '${MF_MQTT_ADAPTER_WS_PORT}' < /etc/nginx/snippets/mqtt-ws-upstream-cluster.conf > /etc/nginx/snippets/mqtt-ws-upstream.conf
 fi
 
diff --git a/docker/nginx/nginx-key.conf b/docker/nginx/nginx-key.conf
index 9e1fc3ba..7a84e47f 100644
--- a/docker/nginx/nginx-key.conf
+++ b/docker/nginx/nginx-key.conf
@@ -79,10 +79,10 @@ http {
         }
 
         # Proxy pass to mainflux-mqtt-adapter over WS
-        location /mqtt/ {
+        location /mqtt {
             include snippets/proxy-headers.conf;
             include snippets/ws-upgrade.conf;
-            proxy_pass http://mqtt_ws_cluster/;
+            proxy_pass http://mqtt_ws_cluster;
         }
 
         # Proxy pass to mainflux-influxdb-reader
diff --git a/docker/nginx/nginx-x509.conf b/docker/nginx/nginx-x509.conf
index 83e23310..bcd83f48 100644
--- a/docker/nginx/nginx-x509.conf
+++ b/docker/nginx/nginx-x509.conf
@@ -87,11 +87,11 @@ http {
         }
 
         # Proxy pass to mainflux-mqtt-adapter over WS
-        location /mqtt/ {
+        location /mqtt {
             include snippets/verify-ssl-client.conf;
             include snippets/proxy-headers.conf;
             include snippets/ws-upgrade.conf;
-            proxy_pass http://mqtt_ws_cluster/;
+            proxy_pass http://mqtt_ws_cluster;
         }
 
         # Proxy pass to mainflux-influxdb-reader
diff --git a/docker/nginx/snippets/mqtt-upstream-cluster.conf b/docker/nginx/snippets/mqtt-upstream-cluster.conf
index 31657294..204219f1 100644
--- a/docker/nginx/snippets/mqtt-upstream-cluster.conf
+++ b/docker/nginx/snippets/mqtt-upstream-cluster.conf
@@ -3,7 +3,7 @@
 
 upstream mqtt_cluster {
     least_conn;
-    server mqtt-adapter-1:${MF_MQTT_ADAPTER_PORT};
-    server mqtt-adapter-2:${MF_MQTT_ADAPTER_PORT};
-    server mqtt-adapter-3:${MF_MQTT_ADAPTER_PORT};
-}
\ No newline at end of file
+    server mqtt-adapter-1:${MF_MQTT_ADAPTER_MQTT_PORT};
+    server mqtt-adapter-2:${MF_MQTT_ADAPTER_MQTT_PORT};
+    server mqtt-adapter-3:${MF_MQTT_ADAPTER_MQTT_PORT};
+}
diff --git a/docker/nginx/snippets/mqtt-upstream-single.conf b/docker/nginx/snippets/mqtt-upstream-single.conf
index 67a0828b..3c5372ba 100644
--- a/docker/nginx/snippets/mqtt-upstream-single.conf
+++ b/docker/nginx/snippets/mqtt-upstream-single.conf
@@ -2,5 +2,5 @@
 # SPDX-License-Identifier: Apache-2.0
 
 upstream mqtt_cluster {
-        server mqtt-adapter:${MF_MQTT_ADAPTER_PORT};
-}
\ No newline at end of file
+        server mqtt-adapter:${MF_MQTT_ADAPTER_MQTT_PORT};
+}
diff --git a/docker/ssl/authorization.js b/docker/ssl/authorization.js
index 7e8968c2..408f2317 100644
--- a/docker/ssl/authorization.js
+++ b/docker/ssl/authorization.js
@@ -43,7 +43,7 @@ function authenticate(s) {
 
 function parsePackage(s, data) {
     // An explanation of MQTT packet structure can be found here:
-    // https://public.dhe.ibm.com/software/dw/webservices/ws-mqtt/mqtt-v3r1.html#msg-format. 
+    // https://public.dhe.ibm.com/software/dw/webservices/ws-mqtt/mqtt-v3r1.html#msg-format.
 
     // CONNECT message is explained here:
     // https://public.dhe.ibm.com/software/dw/webservices/ws-mqtt/mqtt-v3r1.html#connect.
@@ -54,9 +54,9 @@ function parsePackage(s, data) {
         +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
         | TYPE | RSRVD | REMAINING LEN |      PROTOCOL NAME LEN       |
         +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
-        |                        PROTOCOL NAME                        |    
+        |                        PROTOCOL NAME                        |
         +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-|
-        |    VERSION   |     FLAGS     |          KEEP ALIVE          | 
+        |    VERSION   |     FLAGS     |          KEEP ALIVE          |
         +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-|
         |                     Payload (if any) ...                    |
         +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
@@ -65,8 +65,8 @@ function parsePackage(s, data) {
         Remaining Length is the length of the variable header (10 bytes) plus the length of the Payload.
         It is encoded in the manner described here:
         http://docs.oasis-open.org/mqtt/mqtt/v3.1.1/errata01/os/mqtt-v3.1.1-errata01-os-complete.html#_Toc442180836.
-        
-        Connect flags byte looks like this:   
+
+        Connect flags byte looks like this:
         |       7       |       6       |       5     |   4  3   |     2     |       1       |     0     |
         | Username Flag | Password Flag | Will Retain | Will QoS | Will Flag | Clean Session | Reserved  |
 
@@ -76,7 +76,7 @@ function parsePackage(s, data) {
             3. Will Message (2 bytes length + Will Message value) if Will Flag is 1.
             4. User Name (2 bytes length + User Name value) if User Name Flag is 1.
             5. Password (2 bytes length + Password value) if Password Flag is 1.
-        
+
         This method extracts Password field.
     */
 
@@ -95,23 +95,23 @@ function parsePackage(s, data) {
     // CONTROL(1) + MSG_LEN(1-4) + PROTO_NAME_LEN(2) + PROTO_NAME(4) + PROTO_VERSION(1)
     var flags_pos = 1 + len_size + 2 + 4 + 1;
     var flags = data.codePointAt(flags_pos);
-    
+
     // If there are no username and password flags (11xxxxxx), return.
     if (flags < 192) {
         s.error('MQTT username or password not provided');
         return '';
     }
-    
+
     // FLAGS(1) + KEEP_ALIVE(2)
     var shift = flags_pos + 1 + 2;
-    
+
     // Number of bytes to encode length.
     var len_bytes_num = 2;
 
     // If Wil Flag is present, Will Topic and Will Message need to be skipped as well.
     var shift_flags = 196 <= flags ? 5 : 3;
     var len_msb, len_lsb, len;
-    
+
     for (var i = 0; i < shift_flags; i++) {
         len_msb = data.codePointAt(shift).toString(16);
         len_lsb = data.codePointAt(shift + 1).toString(16);
@@ -138,18 +138,6 @@ function setKey(r) {
         return '';
     }
 
-    if (r.uri.startsWith('/ws') && (!auth || !auth.length)) {
-        var a;
-        for (a in r.args) {
-            if (a == 'authorization' && r.args[a] === clientKey) {
-                return clientKey;
-            }
-        }
-
-        r.error('Authorization param does not match certificate');
-        return '';
-    }
-
     return clientKey;
 }