Merge branch 'main' into development

mbuckton · web-flow · commit 92c5c980c9e2 · 2025-11-14T11:19:57.000+11:00
diff --git a/PROTOCOLS.md b/PROTOCOLS.md
@@ -0,0 +1,174 @@
+# Supported Protocols and Management Interfaces
+
+This document summarizes the client-facing and management/admin protocols supported by the Maps Messaging Server, with code and configuration pointers. All ports are configurable; values below reflect the defaults in the provided config files.
+
+
+## Discovery and bootstrapping
+- Protocols are discovered via ServiceLoader:
+  - Protocol implementations: src/main/java/io/mapsmessaging/network/protocol/impl/**/* (registered via ProtocolImplFactory)
+  - Endpoint/transport servers: src/main/java/io/mapsmessaging/network/io/impl/**/* (registered via EndPointServerFactory)
+- Feature flags gate loading (see SubSystemManager and NetworkManager):
+  - Protocols: feature "protocols.<name>" (e.g., protocols.mqtt, protocols.nats)
+  - Network transports: feature "network.<name>" (e.g., network.tcp, network.udp)
+- YAML configuration drives listeners and defaults:
+  - Network endpoints: src/main/resources/NetworkManager.yaml (and NetworkManagerDocker.yaml)
+  - REST API: src/main/resources/RestApi.yaml
+  - JMX, system topics, etc.: src/main/resources/MessageDaemon.yaml
+  - Auth: src/main/resources/AuthManager.yaml
+
+
+## Client-facing protocols
+
+### MQTT v3.1.1
+- Implementation: src/main/java/io/mapsmessaging/network/protocol/impl/mqtt/*
+  - Factory: MQTTProtocolFactory.java (declares "MQTT version 3.1.1")
+- Default endpoints (NetworkManager.yaml):
+  - tcp://:::1883/ (protocol: mqtt)
+  - ssl://0.0.0.0:1892/ (protocols: mqtt, ws) — MQTT over WebSocket supported here
+- Authentication: username/password (Connect), enforced via AuthManager (JAAS). TLS optional.
+
+### MQTT v5.0
+- Implementation: src/main/java/io/mapsmessaging/network/protocol/impl/mqtt5/*
+  - Factory: MQTT5ProtocolFactory.java (declares "MQTT version 5.0")
+- Endpoints: same listener types as MQTT 3.1.1 when configured for mqtt in YAML.
+- Authentication: username/password and optional enhanced auth; TLS optional.
+
+### AMQP 1.0
+- Implementation: src/main/java/io/mapsmessaging/network/protocol/impl/amqp/*
+  - Uses Apache Qpid Proton-J (pom.xml: org.apache.qpid:proton-j)
+  - Factory: AMQPProtocolFactory.java
+- Default endpoints (NetworkManager.yaml):
+  - tcp://0.0.0.0:5672/ (protocol: amqp)
+  - ssl://0.0.0.0:5692/ (protocol: amqp)
+- Authentication: SASL (PLAIN/ANONYMOUS etc.) via Proton; per-endpoint SASL config supported (EndPointServerConfigDTO.saslConfig). TLS optional.
+- WebSocket subprotocol: "amqp" when ws/wss is enabled (see WebSocket section below).
+
+### STOMP 1.1/1.2
+- Implementation: src/main/java/io/mapsmessaging/network/protocol/impl/stomp/*
+  - Supported versions: 1.1 and 1.2 (BaseConnectListener.java)
+  - Factory: StompProtocolFactory.java
+- Default endpoints (NetworkManager.yaml):
+  - tcp://0.0.0.0:8674/ (protocols: stomp, ws)
+  - ssl://0.0.0.0:8695/ (protocols: stomp, wss)
+- Authentication: login/passcode headers (anonymous if not supplied), enforced via AuthManager. TLS optional.
+- WebSocket subprotocols: v10.stomp, v11.stomp, v12.stomp.
+
+### NATS (v2.0)
+- Implementation: src/main/java/io/mapsmessaging/network/protocol/impl/nats/*
