fixedit-ai · daniel-falk · Aug 5, 2025 · Aug 1, 2025 · Aug 5, 2025 · Aug 5, 2025
diff --git a/LICENSE b/LICENSE
@@ -0,0 +1,18 @@
+# License Information
+
+This repository contains multiple components, each with its own licensing terms. Please refer to the LICENSE file in each subdirectory for specific licensing information.
+
+## Subdirectory Licenses
+
+- **dashboard-deployments/** - Licensed under the Elastic License 2.0. See [dashboard-deployments/LICENSE](./dashboard-deployments/LICENSE) for full terms.
+- **Other components** - Each subdirectory may have its own specific license. Check individual subdirectories for their respective LICENSE files.
+
+## General Guidelines
+
+Before using any component from this repository:
+
+1. Navigate to the specific subdirectory you plan to use
+2. Read the LICENSE file in that subdirectory 
+3. Ensure compliance with the specific license terms
+
+For questions about licensing, please contact the FixedIT team.
diff --git a/README.md b/README.md
@@ -1,3 +1,9 @@
-# fixedit-data-agent-dashboards
+# FixedIT Data Agent Examples
 
-This repository contains an InfluxDB + Grafana stack with provisioned dashboards for Axis camera monitoring with the FixedIT Data Agent edge application.
+This repository provides resources for the FixedIT Data Agent across different levels of customization:
+
+**📊 Server-side dashboards** - The [dashboard-deployments](./dashboard-deployments) directory contains visualization dashboards that work with the FixedIT Data Agent. Some work directly with the bundled configurations (just spin them up and start visualizing), while others can be used as-is or customized for your needs. Advanced users often combine edge device customization with dashboard modifications to visualize new data types.
+
+**🛠️ Edge device customization** - Project implementation examples that show how to extend and customize the FixedIT Data Agent by uploading custom configuration files and scripts. This makes it easy to create tailored edge applications for Axis devices without starting from scratch using the AXIS ACAP SDK.
+
+[Comming soon...]
diff --git a/dashboard-deployments/LICENSE b/dashboard-deployments/LICENSE
@@ -0,0 +1,55 @@
+Elastic License 2.0
+
+URL: https://www.elastic.co/licensing/elastic-license
+
+Acceptance
+
+By using the software, you agree to all of the terms and conditions below.
+
+Copyright License
+
+The licensor grants you a non-exclusive, royalty-free, worldwide, non-sublicensable, non-transferable license to use, copy, distribute, make available, and prepare derivative works of the software, in each case subject to the limitations and conditions below.
+
+Limitations
+
+You may not provide the software to third parties as a hosted or managed service, where the service provides users with access to any substantial set of the features or functionality of the software.
+
+You may not move, change, disable, or circumvent the license key functionality in the software, and you may not remove or obscure any functionality in the software that is protected by the license key.
+
+You may not alter, remove, or obscure any licensing, copyright, or other notices of the licensor in the software. Any use of the licensor's trademarks is subject to applicable law.
+
+Patents
+
+The licensor grants you a license, under any patent claims the licensor can license, or becomes able to license, to make, have made, use, sell, offer for sale, import and have imported the software, in each case subject to the limitations and conditions in this license. This license does not cover any patent claims that you cause to be infringed by modifications or additions to the software. If you or your company make any written claim that the software infringes or contributes to infringement of any patent, your patent license for the software granted under these terms ends immediately. If your company makes such a claim, your patent license ends immediately for work on behalf of your company.
+
+Notices
+
+You must ensure that anyone who gets a copy of any part of the software from you also gets a copy of these terms.
+
+If you modify the software, you must include in any modified copies of the software prominent notices stating that you have modified the software.
+
+No Other Rights
+
+These terms do not imply any licenses other than those expressly granted in these terms.
+
+Termination
+
+If you use the software in violation of these terms, such use is not licensed, and your licenses will automatically terminate. If the licensor provides you with a notice of your violation, and you cease all violation of this license no later than 30 days after you receive that notice, your licenses will be reinstated retroactively. However, if you violate these terms after such reinstatement, any additional violation of these terms will cause your licenses to terminate automatically and permanently.
