Skip to main content Link Menu Expand (external link) Document Search Copy Copied

Backend deployment

This page elaborates on ways of deploying the backend in different scenarios. Most examples are complete or partial Docker Compose files.

Docker Compose with port forwarding

This is the same snippet as the one in the Getting Started section.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15

services:
  postgresql:
    image: postgres:alpine
    ports:
      - 5432:5432
    environment:
      POSTGRES_PASSWORD: postgres
  
  orfs_backend:
    image: openrfsense/backend:latest
    ports:
      - 2222:2222     # Measurement collector port
      - 8080:8080     # Backend API/UI HTTP port
    environment:
      ORFS_NATS_TOKEN: nats-token

Docker Compose with reverse proxy (Caddy)

Caddy is an all-in-one web server and reverse proxy with a very accessible configuration format. It can be useful to proxy requests (both HTTP and TCP) to the OpenRF backend.

For the purposes of this example, the directory tree will look something like this:

1
2
3
4
5
6

πŸ“‚ caddy                # Caddy-specific files
  πŸ“‚ config             # Caddy internal, persistent configuration
  πŸ“‚ data               # Caddy internal data
  πŸ“„ Caddyfile          # Caddy runtime configuration
  πŸ“„ Dockerfile         # Builder and runner container spec
πŸ“„ docker-compose.yml   # Software stack spec

Setting up Caddy

Caddy does not (yet) proxy layer 4 packets such as TCP. For this reason, the layer4 extension is required. You can build a Docker image with it using the following Dockerfile.

1
2
3
4
5

FROM caddy:2-builder-alpine AS builder
RUN xcaddy build --with github.com/RussellLuo/caddy-ext/layer4

FROM caddy:2-alpine
COPY --from=builder /usr/bin/caddy /usr/bin/caddy

A Caddyfile for a fully functional backend proxy could look like this:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15

{
    layer4 {
        :2222 {
            proxy orfs_backend:2222
        }
    }
}

orfs.{$DOMAIN} {
    tls {$EMAIL}

    reverse_proxy orfs_backend:8080 {
        header_up X-Real-IP {remote_host}
    }
}

Note that:

  • the subdomain was chosen arbitrarily and the backend doesn’t need to be on a specific address or domain
  • {$DOMAIN} and {$EMAIL} will be replaced by environment variables defined in the Docker Compose file
  • the layer4 extension will route all packets received on $DOMAIN:2222 straight to the backend container

Creating the full service stack

Plugging Caddy into the existing container stack is quite trivial:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32

services:
  caddy:
    build: ./caddy
    image: caddy-l4
    container_name: caddy
    restart: always
    ports:
      - 80:80        # HTTP
      - 443:443      # TLS
      - 2222:2222    # Measurement collector
    environment:
      DOMAIN: <your domain>
      EMAIL: <your email>
    volumes:
      - ./caddy/Caddyfile:/etc/caddy/Caddyfile:ro
      - ./caddy/data:/data
      - ./caddy/config:/config

  postgresql:
    image: postgres:alpine
    ports:
      - 5432:5432
    environment:
      POSTGRES_PASSWORD: postgres
  
  orfs_backend:
    image: openrfsense/backend:latest
    ports:
      - 2222:2222     # Measurement collector port
      - 8080:8080     # Backend API/UI HTTP port
    environment:
      ORFS_NATS_TOKEN: nats-token