brian7704 / opentakserver Goto Github PK

View Code? Open in Web Editor NEW

43.0 4.0 6.0 518 KB

Yet another open source TAK Server for ATAK, iTAK, and WinTAK

License: GNU General Public License v3.0

Python 89.13% Slice 10.73% Mako 0.13%

atak itak wintak

opentakserver's Issues

XMPP

Possibly integrate XMPP server into OTS for TAK Chat etc

Login doesnt work with Usernames < 4 Chars

xxxx = working
xxx = not working

User is anyway created in the DB.

Update server

Could you add a way to use the server to update plugins on EUDs

Integrate taky's pure Python certificate generation

https://github.com/tkuester/taky/blob/main/taky/util/anc.py

This will remove the jdk dependency as well as fix #16, #11, and #12.

MediaMTX integration for live video streams

Integrate with MediaMTX to support live video streams. Integrate with its API and create a video wall page in the web UI.

Associate EUD's with user accounts

Implement Flask-Migrate

https://flask-migrate.readthedocs.io/en/latest/

No path for truststore-root.jks

While reading the code around the use of keytool
I found that truststore-root.jks is placed in its "default" location

OpenTAKServer/opentakserver/certificate_authority.py

Line 86 in 4ff11d8

    
           'keytool -import -trustcacerts -file {} -keystore truststore-root.jks -alias {} -storepass {} -noprompt'

Also dude please "cd ~" not a fix, its a hack 🥲 please use absolute paths <3
you kinda doing it here

OpenTAKServer/opentakserver/certificate_authority.py

Line 103 in e94be22

    
           command = ('cd {} && openssl ca -config {} -gencrl -keyfile {} -passin pass:{} -cert {} -out {}'

but still "cd" should not be needed.

Issue #5 could be related to truststore-root.jks is not in the OTS_CA_FOLDER folder, but looks to default to ~

[Bug] Symbols in Video Source URI will be escaped/sanitized

When i add an Video Source with Parameters (RTMP Stream with Auth & Additional Data). The "&" will be escaped in "&amp"
Stream doesnt seem to work. In the Database its escaped too. So not just a UI Issue

'bcrypt' has no attribute 'about' in docker

When booting/starting ots in docker for the first time I get this error.
When booting again it works fine.

I don't have an config.yml first time I boot. ots is creating the default for me

Python 3.12.3
OTS: 1.1.4
docker base image: python:3.12 Debian bookworm based

ots-server  | Mumble auth not supported on this platform
ots-server  | (trapped) error reading bcrypt version
ots-server  | Traceback (most recent call last):
ots-server  |   File "/app/.opentakserver_venv/lib/python3.12/site-packages/passlib/handlers/bcrypt.py", line 620, in _load_backend_mixin
ots-server  |     version = _bcrypt.__about__.__version__
ots-server  |               ^^^^^^^^^^^^^^^^^
ots-server  | AttributeError: module 'bcrypt' has no attribute '__about__'

Python keystore over Java

Hi,

Would be nice if we could drop the javascript dependency for keytool :)
I'm no python programmer but found this :)

Pure-Python Java Keystore (JKS) library
https://pypi.org/project/pyjks/
https://pyjks.readthedocs.io/en/latest/

Manly asking so I don't need to include Java in the docker image I'm building for OTS.

There is a big difference in docker image size

ots based on python:3.12-slim = 413MB (Just have python)
ots based on python:3.12 = 1.96GB (need for build tools and JRE)

Disallow duplicate callsigns

Support for groups

Would love support for groups / group filter since my primary use for civtak is airsoft milsim and larping in my basement 😅🥳

So the option to create groups / teams would be greatly appreciated ♥️

Example:

Team blue can only see blue
Team red can only see red
Game master can see all

OG tak server groups
https://mytecknet.com/managing-users-and-groups/#intro-to-groups