+
+No Liability
+
+As far as the law allows, the software comes as is, without any warranty or condition, and the licensor will not be liable to you for any damages arising out of these terms or the use or nature of the software, under any kind of legal claim.
+
+Definitions
+
+The licensor is the entity offering these terms, and the software is the software the licensor makes available under these terms, including any portion of it.
+
+you refers to the individual or entity agreeing to these terms.
+
+your company is any legal entity, sole proprietorship, or other kind of organization that you work for, plus all organizations that have control over, are under the control of, or are under common control with that organization. control means ownership of substantially all the assets of an entity, or the power to direct its management and policies by vote, contract, or otherwise. Control can be direct or indirect.
+
+your licenses are all the licenses granted to you for the software under these terms.
+
+use means anything you do with the software requiring one of your licenses.
+
+trademark means trademarks, service marks, and similar rights.
diff --git a/dashboard-deployments/README.md b/dashboard-deployments/README.md
@@ -0,0 +1,28 @@
+# Dashboard examples for the FixedIt Data Agent
+
+This directory contains example dashboard deployments for the FixedIT Data Agent. Depending on what the Data Agent is used for, different stacks of e.g. InfluxDB and Grafana are used together with provisioned dashboards. This makes it easy to try a setup to start visualizing the data from your Axis devices running the FixedIT Data Agent.
+
+## [System monitoring with InfluxDB (v2) and Grafana](./system-monitoring-influxdb2-flux-grafana)
+
+This example shows how to set up advanced dashboards for Axis device system monitoring. These dashboards works with the bundled configuration files in the FixedIT Data Agent. The dashboards are built using InfluxDB 2.x as a database and Flux as the query language.
+
+## Open source licenses
+
+The dashboards in this repository are open source for your convenience and are licensed under the Elastic License 2.0. This means that in most cases you can use them for both commercial and non-commercial purposes, but there are some exceptions.
+
+- By default, you are not allowed to use the dashboards to provide a service to third parties. If you want to do that, you need to contact the FixedIT team to get a license.
+- When redistributing the dashboards, you need to include our license notice in the redistributed files, source us as the original authors and include any copyright notices.
+
+For full license details, see the [LICENSE](./LICENSE) file.
+
+### Can I use the dashboards internally in my own business?
+
+Yes, you are allowed to use the dashboards internally in your own business (including commercial purposes).
+
+### Can I setup these dashboards and sell access to them to our customers?
+
+You will need to contact the FixedIT team to get our approval, which we in most cases are happy to give.
+
+### Can I use the dashboards internally to monitor a service we sell to customers?
+
+Yes, you are allowed to use the dashboards internally in your own business, also for monitoring a service you sell to customers.
diff --git a/dashboard-deployments/system-monitoring-influxdb2-flux-grafana/README.md b/dashboard-deployments/system-monitoring-influxdb2-flux-grafana/README.md
@@ -0,0 +1,40 @@
+# InfluxDB and Grafana stack
+
+This directory contains a package with the files needed to spin up a stack with InfluxDB and Grafana where Grafana comes pre-populated with multiple dashboards useful for monitoring system metrics from the devices and the propagation of configuration parameters.
+
+## Running the stack
+
+This stack (defined in `docker-compose.yml`) will run:
+
+- InfluxDB storing time series data (system metrics and configuration parameters)
+- Grafana to create dashboards
+
+To run it:
+
+1. Run `docker compose up -d`
+2. Then go to [http://127.0.0.1:8086](http://127.0.0.1:8086) and log in with username `test` and password `testtest` (from the `docker-compose.yml` file)
+3. Open grafana UI on [http://127.0.0.1:3000](http://127.0.0.1:3000) and log in with username `admin` and password `test` (from the `docker-compose.yml` file).
+
+### Example of more secure setup
+
+The supplied `docker-compose.yml` file is for development usage with hardcoded ports and credentials for simplicity. For production, you should handle keys in a more secure way. One example of a better setup is to use the `docker-compose.prod.yml` override file.
