commit of work prior to forking the gatecounter stuff

2019-01-18 13:04:38 -05:00
parent b9c4931718
commit 1f77452e11
9 changed files with 802 additions and 14 deletions
--- a/38
+++ b/38
@@ -1,14 +1,24 @@
-            DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE
+This is free and unencumbered software released into the public domain.
-                    Version 2, December 2004
+
-
+Anyone is free to copy, modify, publish, use, compile, sell, or
- Copyright (C) 2004 Sam Hocevar <sam@hocevar.net>
+distribute this software, either in source code form or as a compiled
-
+binary, for any purpose, commercial or non-commercial, and by any
- Everyone is permitted to copy and distribute verbatim or modified
+means.
- copies of this license document, and changing it is allowed as long
+
- as the name is changed.
+In jurisdictions that recognize copyright laws, the author or authors
-
+of this software dedicate any and all copyright interest in the
-            DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE
+software to the public domain. We make this dedication for the benefit
-   TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
+of the public at large and to the detriment of our heirs and
-
+successors. We intend this dedication to be an overt act of
-  0. You just DO WHAT THE FUCK YOU WANT TO.
+relinquishment in perpetuity of all present and future rights to this
-
+software under copyright law.
 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
 EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
 MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
 IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR
 OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
 ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
 OTHER DEALINGS IN THE SOFTWARE.
 For more information, please refer to <https://unlicense.org>
--- a/README.md
+++ b/README.md
@@ -0,0 +1,43 @@
 # Gate Counter Dashboard
 This repository contains code to implement the [HCCC Library GateCounter](https://github.com/squash-/HCCC-Library-GateCounter-Scripts) with [Grafana](https://grafana.com/) for data display
 ## Before You Begin
 You will need a computer, preferably running Linux, but anything will do.  Download and install Docker and Docker-compose following the instructions for your OS
 * [Docker](https://www.docker.com/community-edition) (or [Docker Toolbox](https://docs.docker.com/toolbox/toolbox_install_windows/) if you do not have Windows 10 Professional or Enterprise.  See description below.)
 * [Docker-Compose](https://docs.docker.com/compose/install/)
 Please also, in a developer's text editor e.g. NotePad++ or Microsoft Visual Studio Code, read through docker-compose.yaml to make sure you understand it.  Before starting your stack, you will need to
 * Register for [DuckDNS](https://www.duckdns.org/) and have your subdomain name and token ready
 * Make sure ports 80 and 443 are accessible on your host machine and your machine has a connection to the Internet
 * Edit the files .env, .configs/traefik.toml, and .configs/grafana.ini, updating configuration values with your desired configuration
 * Run `docker-compose config` from this directory to doublecheck that docker-compose.yaml file contains no syntax errors and that all your options from .env were correctly filled in
 ## Creating Your Stack
 Run `docker-compose up -d` to start everything
 ## Starting/Stopping/Restarting your stack or parts of it
 To Stop or (re)Start a container in your stack without removing it, run `docker-compose stop grafana` replacing stop and grafana with the command and name of the container you wish to stop/start/restart.
 ## Updating Containers in Your Stack
 Run the following commands to update the images your containers use and recreate/restart the containers using them
 ```bash
 docker-compose pull
 docker-compose up -d
 docker image prune -f
 ```
 ## Removing a Single Container Without Removing Data Persisted in Docker Volumes
 Run `docker-compose rm -s grafana` replacing grafana with the name of the service you wish to stop and remove without removing its persistent data. `docker-compose rm -s -v grafana` will stop and remove the container and any unnamed (not specified in docker-compose.yaml file) volumes connected to it.  To remove just a named volume, run `docker volume rm grafana_provisioning` replacing grafana_provisioning with the name of the volume you want to remove.  You can view all volumes with `docker volume ls`.
 ## Removing Your Stack Completely
 Run `docker-compose down` to stop and remove all containers in your stack without removing their persistent data in named volumes.  You can run `docker-compose down -v` to remove all containers AND all named volumes.  **WARNING:** this will permanently remove data stored in docker volumes, but not data stored in mapped folders/files.  If you don't want to lose this data, either back it up first, or follow the instructions in the above section.
