LoRa Server setup
This repository provides an Ansible playbook to setup the LoRa Server. project (including dependencies). With the included Vagrant file, the LoRa Server can also be setup locally (e.g. on VirtualBox).
- Setup firewall rules (iptables)
- Setup Mosquitto (MQTT broker) + connection credentials
- Setup Redis
- Setup PostgreSQL + creation of roles and databases
- Setup LoRa Gateway Bridge
- Setup LoRa Server
- Setup LoRa App Server
- Setup LoRa Geo Server
- Request a HTTPS certificate from Let's Encrypt
Vagrant (local environment using VirtualBox)
Vagrantfile will setup an Ubuntu Xenial (16.04) virtual
machine with the latest LoRa Server components installed. It will also forward
the following ports to your host system:
8080: LoRa App Server UI and API
1700: UDP listener for the packet-forwarder data
1883: Mosquitto MQTT
1884: Mosquitto Websockets
Note: when using Vagrant, there is no need to install Ansible (this will be automatically installed inside the Vagrant machine).
When setting up the LoRa Server environment, make sure you have a recent version of Vagrant installed.
roles/loraserver/templates/loraserver.tomlso that the
network_server.band.namematches the LoRaWAN band to use. Depending the chosen band, you might also be interested in updating other network-server settings listed under the
Within the root of this repository execute the following command:
As this will import the Vagrant box, install all requirements etc... this is going to take a while.
Configure your LoRa Gateway so that it points to the IP address of your computer (port
Point your browser to http://localhost:8080/. As a self-signed certificate is used, your browser will prompt that the certificate can't be trusted. This is ok for testing.
For updating your Vagrant environment (e.g. updating the configuration or to upgrade installed packages, execute the following command:
Other useful commands:
# stop the vagrant machine vagrant halt # restart the vagrant machine vagrant reload # ssh into the vagrant machine vagrant ssh # destroy the vagrant machine vagrant destroy
This playbook has been tested on DigitalOcean.com but should also work on bare-metal, AWS, ...
Don't have a DigitalOcean account yet? Use this link and get $10 in credits for free :-)
On the machine from where you will execute this Ansible playbook (e.g. your own
computer), make sure you have Ansible 2.1+ installed. You can install Ansible with
pip install ansible) or using Homebrew (OS X) (
brew install ansible).
Refer to the Ansible installation guide
for more installation instructions.
The Ansible playbook has been tested on the following images:
- Stretch (9.x)
- Xenial (16.04.x LTS)
- Bionic (18.04.x LTS)
Create a new Ubuntu 16.04.x instance and make sure that from your own machine on which Ansible is installed, you can ssh to this machine using public-key authentication (e.g.
Configure a DNS record for your target instance and wait until this record resolves to your IP address. This is required in case you configured LetsEncrypt. You can skip this step when not using LetsEncrypt (
inventory.exampleinside this repository to
example.comwith the hostname created in step 2.
group_vars/single_server.example.ymlinside this repository to
group_vars/single_server.ymland change the settings where needed.
Update the LoRa Gateway Bridge, LoRa App Server and LoRa Server configuration files under:
See also the following links for more documentation:
Run the following command from your machine to deploy LoRa Server to your target instance, to upgrade to the latest versions or to update the configuration:
ansible-playbook -i inventory full_deploy.yml
After the playbook has been completed, the dashboard should be accessible from http://yourdomain.com:8080/.
Changelog (playbook changes)
- LoRa App Server default configuration now uses http (no TLS certificate).
- Updated playbook to support Ubuntu 18.04.x, 16.04.x and Debian Stretch (9.x).
postgresqlpackage is always installed from distribution repository.
mosquittopackage is always installed from distribution repository.
- Added installation of LoRa Geo Server service.
- Change to LoRa Server v2 apt repository.
mosquitto-auth-plugsetup (which was causing a lot of issues)
- Update configuration
- Include LoRa Gateway Bridge, LoRa App Server and LoRa Server configuration files as templates. See Configuration.
auth_opt_aclqueryquery of the mosquitto-auth-plug has been updated as application users have been deprecated.
GW_SERVER_JWT_SECRETconfiguration option has been added to the example configuration file, which will be mandatory for LoRa Server 0.20.0.
8002(used by LoRa Gateway Config) has been added as public accessible port in the example configuration.
letsencryptcli has been changed to
certbotcli (as per installation instructions documented at https://certbot.eff.org).
- Mosquitto authentication / authorization has been added (using
loraserver_hosts.example.ymlhas been updated with example configuration. Note that anonymous connections will be rejected. This allows users to connect to the MQTT broker using their LoRa App Server credentials.