I followed the getting started instructions a few times actually to make sure I didn’t leave anything out and each attempt leaves me with the same result - Token-refused error.
I think the main question is why the instructions, including the excitingly simple and relatively new video here: Install The Things Stack LoRaWAN Network Server in 6 minutes using Docker - YouTube
seem to always result in a bunch of localhost artifacts after installation. I know several have asked about this, but it appears this is the root of the problem:
Is there a way to ensure that localhost settings are not provisioned during the getting started guide? Or am I just completely overlooking something?
For what its worth, I’m running a VM on digitalocean with a custom domain using the acme Letsencrypt method per the instructions.
But i haven’t been able to find a dependable source for what needs to be fixed, how to translate --console.ui.gcs.base-url into an above docker ready variable, and what localhost value needs to change and what doesnt.
I’ve found smatterings of configs in loose forum posts, but it’s a little bit of a goose chase.
Are you replacing “thethings.example.com” with your domain name in the ttn-lw-stack-docker.yml before you start anything at all.
I’ve got to a working server but I have to go back and do it again to sort out some other wrinkles in the instructions that I only picked up from the video - principally changing the oauth secret before running docker-compose run --rm stack is-db create-oauth-client
Thanks for the reply Nick. Yep, changed all the example domains in the config file with a find and replace in VS to make sure I didnt miss any, did that particular step 3 times.
Double and triple checked the oauth client secret between the config file and the docker command you reference as well. That one in particular was something I made sure I did too because that is the only troubleshooting step in the docs here for the token-refused problem (https://www.thethingsindustries.com/docs/getting-started/installation/troubleshooting)
I have a GitHub based install which doesn’t have any Token Refused issue.
But I haven’t looked at the details of the install / initialisation and I’m not sure how productive it would be to try a compare & contrast. My preference is that the stack is a box that I backup the databases whilst I get on with the tricky bits of firmware and data processing.
Hopefully @benolayinka can come up with a scheme for us to work together.
Meantime, do you know how to convert these into envs to drop into the docker-compose file?
Is it something like:
CONSOLE_OAUTH_AUTHORIZE_URL=“http://mydomain.com:1885/oauth/authorize” ?
Is that convention true for all the values?
I assume a workaround would be to simple convert all the localhost values into one big list in under the stack service and hope for the best.
I think it’s to do with the way docker allocates ports to its various containers, I was having a re-read of the stand alone install instructions the other day and if I’m not mistaken there was a mention of another way to fix it there, good luck
cheers
H
Hi @mrpher , sorry you’re having trouble with your install. It looks to me like none of the configuration settings are being loaded from ttn-lw-stack-docker.yml.
We’ve improved search so hopefully you can find this stuff by searching the docs.
How are you running ttn-lw-stack here? Did you install it separately? The instructions are for running The Things Stack inside Docker, so checking config should look like
When you run it using ttn-lw-stack in path, it is not configured to look in /config/ttn-lw-stack-docker.yml for configuration settings, so everything defaults to localhost. You could specify the config file using the -c option, but you shouldn’t be running ttn-lw-stack from your system PATH anyway, just from Docker.
I’m a little confused by your question though about installing ttn-lw-stack separately? I merely following the instructions from here: Configuration | The Things Stack for LoRaWAN
Which says to set up the folder structure w ttn-lw-stack-docker.yml inside config>stack
From there I changed all the necessary settings within that file (ie, set domains, sendgrid, certs, etc)
Then did the same for docker-compose.yml file (choose postgres, add any additional services, etc)
The result with a docker ps is 3 containers - redis, postgres and stack.
I ran ttn-lw-stack config | grep localhost because I saw somewhere on the forums that that would list all the localhosts left behind when running the above steps. However that does make sense that it is not configured to look at the settings in my config>stack>ttn-lw-stack-docker.yml file so it wouldn’t reflect the changes I made in the steps above.
If I run docker-compose run stack config | grep localhost now, with the containers already running the output shows --console.ui.gcs.base-url="http://localhost:1885/api/v3"
But that is likely because I had to manually add the following to my docker-compose.yml to get rid of the token refused error:
environment:
TTN_LW_BLOB_LOCAL_DIRECTORY: /srv/ttn-lorawan/public/blob
TTN_LW_REDIS_ADDRESS: redis:6379
# If using CockroachDB:
# TTN_LW_IS_DATABASE_URI: postgres://root@cockroach:26257/ttn_lorawan?sslmode=disable
# # If using PostgreSQL:
TTN_LW_IS_DATABASE_URI: postgres://root:root@postgres:5432/ttn_lorawan?sslmode=disable
TTN_LW_CONSOLE_UI_AS_BASE_URL: https://tts.mydomain.com/api/v3
TTN_LW_CONSOLE_UI_IS_BASE_URL: https://tts.mydomain.com/api/v3
TTN_LW_OAUTH_SERVER_ADDRESS: https://tts.mydomain.com/oauth
TTN_LW_IS_OAUTH_UI_CANONICAL_URL: https://tts.mydomain.com/oauth
TTN_LW_IS_OAUTH_UI_IS_BASE_URL: https://tts.mydomain.com/api/v3
TTN_LW_APPLICATION_SERVER_GRPC_ADDRESS: tts.mydomain.com
TTN_LW_DEVICE_CLAIMING_SERVER_GRPC_ADDRESS: tts.mydomain.com
TTN_LW_CONSOLE_OAUTH_AUTHORIZE_URL: http://tts.mydomain.com:1885/oauth/authorize
TTN_LW_CONSOLE_OAUTH_TOKEN_URL: http://tts.mydomain.com:1885/oauth/token
@descartes@benolayinka Unless I missed something, I didn’t notice any core differences in the config examples between open and enterprise. Outside of the obvious like multi-tenant.
