Here is the list of parameters you can configure in the owprov.properties file.
FMS is already integrated with OpenWifi. In order to allow it to upgrade devices automatically, you should set the following values.
firmware.updater.upgrade = <true/false>
firmware.updater.releaseonly = <true/false>Should FMS attempt to upgrade devices by default.
Should only RC software be used during upgrades.
To support geocoding help, you need to configuration the following in the configuration file. Geocoding is used when creating location and when reporting analytics.
geocodeapi = google
google.apikey = ********************************The controller has the ability to find the location of the IP of each Access Points. This uses an external IP location service. Currently, the controller supports 3 services. Please note that these services will require to obtain an API key or token, and these may cause you to incur additional fees. Here is the list of the services supported:
- ip2location: ip2location.com
- ipdata: ipdata.co
- ipinfo: ipinfo.io
iptocountry.default = US
iptocountry.provider = ipinfo
#iptocountry.provider = ipdata
#iptocountry.provider = ip2location
iptocountry.ipinfo.token =
iptocountry.ipdata.apikey =
iptocountry.ip2location.apikey =This is the country code to be used if no information can be found at one of the providers or you have not configured any of the providers.
You must select onf of the possible services and the fill the appropriate token or api key parameter.
These are the parameters required for the configuration of the external facing REST API server
openwifi.restapi.host.0.backlog = 100
openwifi.restapi.host.0.security = relaxed
openwifi.restapi.host.0.rootca = $OWPROV_ROOT/certs/restapi-ca.pem
openwifi.restapi.host.0.address = *
openwifi.restapi.host.0.port = 16004
openwifi.restapi.host.0.cert = $OWPROV_ROOT/certs/restapi-cert.pem
openwifi.restapi.host.0.key = $OWPROV_ROOT/certs/restapi-key.pem
openwifi.restapi.host.0.key.password = mypasswordThis is the number of concurrent REST API calls that maybe be kept in the backlog for processing. That's a good rule of thumb. Never go above 500.
This is the root file of your own certificate CA in pem format.
This is your own server certificate in pem format..
This is the private key associated with your own certificate in pem format.
Leve this a * in the case you want to bind to all interfaces on your gateway host or select the address of a single interface.
The port on which the REST API server is listening. By default, this is 16002.
Leave this as relaxed for now for devices.
If you key file uses a password, please enter it here.
The following parameters describe the configuration for the inter-microservice HTTP server. You may use the same certificate/key you are using for your extenral server or another certificate.
openwifi.internal.restapi.host.0.backlog = 100
openwifi.internal.restapi.host.0.security = relaxed
openwifi.internal.restapi.host.0.rootca = $OWPROV_ROOT/certs/restapi-ca.pem
openwifi.internal.restapi.host.0.address = *
openwifi.internal.restapi.host.0.port = 17004
openwifi.internal.restapi.host.0.cert = $OWPROV_ROOT/certs/restapi-cert.pem
openwifi.internal.restapi.host.0.key = $OWPROV_ROOT/certs/restapi-key.pem
openwifi.internal.restapi.host.0.key.password = mypasswordThis is the number of concurrent REST API calls that maybe be kept in the backlog for processing. That's a good rule of thumb. Never go above 500.
This is the root file of your own certificate CA in pem format.
This is your own server certificate in pem format..
This is the private key associated with your own certificate in pem format.
Leve this a * in the case you want to bind to all interfaces on your gateway host or select the address of a single interface.
The port on which the REST API server is listening. By default, this is 17002.
Leave this as relaxed for now for devices.
If you key file uses a password, please enter it here.
These are different Microservie parameters. Following is a brief explanation.
openwifi.service.key = $OWPROV_ROOT/certs/restapi-key.pem
openwifi.service.key.password = mypassword
openwifi.system.data = $OWPROV_ROOT/data
openwifi.system.uri.private = https://localhost:17004
openwifi.system.uri.public = https://ucentral.example.com:16004
openwifi.system.uri.ui = https://provisionins-ui.example.com
openwifi.security.restapi.disable = false
openwifi.system.commandchannel = /tmp/app.ucentralprov
openwifi.autoprovisioning = trueFrom time to time, the microservice must encrypt information. This is the key it should use. You may use the same keey as you RESTAPI or your server.
The password for the openwifi.service.key
The location of system data. This path must exist.
The URI to reach the controller on the internal port.
The URI to reach the controller from the outside world.
The URI of the UI to manage this service
This allows to disable security for internal and external API calls. This should only be used if the controller
sits behind an application load balancer that will actually do TLS. Setting this to true disables security.
The UNIX socket command channel used by this service.
Allow unknown devices to be provisioned by the system.
In order to support an application load balancer health check verification, your need to provide the following parameters.
alb.enable = true
alb.port = 16104The controller use Kafka, like all the other microservices. You must configure the kafka section in order for the system to work.
openwifi.kafka.group.id = provisioning
openwifi.kafka.client.id = provisioning1
openwifi.kafka.enable = true
openwifi.kafka.brokerlist = my_Kafka.example.com:9092
openwifi.kafka.auto.commit = false
openwifi.kafka.queue.buffering.max.ms = 50The group ID is a single word that should identify the type of service tuning. In the case provisioning
The client ID is a single service within that group ID. Each participant must have a unique client ID.
Kafka should always be enabled.
The list of servers where your Kafka server is running. Comma separated.
Auto commit flag in Kafka. Leave as false.
Kafka buffering. Leave as 50.
If you intend to use SSL, you should look into Kafka Connect and specify the certificates below.
penwifi.kafka.ssl.ca.location =
openwifi.kafka.ssl.certificate.location =
openwifi.kafka.ssl.key.location =
openwifi.kafka.ssl.key.password =The controller supports 3 types of Database. SQLite should only be used for sites with less than 100 APs or for testing in the lab.
In order to select which database to use, you must set the storage.type value to sqlite, postgresql, or mysql.
storage.type = sqlite
#storage.type = postgresql
#storage.type = mysqlAdditional parameters to set for SQLite. The only important one is storage.type.sqlite.db which is the database name on disk.
storage.type.sqlite.db = provisioning.db
storage.type.sqlite.idletime = 120
storage.type.sqlite.maxsessions = 128Additional parameters to set if you select Postgres for your database. You must specify host, username, password,
database, and port.
storage.type.postgresql.maxsessions = 64
storage.type.postgresql.idletime = 60
storage.type.postgresql.host = localhost
storage.type.postgresql.username = provisioning
storage.type.postgresql.password = provisioning
storage.type.postgresql.database = provisioning
storage.type.postgresql.port = 5432
storage.type.postgresql.connectiontimeout = 60Additional parameters to set if you select mysql for your database. You must specify host, username, password,
database, and port.
storage.type.mysql.maxsessions = 64
storage.type.mysql.idletime = 60
storage.type.mysql.host = localhost
storage.type.postgresql.username = provisioning
storage.type.postgresql.password = provisioning
storage.type.postgresql.database = provisioning
storage.type.mysql.port = 3306
storage.type.mysql.connectiontimeout = 60The microservice provides extensive logging. If you would like to keep logging on disk, set the logging.type = file. If you only want
console logging, set logging.type = console. When selecting file, logging.path must exist. logging.level sets the
basic logging level for the entire controller. logging.websocket disables WebSocket logging.
logging.type = file
logging.path = $OWPROV_ROOT/logs
logging.level = information
logging.asynch = true
logging.websocket = false