Allow affiliations to be editable

Certificate authority creation fails on Windows

[2024-04-21 10:36:53] - OpenTAKServer[5656] - certificate_authority - INFO - Creating CA...
..+.+..+..........+..+....+.....+.........+.+..+....+.....+...+...............+.............+...+......+.....+......+...+.+.....+.+............+......+..+..........+..+.+.........+......+..............+.+..+..................+.+...........+....+...+...+.....+...+.+......+...............+..+++++++++++++++++++++++++++++++++++++++*.+.+......+..+...+++++++++++++++++++++++++++++++++++++++*...+..+....+...........+..........+........+..........+...+.....+...................+.....+...+.......+.....+......+...+..........+..+...+......+.+..+.+.........+..+................+..+.+.....+..........+.....+.+......+...+..+....+.....+...+.......+...+........+.......+........+....+.........+.....+............+...+.........+.+.....+.......+............+...........+.+......+........+....+...+..+............+....+............+...+...........+.+..+.+.....+......+...+...+....+.....+...+............++++++
.....+....+..+..........+...+......+..+....+......+++++++++++++++++++++++++++++++++++++++*............+++++++++++++++++++++++++++++++++++++++*.+...+..+..........+.................+.+..............+.+..+...+......+..................+.+.....+....+........+...+.+.........+.........+..+...+..........+......+.........+.....+...+...................+.........+..+...+.......+............+........+...............+....+........+.......+...........+.........+..................+.......+...+...+.....+...+....+...........+.......+...+..............+...+...+.......+..+......+.......+...+...........+...+.+..+.......+..+......+.......+..+....+..+.......+...+............+..+..........+...+......+..+...+....+..+...+.......+.....+....+...........+...............+..................+................+............+.........+.....+...+.+...........+.+..+..........+..+.+..+...+...+....+...+...+.........+..+....+......+...........+....+...+.....+...+..................+......+...+.............+..+..........+..+.+.....+.........+......+............+.+......+......+.....+....+...+......+......+.........+.........+........+.......+......+...............+...........+....+..+...+.......+............+..+...+............+....+......+.....+......+...+.+...+..+.+.....+...+....+............+........+......+.+......+............+...+..+......+......+.+..+......+.......+.........+.........+...........+.+...+......+..............+.......+..+......+.+.....+..................+.............+..+...+...+............+...+......+...+...............+.+.........+...+...+..+...+.+.....+.+..............+....+..+.......+.....+.......+.....+....+..+...+....+........+.............+..+.......+...+..+.......+.....+.+.........+......+.....+..........++++++
-----
Providers:
  default
    name: OpenSSL Default Provider
    version: 3.3.0
    status: active
Picked up _JAVA_OPTIONS: -Xmx2048M
Certificate was added to keystore
Using configuration from C:\Users\NotAdmin\ots\ca\ca_config.cfg
...+...+...+..+......................+.....+...+...+....+......+.....+....+.....+++++++++++++++++++++++++++++++++++++++*..+...+.+.........+.....+..................+.........+.+..+...+....+++++++++++++++++++++++++++++++++++++++*....+...+.......+..+...+....+...+.....+...+....+........+.+..+...+.+.........+......+.....+....+..+.........+.........+.+...+........+.........+....+.........+..+.........+.+........+.............+..+......+...............+.......+..+..................+...+....+...+.........+...+..+....+.........+...+...+.....+................+.....+...+...+....+..............+....+..+.............+...+.....+.........................+..+...+.......+..+...+.+.................+...+......+...+...++++++
...........+.............+..+....+..+...+....+..+.+..+.+.........+.....+......+++++++++++++++++++++++++++++++++++++++*.........+..+......+.............+..+.......+...+...+.....+.+.....+++++++++++++++++++++++++++++++++++++++*...+...+............+.......................+.............+.....+.........+.+...........+.+..+.+.....+....+..+.+..+.......+.........+.........+.................+....+..+...+.+......+.....+...+......+...+............++++++
-----
Certificate request self-signature ok
subject=C=WW, ST=XX, L=YY, O=ZZ, OU=OpenTAKServer, CN=opentakserver
Providers:
  default
    name: OpenSSL Default Provider
    version: 3.3.0
    status: active
The system cannot find the path specified.
Traceback (most recent call last):
  File "<frozen runpy>", line 198, in _run_module_as_main
  File "<frozen runpy>", line 88, in _run_code
  File "C:\users\notadmin\ots\.venv\Lib\site-packages\opentakserver\app.py", line 198, in <module>
    app = create_app()
          ^^^^^^^^^^^^
  File "C:\users\notadmin\ots\.venv\Lib\site-packages\opentakserver\app.py", line 173, in create_app
    init_extensions(app)
  File "C:\users\notadmin\ots\.venv\Lib\site-packages\opentakserver\app.py", line 79, in init_extensions
    ca.create_ca()
  File "C:\users\notadmin\ots\.venv\Lib\site-packages\opentakserver\certificate_authority.py", line 119, in create_ca
    self.issue_certificate("opentakserver", True)
  File "C:\users\notadmin\ots\.venv\Lib\site-packages\opentakserver\certificate_authority.py", line 200, in issue_certificate
    raise Exception("Failed to import key. Exit code {}".format(exit_code))
Exception: Failed to import key. Exit code 1