+
+**Helper Script Available**: There's a helper script to generate the `env.sh` file with secure random values for all environment variables required by the production docker-compose setup (`docker-compose.prod.yml`), see [helper_scripts/README.md](./helper_scripts/README.md) for more details.
+
+```bash
+# Use the helper script to generate secure environment variables
+./helper_scripts/generate-env.sh
+source env.sh
+
+docker compose -f docker-compose.yml -f docker-compose.prod.yml up -d
+```
+
+**Note**: The production setup uses configurable ports and unique container names to allow running multiple instances on the same server. The development setup uses hardcoded ports (8086 for InfluxDB, 3000 for Grafana) for simplicity. This can be changed by editing the `env.sh` file after generation with the `helper_scripts/generate-env.sh` script or by manually setting the environment variables before launching the stack.
+
+## Grafana
+
+Open the grafana UI on [http://127.0.0.1:3000](http://127.0.0.1:3000), login with user `admin` and password `test` (specified in the [./docker-compose.yml](./docker-compose.yml) file). Click on "Dashboards" and you should see the pre-populated dashboards in the "Cameras" folder.
+
+## Helper scripts
+
+The directory [helper_scripts](./helper_scripts/) contains scripts that can assist with deployment, see the [README](./helper_scripts/README.md) for more details.
diff --git a/dashboard-deployments/system-monitoring-influxdb2-flux-grafana/docker-compose.prod.yml b/dashboard-deployments/system-monitoring-influxdb2-flux-grafana/docker-compose.prod.yml
@@ -0,0 +1,38 @@
+# This override file:
+# - Adds healthchecks to InfluxDB and Grafana
+# - Overrides production secrets for InfluxDB and Grafana
+# - Supports multiple deployments on same host using COMPOSE_PROJECT_NAME
+#
+# This stack is only intended as an example.
+
+version: "3.8"
+
+services:
+  influxdb:
+    container_name: influxdb-${COMPOSE_PROJECT_NAME:-default}
+    environment:
+      - DOCKER_INFLUXDB_INIT_USERNAME=admin
+      - DOCKER_INFLUXDB_INIT_PASSWORD=${INFLUXDB_PASSWORD}
+      - DOCKER_INFLUXDB_INIT_ADMIN_TOKEN=${INFLUXDB_ADMIN_TOKEN}
+    healthcheck:
+      test: ["CMD", "curl", "-f", "http://localhost:8086/health"]
+      interval: 30s
+      timeout: 5s
+      retries: 3
+    labels:
+      - "com.ouroboros.enable=true" # Explicitly allow monitoring
+    restart: unless-stopped
+
+  grafana:
+    container_name: grafana-${COMPOSE_PROJECT_NAME:-default}
+    environment:
+      - GF_SECURITY_ADMIN_PASSWORD=${GRAFANA_ADMIN_PASSWORD}
+      - INFLUXDB_TOKEN=${INFLUXDB_ADMIN_TOKEN}
+    healthcheck:
+      test: ["CMD", "curl", "-f", "http://localhost:3000/api/health"]
+      interval: 30s
+      timeout: 5s
+      retries: 3
+    labels:
+      - "com.ouroboros.enable=true" # Explicitly allow monitoring
+    restart: unless-stopped
diff --git a/dashboard-deployments/system-monitoring-influxdb2-flux-grafana/docker-compose.yml b/dashboard-deployments/system-monitoring-influxdb2-flux-grafana/docker-compose.yml
@@ -0,0 +1,46 @@
+# This is a simple example of a stack with InfluxDB and Grafana.
+# This file hard codes credentials for simple use. It is not intended for production use.
+# For production use, use this file together with the docker-compose.prod.yml override file
+# which will add more security and robustness.