--- a/configs/grafana.ini
+++ b/configs/grafana.ini
@@ -0,0 +1,499 @@
 ##################### Grafana Configuration Example #####################
 #
 # Everything has defaults so you only need to uncomment things you want to
 # change
 # possible values : production, development
 ;app_mode = production
 # instance name, defaults to HOSTNAME environment variable value or hostname if HOSTNAME var is empty
 ;instance_name = ${HOSTNAME}
 #################################### Paths ####################################
 [paths]
 # Path to where grafana can store temp files, sessions, and the sqlite3 db (if that is used)
 ;data = /var/lib/grafana
 # Temporary files in `data` directory older than given duration will be removed
 ;temp_data_lifetime = 24h
 # Directory where grafana can store logs
 ;logs = /var/log/grafana
 # Directory where grafana will automatically scan and look for plugins
 ;plugins = /var/lib/grafana/plugins
 # folder that contains provisioning config files that grafana will apply on startup and while running.
 ;provisioning = conf/provisioning
 #################################### Server ####################################
 [server]
 # Protocol (http, https, socket)
 ;protocol = http
 # The ip address to bind to, empty will bind to all interfaces
 ;http_addr =
 # The http port  to use
 ;http_port = 3000
 # The public facing domain name used to access grafana from a browser
 ;domain = localhost
 # Redirect to correct domain if host header does not match domain
 # Prevents DNS rebinding attacks
 ;enforce_domain = false
 # The full public facing url you use in browser, used for redirects and emails
 # If you use reverse proxy and sub path specify full url (with sub path)
 ;root_url = http://localhost:3000
 # Log web requests
 ;router_logging = false
 # the path relative working path
 ;static_root_path = public
 # enable gzip
 ;enable_gzip = false
 # https certs & key file
 ;cert_file =
 ;cert_key =
 # Unix socket path
 ;socket =
 #################################### Database ####################################
 [database]
 # You can configure the database connection by specifying type, host, name, user and password
 # as separate properties or as on string using the url properties.
 # Either "mysql", "postgres" or "sqlite3", it's your choice
 ;type = sqlite3
 type = mysql
 ;host = 127.0.0.1:3306
 host = grafana-db:3306
 ;name = grafana
 ;user = root
 # If the password contains # or ; you have to wrap it with triple quotes. Ex """#password;"""
 ;password =
 password = yourDatabaseAdminPW
 # Use either URL or the previous fields to configure the database
 # Example: mysql://user:secret@host:port/database
 ;url =
 # For "postgres" only, either "disable", "require" or "verify-full"
 ;ssl_mode = disable
 # For "sqlite3" only, path relative to data_path setting
 ;path = grafana.db
 # Max idle conn setting default is 2
 ;max_idle_conn = 2
 # Max conn setting default is 0 (mean not set)
 ;max_open_conn =
 # Connection Max Lifetime default is 14400 (means 14400 seconds or 4 hours)
 ;conn_max_lifetime = 14400
 # Set to true to log the sql calls and execution times.
 log_queries =
 # For "sqlite3" only. cache mode setting used for connecting to the database. (private, shared)
 ;cache_mode = private
 #################################### Session ####################################
 [session]
 # Either "memory", "file", "redis", "mysql", "postgres", default is "file"
 ;provider = file
 # Provider config options
 # memory: not have any config yet
 # file: session dir path, is relative to grafana data_path
 # redis: config like redis server e.g. `addr=127.0.0.1:6379,pool_size=100,db=grafana`
 # mysql: go-sql-driver/mysql dsn config string, e.g. `user:password@tcp(127.0.0.1:3306)/database_name`
 # postgres: user=a password=b host=localhost port=5432 dbname=c sslmode=disable
 ;provider_config = sessions
 # Session cookie name
 ;cookie_name = grafana_sess
 # If you use session in https only, default is false
 ;cookie_secure = false
 # Session life time, default is 86400
 ;session_life_time = 86400
 #################################### Data proxy ###########################
 [dataproxy]
 # This enables data proxy logging, default is false
 ;logging = false
 #################################### Analytics ####################################
 [analytics]