Let's Encrypt

Using Let's Encrypt certificates on the HTTPS server works fine with ATAK. Try to figure out if Let's Encrypt certs can be used for the SSL socket. Also there should be a way in the api/web ui for the user to easily get a Let's Encrypt cert if they're using a domain name.

Add a way to delete things from the map

Don't allow the @ character in passwords

When viewing RTSP streams, the url is rtsp://username:password@serveraddress:8554/path. If there is an @ symbol in the password it will cause an invalid URL. Probably should also prohibit the semicolon for the same reason.

Feature suggestion - SDR feed injection into OTS

Suggestion for adding the ability to inject various SDR feeds into OTS.

RTL SDR audio listening
Dump 1090 server connection to injection of ADS-B traffic
APRS-IS server connection for injecting APRS traffic
Proscan server connection for listening to an audio feed from a networked Uniden scanner...proscan.org

Add Traccar support

Connect to Traccar's websocket and save the tracker data it sends. Also add an API route to accept data from the Android and iOS Traccar clients directly.

OTS installer gets 403 Forbidden error during Zeroc repo fetch

During the automated installation of OTS, there appears to be an error related to accessing the Zeroc.com repository. A 403 Forbidden error is generated during the installation when trying to fetch the appropriate ICE version download.

Allow custom icon sets

Possible bug preventing comms (Group & DMs) from ATAK/WinTAK clients back through RabbitMQ to stand-alone Meshtastic clients.

Friendly reminder to check code for possible bug that would prevent messages from progressing from ATAK or WinTAK clients, back through OTS / RabbitMQ to reach stand-alone Meshtastic clients that are not connected to OTS directly via the Meshtastic plugin in ATAK. AKA EUDs that are running Meshtastic app only, not ATAK.

Add federation support

Error 415 when uploading a data package through the UI

The Content-Type header for zip files can be different on different devices or browser. When a data package get uploaded, OTS only checks for Content-Type application/x-zip-compressed, but there are several other valid values for zip file content type. See this Stack Overflow post for different values.

Add TTL to messages published to RabbitMQ

Also add OTS_RABBITMQ_TTL option.

channel.basic_publish(
    exchange='',
    routing_key='hello_world',
    properties=pika.BasicProperties(
        expiration='60000',
    ),
    body='my message'
)

Possible bug in data package generation may lead to connection failures to OpenTAKServer

Data package generation may be inserting the wrong path to certificate locations. This could lead to a failure to correctly import the certificates when installing the data package on an ATAK EUD.

Error sending data package from one EUD to another

The data package gets uploaded to the server but the receiving EUD can't download it and reports the error in the screenshot.

Error creating configuration data packages

Data packages are successfully created the first time the Generate Configuration Data Package button is clicked in the UI. However if the data package is deleted and the user wants to recreate it, it fails with the error below. Restarting OpenTAKServer allows the data package to be successfully recreated.

sh: 0: getcwd() failed: No such file or directory
.+.........+.+.....................+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*.......+.......+..+.+...............+..............+....+..............+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*..................+.+.........+..+...+...+.............+.........+..+.+........+.+....................+...+......+.+..................+..+.+...+..+.........+.........+.+..............+......+...............+.+...+.....+.+...+........+.........+.+...+............+..+...+.............+..+...+.+......+..+.+.........+..+....+.....+.+........+......+....+.....+.......+...+..+.+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
.........+...+...+.+......+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*..+.......+......+......+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*.......+....+..+.........+.+............+....................+.+......+.....+.............+...+..+......+.+........+......+.+......+........+......+.+.........+......+...+...............+..+..................+....+...+.....+.......+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
-----
sh: 0: getcwd() failed: No such file or directory
Certificate request self-signature ok
subject=C = WW, ST = XX, L = YY, O = ZZ, OU = OpenTAKServer, CN = administrator
sh: 0: getcwd() failed: No such file or directory
Providers:
  default
    name: OpenSSL Default Provider
    version: 3.0.2
    status: active
sh: 0: getcwd() failed: No such file or directory
[2024-04-14 20:48:23] - OpenTAKServer[704041] - certificate_authority - INFO - keytool -importkeystore -deststorepass atakatak -destkeypass atakatak -destkeystore /home/administrator/ots/ca/certs/administrator/administrator.jks -srckeystore /home/administrator/ots/ca/certs/administrator/administrator.p12 -srcstoretype PKCS12 -srcstorepass atakatak -alias administrator
sh: 0: getcwd() failed: No such file or directory

