Problems with basicstation

Awesome. Wish I had some good news for you - I’ve been running on unsecured websocket since day one. Never did figure it out.

There is a setting in the config file that you have to set to allow:

  • gs.basic-station.allow-unauthenticated: Allow unauthenticated Basic Station connections. This is set to false by default. Set to disable auth check for testing.

Hi @barryjump, @mpous, TTS uses a built in agent to request the certificates from the LetsEncrypt free certificate services if I am not wrong, based on the URI you configure, I haven’t had time yet to deploy my own TTS yet, because lack of time. I’ll try my best to deploy and sort out the certificates part, I have some background on PKI area, but not yet to know well TTS to ensure what I talk :slight_smile:

Hey @ronyvargas hope you’re well.
Yes thats true, and I can confirm it works as advertised. At first deploy it auto provisioned a Letsencrypt cert and I believe even auto-renewed it after 3 months. I tested TTS with custom certs from a few places including ZeroSSL and all work fine. Though the out of the box and auto-renew script is by far the easiest.

The main challenge for me has remained though - trying to figure out how to get that auto-provisioned cert into the gateway, get basicstation to be happy with it, and to then get TTS to accept it once connected. I tried using balena’s env variable TC_CERT, tried manually including it in the project file at build, tried VIMing it through SSH, etc, etc.

I don’t know if this is coincidental or not, but @mpous I have a suspicion you and Jose were chatting recently :grinning:

You discovered us @barryjump! i’m working on documenting this! Stay tunned @ronyvargas :slight_smile:

2 Likes

Ok @barryjump and @ronyvargas i just documented the github repo. For The Things Stack you will need to create a different variable called TC_KEY .

More information here: https://github.com/balenalabs/basicstation/

1 Like

You did it! Nice work. I didnt test it with TTI’s conference version of TTS (was that something they offered special to conference guests?) However, I did just confirm it works with my private installation of TTS which is what we were trying to do anyway. Thank you so much!!

BTW, did you ever encounter the scenario of the gateway changing its GW_ID at random with reboots or restarts? I can’t quite figure out why, but with every container restart it chooses one of about 5 random gateway ID’s that look nothing like the actual hardware’s ID. I manage to get around this by provisioning 5 versions of the gateway in TTS console so that when the Pi picks one of those 5 it connects to the network server.

1 Like

Yes @barryjump i have seen this behaviour but maybe is related with the docker-compose permission to the basicstation container. I’m still investigating this. Will keep you updated :slight_smile:

Hi @mpous, I compiled to upgrade to TTN v3 and I did a modification to the code, I wanted to test having the gateways pointing to different TC_URI within the same application, I used TTN and TTN v3, I managed to update the script to pull both Certificates needed for that.
Here is the code link if you want to check:

1 Like

Thank you! this is really interesting @ronyvargas Feel free to PR the repository :slight_smile:

Hi @mpous, let me pull again since the upstream was already updated, and create a new branch in my forked repo so it can merge clean without those “merge commit from belanlabs/basicstation”

did you create the pull request @ronyvargas ?

Hi @mpous not yet, I want to cleanup that merge commits before doing the PR. is that OK? or should I go ahead like that? This is first time I commit to a PR

1 Like

sure! take your time :slight_smile:

Hi @mpous
I have created the PR into the repository with the changes for additional Let’s Encrypt RootCA that is compatible with TTNv3, I have the RAK2287 Gateway pointing to TTNv2 and RAK2245 pointing to TTNv3 in the same App.

1 Like

@ronyvargas Nice thanks!

@ronyvargas btw, let me know if you want to hop on a call again soon, would love to show you what we ended up building with this

Thank you very much @ronyvargas

Looking forward to see your successful project @barryjump & @ronyvargas :slight_smile:

1 Like

Hi @barryjump , yes , lets look something for next week, around friday this time could work.

1 Like

Hello @barryjump & @ronyvargas did you check the latest version of the TTN Gateway compatible with SX1301 and SX1302 concentrators and TTN v2 and TTS v3? :slight_smile:

Check it out here and let me know what do you think!

1 Like