 # Server reporting, sends usage counters to stats.grafana.org every 24 hours.
 # No ip addresses are being tracked, only simple counters to track
 # running instances, dashboard and error counts. It is very helpful to us.
 # Change this option to false to disable reporting.
 ;reporting_enabled = true
 # Set to false to disable all checks to https://grafana.net
 # for new vesions (grafana itself and plugins), check is used
 # in some UI views to notify that grafana or plugin update exists
 # This option does not cause any auto updates, nor send any information
 # only a GET request to http://grafana.com to get latest versions
 ;check_for_updates = true
 # Google Analytics universal tracking code, only enabled if you specify an id here
 ;google_analytics_ua_id =
 # Google Tag Manager ID, only enabled if you specify an id here
 ;google_tag_manager_id =
 #################################### Security ####################################
 [security]
 # default admin user, created on startup
 ;admin_user = admin
 # default admin password, can be changed before first start of grafana,  or in profile settings
 ;admin_password = admin
 # used for signing
 ;secret_key = SW2YcwTIb9zpOOhoPsMm
 # Auto-login remember days
 ;login_remember_days = 7
 ;cookie_username = grafana_user
 ;cookie_remember_name = grafana_remember
 # disable gravatar profile images
 ;disable_gravatar = false
 # data source proxy whitelist (ip_or_domain:port separated by spaces)
 ;data_source_proxy_whitelist =
 # disable protection against brute force login attempts
 ;disable_brute_force_login_protection = false
 #################################### Snapshots ###########################
 [snapshots]
 # snapshot sharing options
 ;external_enabled = true
 ;external_snapshot_url = https://snapshots-origin.raintank.io
 ;external_snapshot_name = Publish to snapshot.raintank.io
 # remove expired snapshot
 ;snapshot_remove_expired = true
 #################################### Dashboards History ##################
 [dashboards]
 # Number dashboard versions to keep (per dashboard). Default: 20, Minimum: 1
 ;versions_to_keep = 20
 #################################### Users ###############################
 [users]
 # disable user signup / registration
 ;allow_sign_up = true
 # Allow non admin users to create organizations
 ;allow_org_create = true
 # Set to true to automatically assign new users to the default organization (id 1)
 ;auto_assign_org = true
 # Default role new users will be automatically assigned (if disabled above is set to true)
 ;auto_assign_org_role = Viewer
 # Background text for the user field on the login page
 ;login_hint = email or username
 # Default UI theme ("dark" or "light")
 ;default_theme = dark
 # External user management, these options affect the organization users view
 ;external_manage_link_url =
 ;external_manage_link_name =
 ;external_manage_info =
 # Viewers can edit/inspect dashboard settings in the browser. But not save the dashboard.
 ;viewers_can_edit = false
 [auth]
 # Set to true to disable (hide) the login form, useful if you use OAuth, defaults to false
 ;disable_login_form = false
 # Set to true to disable the signout link in the side menu. useful if you use auth.proxy, defaults to false
 ;disable_signout_menu = false
 # URL to redirect the user to after sign out
 ;signout_redirect_url =
 # Set to true to attempt login with OAuth automatically, skipping the login screen.
 # This setting is ignored if multiple OAuth providers are configured.
 ;oauth_auto_login = false
 #################################### Anonymous Auth ##########################
 [auth.anonymous]
 # enable anonymous access
 ;enabled = false
 # specify organization name that should be used for unauthenticated users
 ;org_name = Main Org.