/bin/sh: 1: cd: getcwd() failed: No such file or directory

Error occurred during initialization of VM
java.lang.Error: Properties init: Could not determine current working directory.
        at jdk.internal.util.SystemProps$Raw.platformProperties(java.base/Native Method)
        at jdk.internal.util.SystemProps$Raw.<init>(java.base/SystemProps.java:248)
        at jdk.internal.util.SystemProps.initProperties(java.base/SystemProps.java:54)
        at java.lang.System.initPhase1(java.base/System.java:2146)

[2024-04-14 20:48:23] - OpenTAKServer[704041] - api - ERROR - Traceback (most recent call last):
  File "/home/administrator/.opentakserver_venv/lib/python3.10/site-packages/opentakserver/blueprints/api.py", line 233, in certificate
    filenames = ca.issue_certificate(username, False)
  File "/home/administrator/.opentakserver_venv/lib/python3.10/site-packages/opentakserver/certificate_authority.py", line 199, in issue_certificate
    raise Exception("Failed to import key. Exit code {}".format(exit_code))
Exception: Failed to import key. Exit code 1

Api Invalid Token

I am building a new Frontend for the ots api but at each turn i am getting "invalid token" and "unauthorized as response"

what could be the issue i habve attached my code below. This smae request works with postman.

export const getEUDSWithBasicAuth = async (csrfToken) => {
//console.log(csrfToken)
const username = 'administrator';
const password = 'password';
const basicAuth = 'Basic ' + btoa(username + ':' + password);

try {
const response = await api.get('/eud', {
withCredentials: true,
headers: {
'Authorization': basicAuth,
//'XSRF-TOKEN': ${csrfToken},
"XSRF-TOKEN":"ImI5N2ExZTVkZWM5YTVmZWFkYTE0ZmFlMzIzNWRkODA5YTcwODFlMDgi.ZmqvSw.YnmEd_Qx1iYASXa1QdD-ISUB-KE"
}
});

print(response)

return response;

} catch (error) {
console.error("Error status:", error?.response?.status);
console.error("Error data:", error?.response?.data);
throw error;
}
};

Add OTS_LISTENER_IP option

For some of us that's trying to do more complex setups, it would be helpful
if we could bind flask app to 0.0.0.0 or an ip instead of 127.0.0.1

OTS_LISTENER_IP=x.x.x.x

https://github.com/brian7704/OpenTAKServer/blob/9250cea242f97b76e2c8b9833623512e9195cb9d/opentakserver/app.py#L291C62-L291C79

Support for environment variables

To continue #23

If you are gonna anything big with the config system, please consider support for ENV
it even support a default value.

https://www.geeksforgeeks.org/python-os-getenv-method/

Unable to fetch or push data packages

When connected to an opentakserver, EUD is unable to push or query data packages to/from server. Found all network connectivity settings and ensured the device was able to connect to 8443 on the server through the NGINX proxy. The EUD's return code for data package query is:

Data Package Search Failed
Socket is closed

Attempting to run this from ATAK client on two different Debian 12 opentakservers, one with Let's Encrypt certificates and one with the generated self-signed certificates.

Add a way to delete users

SQLAlchemy warnings

/home/administrator/.opentakserver_venv/lib/python3.10/site-packages/opentakserver/models/EUD.py:76: SAWarning: Multiple rows returned with uselist=False for lazily-loaded attribute 'EUD.data_packages'
  'data_packages': self.data_packages.to_json(False) if include_data_packages and self.data_packages else None,
/home/administrator/.opentakserver_venv/lib/python3.10/site-packages/opentakserver/models/EUD.py:59: SAWarning: Multiple rows returned with uselist=False for lazily-loaded attribute 'EUD.certificate'
  if self.certificate and self.certificate.data_package:

brian7704 / opentakserver Goto Github PK

opentakserver's Issues

Recommend Projects

Recommend Topics

Recommend Org