ChangelogDownloads
HomeGuidesChangelog
ChangelogDownloadsSupportMulti-service IoT Edge GatewaysEUROTECH
Guides
SupportMulti-service IoT Edge GatewaysEUROTECH
These docs are for v7.3.0. Click to read the latest docs for v7.6.0.

Generic Profiles

Suggest Edits

ESF Generic Profiles are ESF installers that do not contain gateway specific customisations.
Generic profiles can be downloaded from ESF download page, and have the following filename patterns:

Installer typeWith Network Management SupportWithout Network Management Support
Debianesf-generic_<ESF version>_<arch>.debesf-generic-nn_<ESF version>_<arch>.deb
RPMesf-generic-<ESF version>-1.<arch>.rpmesf-generic-nn-<ESF version>-1.<arch>.rpm

Where <arch> is one of the supported architectures, for example x86_64, arm32, and arm64.

A generic ESF profile can work on systems that have available the dependencies listed in the packages dependencies section, and that have at least one physical Ethernet interface.

Profiles with network management support include an integration with NetworkManager; a commonly available tool for managing Linux networking. ESF leverages this tool for network configuration functionalities.

Installers with the nn are profiles without network management support that do not bundle the ESF Network Manager: all the network configurations need to be done outside of ESF. Functionalities missing in NN profiles compared to the full ESF profiles:

  • Networking interfaces configuration
  • Firewall configuration management
  • Network Threat management

📘

Note

Profiles without network management fully support network communication (e.g. establishing a connection to a cloud platform). They do not support configuring network interfaces (e.g. setting the IP address). In this case network configuration must be performed with external tools.

Initial network configuration

During the installation of a generic profile with network management support, the initial network configuration will be generated dynamically using the the rules described below:

  • The existing wired and wireless Ethernet network interface names are sorted in ascending lexicographic order.

  • The first wired Ethernet interface in the list will be configured as follows:

    • Status: Enabled for WAN
    • Configure: Using DHCP

  • All other network interfaces will be disabled.

For example, if the system contains the following wired Ethernet interfaces: eth0, eth1, eth2 and a wireless Ethernet interface named wlan0, then eth0 will be enabled for WAN in DHCP client mode, and all other network interfaces will be disabled.

Initial firewall configuration

The initial firewall configuration will be as shown in the screenshot below, eth0 and wlan0 should be replaced with the first wired and wireless Ethernet interface in the lexicographic ordering. The rules for tun0 are meant to allow access to SSH and ESF Web UI from a VPN connection.

🚧

Warning

Please note that installing an ESF generic profile with network configuration support will replace the current network and firewall configuration with the one shown above

Other ESF services

As said before, ESF generic profiles do not contain gateway specific customizations, this implies that the values of some configuration parameters may be incorrect and/or missing and must be manually filled after installation, for example the user might want to:

  • Configure the other network interfaces, if any.
  • Setup additional firewall rules.
  • Edit the /opt/eurotech/esf/framework/jdk.dio.properties with the correct GPIO mappings.
  • Set the device GPS port in the configuration of PositionService serial provider.

Package dependencies

To have all the ESF features working, the following dependencies are required:

General: setserial, zip, gzip, unzip, procps, usbutils, socat, gawk, sed, inetutils-telnet, mmc-utils (optional).

Security: polkit or policykit-1, ssh or openssh, openssl, busybox, openvpn.

Bluetooth: bluez or bluez5, bluez-hcidump or bluez5-noinst-tools.

Time: ntpdate, chrony, chronyc, cron or cronie.

Networking (only needed for profiles with network management support): network-manager or networkmanager, bind9 or bind, dnsmasq or isc-dhcp-server or (dhcp-server and dhcp-client), iw, iptables, modemmanager, hostapd, wpa-supplicant, ppp, iproute2.

Logs: logrotate.

Ansible: ansible or python-ansible or python3-ansible or python3-ansible-core.

Gps: gpsd.

Fail2ban & AIDE: python3-systemd or python-systemd, libpam-modules or pam-plugin-succeed-if, python3-fail2ban or python-fail2ban or fail2ban, aide.

Python: python3 or python.

Java: openjdk-8-jre-headless or temurin-8-jdk or openjdk-17-jre-headless or temurin-17-jdk or zulu-jre-x86-64 or zulu-17-jre-x86-64 or zulu-jre-arm or zulu-17-jre-arm or zulu-jre-8 or zulu-jre-17.

Others (only for DEB installers): dos2unix, libtirpc3.

Updated over 1 year ago