+  - Factory: NatsProtocolFactory.java
+  - getVersion() returns "2.0"
+- Default endpoint (NetworkManager.yaml):
+  - tcp://0.0.0.0:4222/ (protocol: nats)
+- Authentication: optional user/pass in CONNECT; enforced via AuthManager. TLS optional.
+
+### CoAP (RFC 7252/7641/7959)
+- Implementation: src/main/java/io/mapsmessaging/network/protocol/impl/coap/*
+  - Factory: CoapProtocolFactory.java (notes RFCs)
+- Default endpoints (NetworkManager.yaml):
+  - udp://0.0.0.0:5683/ (protocol: coap)
+  - dtls://0.0.0.0:5684/ (protocol: coap)
+- Transport/auth: UDP and DTLS supported; DTLS configurable in YAML.
+
+### MQTT-SN v1.2 and v2.0
+- Implementation: src/main/java/io/mapsmessaging/network/protocol/impl/mqtt_sn/* (v1_2, v2_0)
+  - Factory: MQTT_SNProtocolFactory.java
+  - Interface manager: MQTTSNInterfaceManager.java (selects v1.2 or v2.0 based on CONNECT)
+- Default endpoints (NetworkManager.yaml):
+  - udp://0.0.0.0:1884/ (protocol: mqtt-sn)
+  - dtls://0.0.0.0:1886/ (protocol: mqtt-sn)
+- Transport/auth: UDP/DTLS; username/password optional; DTLS configurable.
+
+### WebSocket (RFC 6455, encapsulation)
+- Implementation: src/main/java/io/mapsmessaging/network/protocol/impl/websockets/*
+  - Factory: WebSocketProtocolFactory.java; handshake in Connecting.java
+  - Subprotocols supported (when allowed by endpoint protocols): mqtt, amqp, v10.stomp, v11.stomp, v12.stomp
+- Endpoints: enabled when endpoint "protocols" includes ws (or wss). Examples in NetworkManager.yaml:
+  - ssl://0.0.0.0:1892/ (protocols: mqtt, ws)
+  - tcp://0.0.0.0:8674/ (protocols: stomp, ws)
+
+### LoRaWAN Semtech UDP gateway
+- Implementation: src/main/java/io/mapsmessaging/network/protocol/impl/semtech/*
+  - Factory: SemTechProtocolFactory.java
+  - Config DTO: dto/rest/config/protocol/impl/SemtechConfigDTO.java (maps inbound/outbound/status topics)
+- Endpoint: UDP port is user-configurable (commonly 1700). Not enabled by default in NetworkManager.yaml; add a UDP endpoint with protocol: semtech.
+
+### NMEA-0183 (serial)
+- Implementation: src/main/java/io/mapsmessaging/network/protocol/impl/nmea/*
+- Example (commented) in NetworkManager.yaml shows serial usage:
+  - serial://ttyUSB0,9600,8,N,1/ with protocol: NMEA-0183
+
+
+## Transports / listeners
+- TCP: src/main/java/io/mapsmessaging/network/io/impl/tcp/* (TCPEndPointServerFactory)
+- SSL/TLS: src/main/java/io/mapsmessaging/network/io/impl/ssl/*
+- UDP: src/main/java/io/mapsmessaging/network/io/impl/udp/*
+- DTLS: src/main/java/io/mapsmessaging/network/io/impl/dtls/*
+- Serial: src/main/java/io/mapsmessaging/network/io/impl/serial/*
+- LoRa: src/main/java/io/mapsmessaging/network/io/impl/lora/*
+- Proxy Protocol: EndPointConfigDTO supports proxyProtocolMode and allowedProxyHosts
+
+
+## Default endpoints/ports (from NetworkManager.yaml)
+- MQTT: tcp://:::1883/ (mqtt)
+- MQTT + WebSocket (TLS): ssl://0.0.0.0:1892/ (mqtt, ws)
+- NATS: tcp://0.0.0.0:4222/ (nats)
+- STOMP: tcp://0.0.0.0:8674/ (stomp, ws)
+- STOMP TLS: ssl://0.0.0.0:8695/ (stomp, wss)
+- AMQP: tcp://0.0.0.0:5672/ (amqp)
+- AMQP TLS: ssl://0.0.0.0:5692/ (amqp)
+- MQTT-SN: udp://0.0.0.0:1884/ (mqtt-sn)
+- MQTT-SN DTLS: dtls://0.0.0.0:1886/ (mqtt-sn)
+- CoAP: udp://0.0.0.0:5683/ (coap)
+- CoAP DTLS: dtls://0.0.0.0:5684/ (coap)
