Setting up your Environment

Before setting up your Orchestra development environment, you need to have Docker properly set up and running on your machine.

Pull down the latest version branch of the Appliance project: `https://gitlab.com/ledr/core/dev-platform/appliance/`_

Inside the appliance folder up avial profile of your appliance using:

docker compose --profile="avial" up -d

Once you do that, create a .env file for the appliance at the root of the appliance folder. You only have to set APPLIANCE_AUTHORITY and APPLIANCE_AUTH variables. This is how your .env file would look like:

APPLIANCE_AUTHORITY=xxxxxxxxxxxx
APPLIANCE_AUTH=xxxxxxxxxxxx

To get the values, log into your appliance via Avu using:

docker exec -it $(appliance-avu-container-id) /bin/bash
rlwrap ./avu

Execute the root command and then the authorization command. Take the outputted hexadecimal string and put it in the .env file.

You can also set up the certificate fields if you wish! There is extensive documentation for the entire appliance in every compose file in the Appliance project!

Do not touch any variables other than `APPLIANCE_AUTHORITY, APPLIANCE_AUTH, and the AVESTERRA_CERTIFICATE_* variables that are under the certificate_manager service!`

Once the .env file is configured properly, start the orchestra profile of your appliance using, which includes maestro out of the box, using:

docker compose --profile="orchestra" up -d

Below is a sample .env for your appliance. You can find these well documented within the master branch of the appliance project: `https://gitlab.com/ledr/core/dev-platform/appliance/`_

######################
### APPLIANCE_AUTH ###

# This variable sets the target
# Avial/AvesTerra host for all Orchestra
# layer systems
APPLIANCE_HOST=appliance

# This variable sets the authorization code
# that all Orchestra layer systems will
# use to interact with the knowledge space
# hosted APPLIANCE_HOST
APPLIANCE_AUTH=5a5d61ce-e44c-4ecb-b9e6-5d57f22209xx

# Specifies the path, on the local filesystem, to your configured .netrc which stores secrets that can be passed to Docker
NETRC_PATH=~/.netrc

# The root authority, this can be optional.
# You can set this on inital project startup, if you wish for it to also be your default APPLIANCE_AUTH.
APPLIANCE_AUTHORITY=

######################


#################################
### AvesTerra/Avial Variables ###

# AvesTerra Release Number to use
AVESTERRA_RELEASE=24-02

# TCP Port, on the host, that the
# AvesTerra server will be listening
# on
AVESTERRA_PORT=20057

# Specifies where Docker containers
# should access their certificates
# from
# If set to 'Certificates', a Docker volume
# called Certificates will be created for
# storing/managing Avial Certificates
# If set to './Certificates', host directory
# called Certificates will be created for
# storing/managing Avial Certificates
CERTIFICATE_ORIGIN=Certificates

# Specifies where Docker containers
# should access their configuration
# files from
# If set to 'Local', a Docker volume
# called Local will be created for
# storing/managing Avial configuration scripts
# If set to './Local', a host directory
# called Local will be created for loading
# avial configuration scripts
LOCAL_ORIGIN=Local

# Specifies where Avial/AvesTerra containers
# should store their data
# If set to 'Data', a Docker volume
# called Data will be created for
# storing AvesTerra/Avial data
# If set to './Data', a host directory
# called Data will be created for storing
# Avial/AvesTerra
DATA_ORIGIN=Data

# Specifies where AvesTerra will
# put their Backups, if ENABLE_BACKUP
# is set to "1"
# If set to 'Backup', a Docker volume
# called Backup will be created for
# storing/managing Avial configuration scripts
# If set to './Backup', a host directory
# called Backup will be created for storing
# Avial/AvesTerra backups
BACKUP_ORIGIN=Backup

# Sets the maximum amount of processes
# that can concurrently execute in the
# counter
AVESTERRA_ULIMIT_NPROC=8192

# Sets the soft limit on the number of
# allowed concurrently open file descriptors
AVESTERRA_ULIMIT_SOFT=4096

# Sets the hard limit on the number of
# allowed concurrently open file descriptors
AVESTERRA_ULIMIT_HARD=8192

# Sets maximum number of queued connections
# you want on a listening socket
AVESTERRA_SOMAXCONN=4096

# Filter out information messages in adapters or not
# If set to 1, the filtering will occur
# If set to 0, the filtering will not occur, and the adapters/avesterra
# will store INFORMATIONAL messages...will take more MEMORY!
# It is recommended to leave this value as 0, unless you are
# operating in a production environment, because Avial/AvesTerra
# logs are all saved in memory...and memory usage can explode without
# filtering.  In a development environment...this shouldn't be an issue
# so information log filtering can be turned off
FILTER_INFORMATION_LOG=0

# Filter out information messages in adapters or not
# If set to 1, your AvesTerra Data will be backed up
# before AvesTerra starts
# If set to 0, AvesTerra Data will not be backed up
# up before AvesTerra starts
ENABLE_BACKUP=0

# Set RESTORE_POINT if you want to backup
# from RESTORE_POINT on the next reboot.
# I would recommend setting RESTORE_POINT to
# an empty string after restoring; if you don't
# then the restore point will be used again
# after you reboot after restoring....could
# delete valuable work.  Look in the Backup
# Volume for RESTORE_POINTS; they should
# have the .tar.gz extension
# The RESTORE_POINT should be set to the full
# name, with extension, of a RESTORE_POINT in
# the Backups volume.
RESTORE_POINT=""