+
+version: "3.8"
+
+x-common-vars: &common-vars
+  INFLUXDB_ORG: &org Whisperer
+  INFLUXDB_BUCKET: &bucket Cameras
+
+services:
+  influxdb:
+    image: influxdb:2
+    ports:
+      - "${INFLUXDB_PORT:-8086}:8086"
+    environment:
+      DOCKER_INFLUXDB_INIT_MODE: setup
+      DOCKER_INFLUXDB_INIT_USERNAME: test
+      DOCKER_INFLUXDB_INIT_PASSWORD: testtest
+      DOCKER_INFLUXDB_INIT_ORG: *org
+      DOCKER_INFLUXDB_INIT_BUCKET: *bucket
+      DOCKER_INFLUXDB_INIT_ADMIN_TOKEN: KLoG_Z0NsDIbVzS7zVn_VwhgxUgvwaGWE1wwO9SsGfNEeMaopLMsAA2aAGbCshpetVdu86Ig3-WTKugv6Srg6w==
+    volumes:
+      - ./influxdb-data:/var/lib/influxdb2
+
+  grafana:
+    image: grafana/grafana
+    ports:
+      - "${GRAFANA_PORT:-3000}:3000"
+    # To avoid permission issues to the mounted dir we run as root...
+    # Should be changed. See:
+    # https://grafana.com/docs/grafana/latest/setup-grafana/installation/run-grafana-docker-image/#migrate-to-v51-or-later
+    user: "0"
+    environment:
+      GF_SECURITY_ADMIN_PASSWORD: test
+      INFLUXDB_TOKEN: KLoG_Z0NsDIbVzS7zVn_VwhgxUgvwaGWE1wwO9SsGfNEeMaopLMsAA2aAGbCshpetVdu86Ig3-WTKugv6Srg6w==
+      INFLUXDB_ORG: *org
+      INFLUXDB_BUCKET: *bucket
+    volumes:
+      - ./grafana-data:/var/lib/grafana
+      # The provisioning folder contains the data source info.
+      # This automatically sets up InfluxDB as a data source.
+      - ./provisioning:/etc/grafana/provisioning
+    depends_on:
+      - influxdb
diff --git a/...d-deployments/system-monitoring-influxdb2-flux-grafana/helper_scripts/README.md b/...d-deployments/system-monitoring-influxdb2-flux-grafana/helper_scripts/README.md
@@ -0,0 +1,41 @@
+# Helper scripts
+
+## [install-docker-aws-ec2.sh](./install-docker-aws-ec2.sh)
+
+This script can be used to install docker with docker compose on an AWS EC2 instance with Amazon Linux 2. This makes it easy to deploy the example dashboard to an AWS EC2 instance.
+
+Just copy the script to the EC2 instance and run it with `./install-docker-aws-ec2.sh`.
+
+## [generate-env.sh](./generate-env.sh)
+
+This script generates an `env.sh` file with secure random values for all environment variables required by the production docker-compose setup (`docker-compose.prod.yml`).
+
+The script generates:
+
+- **Unique project name**: `monitoring-{suffix}` for container isolation where `{suffix}` is a random 6-character hex string (e.g., `a1b2c3`)
+- **Random port numbers**: For InfluxDB and Grafana (to avoid conflicts)
+- **Secure passwords**: For InfluxDB and Grafana
+- **Secure admin token**: For InfluxDB
+- **Placeholder for Slack webhook URL**: (needs manual update)
+
+Usage:
+
+```bash
+./helper_scripts/generate-env.sh
+```
+
+This will create an `env.sh` file in the project root. To use it:
+
+```bash
+source env.sh
+docker compose -f docker-compose.yml -f docker-compose.prod.yml up -d
+```
+
+## Deployment Organization
+
+The intended deployment pattern is to use **separate folders for different deployments**:
+
+- Copy the content of this directory to separate folders (e.g., `site-1-dashboard/`, `site-2-dashboard/`, etc.)
+- Each folder contains the same code and has its own `env.sh` file with unique credentials and ports
+- Data volumes mount to consistent folder names within each deployment directory
+- This makes it easy to see which code version was used for each deployment and keeps credentials isolated.
diff --git a/...board-deployments/system-monitoring-influxdb2-flux-grafana/helper_scripts/generate-env.sh b/...board-deployments/system-monitoring-influxdb2-flux-grafana/helper_scripts/generate-env.sh
@@ -0,0 +1,95 @@
+#!/bin/bash
+set -euo pipefail
+
+# Script to generate environment variables for prod docker-compose setup
+# This script creates an env.sh file with secure random values for all required variables
+
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
+ENV_FILE="$SCRIPT_DIR/../env.sh"
+
+# Check if openssl is available
+if ! command -v openssl &> /dev/null; then
+    echo "❌ Error: openssl is required but not installed."