+- Docker example (NetworkManagerDocker.yaml): tcp://0.0.0.0:9000/ (protocol: all → amqp, mqtt, stomp, nats, ws)
+
+
+## Authentication
+- Central manager: src/main/java/io/mapsmessaging/auth/AuthManager.java; config in src/main/resources/AuthManager.yaml
+  - JAAS-based; requires -Djava.security.auth.login.config=<path> at runtime when authenticationEnabled=true
+  - On first boot, creates initial users (admin/user) with random passwords under MAPS_DATA/.security
+- Protocol-level:
+  - MQTT 3/5: username/password in CONNECT; v5 supports enhanced auth (AuthenticationContext)
+  - STOMP: login/passcode headers; if absent, attempts anonymous
+  - NATS: user/pass in CONNECT
+  - AMQP: SASL via Proton; per-endpoint SASL (EndPointServerConfigDTO.saslConfig)
+- TLS/DTLS available for endpoints (NetworkManager.yaml → global.security.tls/dtls), with optional client-certificate requirements
+- Proxy Protocol support at endpoint level (EndPointConfigDTO: proxyProtocolMode, allowedProxyHosts)
+
+
+## Management and administration
+- REST API (Jersey/Grizzly)
+  - Base path: /api/v1 (src/main/java/io/mapsmessaging/rest/api/Constants.java)
+  - Config: src/main/resources/RestApi.yaml; code: src/main/java/io/mapsmessaging/rest/RestApiServerManager.java
+  - Default: http://0.0.0.0:8080 (TLS optional via RestApi.yaml)
+  - Swagger/OpenAPI enabled by default; endpoints registered in MapsRestServerApi.java and other resources under io.mapsmessaging.rest.api.impl.*
+  - Health endpoints:
+    - /health (plain text): src/main/java/io/mapsmessaging/rest/api/impl/ConsulHealth.java
+    - /api/v1/server/health and /api/v1/server/status (JSON): ServerDetailsApi.java
+  - Other: /api/v1/ping, plus auth/destination/interface/schema/device/logging/ML endpoints when enabled
+- JMX
+  - Enabled by default (MessageDaemon.yaml: EnableJMX: true). Beans under io.mapsmessaging.admin, network.*.jmx, etc.
+- Jolokia (JMX over HTTP)
+  - Optional bridge; default disabled (src/main/resources/jolokia.yaml, default port 8778)
+- Metrics
+  - Exposed via JMX; a Prometheus JMX exporter mapping is provided at src/main/resources/prometheus_config.yml
+- Discovery/Registration
+  - Consul integration registers endpoint metadata (MessageDaemon.buildMetaData; ConsulManagerFactory)
+
+
+## Key code entry points
+- Bootstrap: src/main/java/io/mapsmessaging/MessageDaemon.java
+- Subsystems: src/main/java/io/mapsmessaging/SubSystemManager.java
+- Network manager: src/main/java/io/mapsmessaging/network/NetworkManager.java
+- Endpoint URL parsing: src/main/java/io/mapsmessaging/network/EndPointURL.java
+- EndPoint config packing/unpacking: src/main/java/io/mapsmessaging/config/network/EndPointConfigFactory.java
+
+
+## Configuration files
+- Network endpoints and protocol defaults: src/main/resources/NetworkManager.yaml
+- Docker example: src/main/resources/NetworkManagerDocker.yaml
+- REST API: src/main/resources/RestApi.yaml
+- Message daemon (JMX, system topics, compression, etc.): src/main/resources/MessageDaemon.yaml
+- Authentication: src/main/resources/AuthManager.yaml
+- Jolokia: src/main/resources/jolokia.yaml
+- Prometheus JMX exporter mapping: src/main/resources/prometheus_config.yml
diff --git a/src/main/docker/Dockerfile b/src/main/docker/Dockerfile
@@ -57,4 +57,4 @@ EXPOSE 9000/tcp 8080/tcp 8778/tcp 4222/tcp  1883/tcp \
 