#################################

###########################
### Certificate Manager ###

# If set to 1, generate a SELF-SIGNED certificate
# to access server from the Avial CSR
# If not set to 1 or set at all, an error message
# will emit from the Certificate Manager, asking
# you to send your server.csr, found in the Certificates
# volume or mounted host directory(./Certificates)
AVESTERRA_GENERATE_SELF_SIGNED_CERTIFICATE=1

# Set the COUNTRY(C) to use for Avial Certificate CSR creation
AVESTERRA_CERTIFICATE_COUNTRY=US

# Set the PROVINCE/STATE(ST) to use for Avial Certificate CSR creation
AVESTERRA_CERTIFICATE_STATE_OR_PROVINCE=Wisconsin

# Set the LOCALITY/CITY(L) to use for Avial Certificate CSR creation
AVESTERRA_CERTIFICATE_CITY=Madison

# Set the ORGANIZATION(O) to use for Avial Certificate CSR creation
AVESTERRA_CERTIFICATE_ORGANIZATION_NAME=LEDR

# Set the DEPT NAME/ORGANIZATION UNIT(OU) to use for Avial Certificate CSR creation
AVESTERRA_CERTIFICATE_ORGANIZATION_DEPT_NAME=Engineering

# Set the COMMON NAME(CN)/HOSTNAME to use for Avial Certificate CSR creation
AVESTERRA_CERTIFICATE_HOSTNAME=localhost

# Set the EMAIL(emailAddress) to use for Avial Certificate CSR creation
AVESTERRA_CERTIFICATE_OWNER_EMAIL=admin@ledr.io

###########################

################
### Explorer ###

# This variable controls which
# version of the explorer adapter
# will be utilized in this appliance
EXPLORER_RELEASE=XXXX

################

###############
### Maestro ###

# This variable controls which
# version of maestro that will be
# utilized in this appliance
MAESTRO_RELEASE=XXXX

# [prod|dev]
# Sets the operating mode of Maestro
# If set to 'prod', then AUTH won't be auto
# filled in the login page if operating
# in 'standalone' mode
# If set to 'dev', then AUTH will be auto
# filled in the login page if operating
# in 'standalone' mode
ENV=dev

# Sets the login mode of Maestro
# If set to 'standalone', then maestro
# will only allow logins via authorization
# If set to anything else, then Maestro will
# prompt the user for an identity username and
# password
LOGINMODE=standalone

# Sets the protocol that will be used
# by Maestro to interact with the WSS
# aka the Web Socket to TLS/TCP Socket
# translator
WSS_PROTOCOL=ws

# Sets the port that Maestro will
# use to interact with the WSS
# aka the Web Socket to TLS/TCP Socket
# translator
WSS_PORT=20058

# Sets the host that Maestro will call out to
# to resolve WSS requests
WSS_HOST=localhost

# The protocol that Maestro will use to
# to listen on the MAESTRO_APP_PORT and
# MAESTRO_CDN_PORT ports
# If 'http' is used, then Maestro will listen
# using the HTTP protocol
# If 'https' is used, then Maestro will listen
# using the HTTPS protocol
MAESTRO_PROTOCOL=http

# Sets the port that the Maestro container
# will use to serve the Maestro react app
MAESTRO_APP_PORT=8888

# Sets the port that the Maestro container
# will use to serve Maestro support content
MAESTRO_CDN_PORT=9999

###############

#############
### Mount ###

# This variable controls which
# version of the mount adapter
# will be utilized in this appliance
MOUNT_RELEASE=XXXX

#############

###########
### WSS ###

# This variable controls which
# version of the wss that will
# be utilized in this appliance
WSS_RELEASE=XXXX

# This variable controls where
# the non-volatile storage of the WSS
# certificates is located
# If set to WSS, then a Docker volume
# called WSS will be used to store the
# certificates
# If set to ./WSS, then a host mount
# called WSS will be used to store the
# certificates
WSS_SSL_ORIGIN=WSS

# The port that the WSS and its container
# will listen on
WSS_PORT=20058

# This variable disables or enables automatic
# certificate generation for the WSS
# If set to 1, a self signed certificate will
# be generated for the WSS
# If not set, then one must provide their own
# signed certificate for the WSS
WSS_GENERATE_SELF_SIGNED_CERTIFICATE=1

# The country to use for the WSS CSR(Certificate Signage Request)
# generation
WSS_CERTIFICATE_COUNTRY=US

# The state/province to use for the WSS CSR(Certificate Signage Request)
# generation
WSS_CERTIFICATE_STATE_OR_PROVINCE=Wisconsin

# The city to use for the WSS CSR(Certificate Signage Request)
# generation
WSS_CERTIFICATE_CITY=Madison

# The organization to use for the WSS CSR(Certificate Signage Request)
# generation
WSS_CERTIFICATE_ORGANIZATION_NAME=LEDR

# The department name to use for the WSS CSR(Certificate Signage Request)
# generation
WSS_CERTIFICATE_ORGANIZATION_DEPT_NAME=Engineering

# The host/common name to use for the WSS CSR(Certificate Signage Request)
# generation
WSS_CERTIFICATE_HOSTNAME=localhost

# The email to use for the WSS CSR(Certificate Signage Request)
# generation
WSS_CERTIFICATE_OWNER_EMAIL=admin@ledr.io

###########