+    echo "Please install openssl and try again."
+    exit 1
+fi
+
+# Check if env.sh already exists to prevent accidental overwrite
+if [[ -f "$ENV_FILE" ]]; then
+    echo "❌ Error: $ENV_FILE already exists."
+    echo "To prevent accidental loss of secrets, please delete it manually first."
+    echo "Run: rm $ENV_FILE"
+    exit 1
+fi
+
+echo "Generating production environment variables..."
+
+# Generate secure passwords (~32 characters)
+# 24 bytes -> base64 (32 chars) -> remove "=+/" -> ~32 chars
+INFLUXDB_PASSWORD=$(openssl rand -base64 24 | tr -d "=+/")
+GRAFANA_ADMIN_PASSWORD=$(openssl rand -base64 24 | tr -d "=+/")
+
+# Generate secure admin token (32 bytes = 64 hex characters)
+INFLUXDB_ADMIN_TOKEN=$(openssl rand -hex 32)
+
+# Generate random deployment suffix (6 alphanumeric characters).
+# This allows multiple deployments to run in parallel on the same machine.
+DEPLOYMENT_SUFFIX=$(openssl rand -hex 3)
+
+# Generate random ports within safe ranges
+# InfluxDB: 10000-19999 (10k ports)
+# Grafana: 20000-29999 (10k ports)
+INFLUXDB_PORT=$((10000 + RANDOM % 10000))
+GRAFANA_PORT=$((20000 + RANDOM % 10000))
+
+# Create the env.sh file with secure permissions.
+OLD_UMASK=$(umask)
+umask 077
+cat > "$ENV_FILE" << EOF
+#!/bin/bash
+# Generated environment variables for production docker-compose setup
+# Generated on: $(date)
+# 
+# To use these variables, source this file:
+# source env.sh
+#
+# Then run docker-compose with production overrides:
+# docker compose -f docker-compose.yml -f docker-compose.prod.yml up -d
+
+# Deployment Configuration
+export COMPOSE_PROJECT_NAME="monitoring-$DEPLOYMENT_SUFFIX"
+
+# Port Configuration
+export INFLUXDB_PORT="$INFLUXDB_PORT"
+export GRAFANA_PORT="$GRAFANA_PORT"
+
+# InfluxDB Configuration
+export INFLUXDB_PASSWORD="$INFLUXDB_PASSWORD"
+export INFLUXDB_ADMIN_TOKEN="$INFLUXDB_ADMIN_TOKEN"
+
+# Grafana Configuration
+export GRAFANA_ADMIN_PASSWORD="$GRAFANA_ADMIN_PASSWORD"
+
+# Additional configuration can be added here as needed
+
+EOF
+
+# Restore original umask. This is mostly important if someone would
+# source the script instead of running it.
+umask "$OLD_UMASK"
+
+# Print a summary of the generated values and some instructions.
+echo "✅ Environment file generated: $ENV_FILE"
+echo ""
+echo "📋 Generated values:"
+echo "  DEPLOYMENT_SUFFIX: $DEPLOYMENT_SUFFIX"
+echo "  COMPOSE_PROJECT_NAME: monitoring-$DEPLOYMENT_SUFFIX"
+echo "  INFLUXDB_PORT: $INFLUXDB_PORT"
+echo "  GRAFANA_PORT: $GRAFANA_PORT"
+echo "  INFLUXDB_PASSWORD: $INFLUXDB_PASSWORD"
+echo "  INFLUXDB_ADMIN_TOKEN: $INFLUXDB_ADMIN_TOKEN"
+echo "  GRAFANA_ADMIN_PASSWORD: $GRAFANA_ADMIN_PASSWORD"
+echo ""
+echo "⚠️  IMPORTANT:"
+echo "  1. Keep this file secure and don't commit it to version control"
+echo "  2. To use: source env.sh && docker compose -f docker-compose.yml -f docker-compose.prod.yml up -d"