 VOLUME /data
 
-CMD su -c "ulimit -n 100000 && ./maps-%%MAPS_VERSION%%/bin/startDocker.sh" messaginguser
+CMD su -c "ulimit -n 100000 && ./maps-%%MAPS_VERSION%%/bin/startDocker.sh" messaginguser
diff --git a/src/main/docker/arm/Dockerfile b/src/main/docker/arm/Dockerfile
@@ -1,31 +1,15 @@
 # syntax=docker/dockerfile:1
 
-#
 #
 # Copyright [ 2020 - 2024 ] [Matthew Buckton]
 # Copyright [ 2024 - 2025 ] [Maps Messaging B.V.]
 #
-#   Licensed under the Apache License, Version 2.0 (the "License");
-#   you may not use this file except in compliance with the License.
-#   You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-#   Unless required by applicable law or agreed to in writing, software
-#   distributed under the License is distributed on an "AS IS" BASIS,
-#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#   See the License for the specific language governing permissions and
-#   limitations under the License.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# http://www.apache.org/licenses/LICENSE-2.0
 #
 
-#----------------------------------------------------------------------------------------------
-# Base: Alpine (ARM64)
-#----------------------------------------------------------------------------------------------
-FROM arm64v8/alpine:3.22.1
+FROM alpine:3.22.1
 
-#----------------------------------------------------------------------------------------------
-# Locale + Java home + PATH
-#----------------------------------------------------------------------------------------------
 ENV LANG=en_US.UTF-8 \
     LANGUAGE=en_US:en \
     LC_ALL=en_US.UTF-8 \
@@ -84,11 +68,4 @@ EXPOSE 9000/tcp 8080/tcp 8778/tcp 4222/tcp  1883/tcp \
 #----------------------------------------------------------------------------------------------
 VOLUME /data
 
-#----------------------------------------------------------------------------------------------
-# Run as non-root from install dir
-#----------------------------------------------------------------------------------------------
-USER messaginguser
-WORKDIR /maps-%%MAPS_VERSION%%
-
-# Increase file descriptors and start
-CMD sh -lc 'ulimit -n 100000 && ./bin/startDocker.sh'
+CMD su -c "ulimit -n 100000 && ./maps-%%MAPS_VERSION%%/bin/startDocker.sh" messaginguser
diff --git a/src/main/java/io/mapsmessaging/network/protocol/impl/satellite/gateway/protocol/SatelliteGatewayProtocol.java b/src/main/java/io/mapsmessaging/network/protocol/impl/satellite/gateway/protocol/SatelliteGatewayProtocol.java
@@ -127,7 +127,7 @@ public SatelliteGatewayProtocol(@NonNull @NotNull EndPoint endPoint, @NotNull @N
     }
     namespacePath = config.getNamespace();
     if(namespacePath == null || namespacePath.isEmpty()){
-      namespacePath = "/incoming/{mailboxId}/{deviceId}";
+      namespacePath = "/incoming/{mailboxId}/{deviceId}/{sin}";
     }
     namespacePath = namespacePath.replace("{deviceId}", primeId);
     namespacePath = namespacePath.replace("{mailboxId}", config.getMailboxId());
@@ -328,7 +328,10 @@ public void handleIncomingMessage(MessageData message) throws ExecutionException
     System.arraycopy(raw, 2, tmp, 0, tmp.length);
     SatelliteMessage satelliteMessage = new SatelliteMessage(sin, tmp);
     if(satelliteMessage.isRaw()){
-      publishMessage(satelliteMessage.getMessage(), namespacePath, null);
+      String path = namespacePath;
+      int val = sin & 0xff;
+      path = path.replace("{sin}", String.valueOf(val));
+      publishMessage(satelliteMessage.getMessage(), path, null);
     }
     else {
       satelliteMessage = messageRebuilder.rebuild(satelliteMessage);
diff --git a/src/main/java/io/mapsmessaging/stats/ServerStatsPopulator.java b/src/main/java/io/mapsmessaging/stats/ServerStatsPopulator.java
@@ -26,7 +26,7 @@ public static ServerStats collect(String serverId, String serverName, String lic
     stats.setServerName(serverName);
     stats.setServerId(serverId);
     stats.setLicenseId(licenseId);
-    stats.setTimestamp(System.currentTimeMillis() / 1000L);
+    stats.setTimestamp(System.currentTimeMillis());
 
     stats.setVersion(buildVersionInfo(serverVersion));
     stats.setMemory(buildMemoryStats());
diff --git a/src/main/scripts/startDocker.sh b/src/main/scripts/startDocker.sh
@@ -70,6 +70,4 @@ java -classpath $CLASSPATH $JAVA_OPTS \
     -DConsulToken="${CONSUL_TOKEN}" \
     -Djava.security.auth.login.config="${MAPS_CONF}/jaasAuth.config" \
     -DMAPS_HOME="${MAPS_HOME}" \
-    io.mapsmessaging.MessageDaemon
-
-
+    io.mapsmessaging.MessageDaemon

Original file line number	Diff line number	Diff line change
`@@ -57,4 +57,4 @@ EXPOSE 9000/tcp 8080/tcp 8778/tcp 4222/tcp 1883/tcp \`
`57`	`57`
`58`	`58`	`VOLUME /data`
`59`	`59`
`60`		`-CMD su -c "ulimit -n 100000 && ./maps-%%MAPS_VERSION%%/bin/startDocker.sh" messaginguser`
	`60`	`+CMD su -c "ulimit -n 100000 && ./maps-%%MAPS_VERSION%%/bin/startDocker.sh" messaginguser`