 # specify role for unauthenticated users
 ;org_role = Viewer
 #################################### Github Auth ##########################
 [auth.github]
 ;enabled = false
 ;allow_sign_up = true
 ;client_id = some_id
 ;client_secret = some_secret
 ;scopes = user:email,read:org
 ;auth_url = https://github.com/login/oauth/authorize
 ;token_url = https://github.com/login/oauth/access_token
 ;api_url = https://api.github.com/user
 ;team_ids =
 ;allowed_organizations =
 #################################### Google Auth ##########################
 [auth.google]
 ;enabled = false
 ;allow_sign_up = true
 ;client_id = some_client_id
 ;client_secret = some_client_secret
 ;scopes = https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/userinfo.email
 ;auth_url = https://accounts.google.com/o/oauth2/auth
 ;token_url = https://accounts.google.com/o/oauth2/token
 ;api_url = https://www.googleapis.com/oauth2/v1/userinfo
 ;allowed_domains =
 #################################### Generic OAuth ##########################
 [auth.generic_oauth]
 ;enabled = false
 ;name = OAuth
 ;allow_sign_up = true
 ;client_id = some_id
 ;client_secret = some_secret
 ;scopes = user:email,read:org
 ;auth_url = https://foo.bar/login/oauth/authorize
 ;token_url = https://foo.bar/login/oauth/access_token
 ;api_url = https://foo.bar/user
 ;team_ids =
 ;allowed_organizations =
 ;tls_skip_verify_insecure = false
 ;tls_client_cert =
 ;tls_client_key =
 ;tls_client_ca =
 ; Set to true to enable sending client_id and client_secret via POST body instead of Basic authentication HTTP header
 ; This might be required if the OAuth provider is not RFC6749 compliant, only supporting credentials passed via POST payload
 ;send_client_credentials_via_post = false
 #################################### Grafana.com Auth ####################
 [auth.grafana_com]
 ;enabled = false
 ;allow_sign_up = true
 ;client_id = some_id
 ;client_secret = some_secret
 ;scopes = user:email
 ;allowed_organizations =
 #################################### Auth Proxy ##########################
 [auth.proxy]
 ;enabled = false
 ;header_name = X-WEBAUTH-USER
 ;header_property = username
 ;auto_sign_up = true
 ;ldap_sync_ttl = 60
 ;whitelist = 192.168.1.1, 192.168.2.1
 ;headers = Email:X-User-Email, Name:X-User-Name
 #################################### Basic Auth ##########################
 [auth.basic]
 ;enabled = true
 #################################### Auth LDAP ##########################
 [auth.ldap]
 ;enabled = false
 ;config_file = /etc/grafana/ldap.toml
 ;allow_sign_up = true
 #################################### SMTP / Emailing ##########################
 [smtp]
 ;enabled = false
 ;host = localhost:25
 ;user =
 # If the password contains # or ; you have to wrap it with trippel quotes. Ex """#password;"""
 ;password =
 ;cert_file =
 ;key_file =
 ;skip_verify = false
 ;from_address = admin@grafana.localhost
 ;from_name = Grafana
 # EHLO identity in SMTP dialog (defaults to instance_name)
 ;ehlo_identity = dashboard.example.com
 [emails]
 ;welcome_email_on_sign_up = false
 #################################### Logging ##########################
 [log]
 # Either "console", "file", "syslog". Default is console and  file
 # Use space to separate multiple modes, e.g. "console file"
 ;mode = console file
 # Either "debug", "info", "warn", "error", "critical", default is "info"
 ;level = info
 # optional settings to set different levels for specific loggers. Ex filters = sqlstore:debug
 ;filters =
 # For "console" mode only
 [log.console]
 ;level =
 # log line format, valid options are text, console and json
 ;format = console
 # For "file" mode only
 [log.file]
 ;level =
 # log line format, valid options are text, console and json
 ;format = text
 # This enables automated log rotate(switch of following options), default is true
 ;log_rotate = true
 # Max line number of single file, default is 1000000
 ;max_lines = 1000000
 # Max size shift of single file, default is 28 means 1 << 28, 256MB
 ;max_size_shift = 28
 # Segment log daily, default is true
 ;daily_rotate = true
 # Expired days of log file(delete after max days), default is 7
 ;max_days = 7
 [log.syslog]
 ;level =
 # log line format, valid options are text, console and json
 ;format = text
 # Syslog network type and address. This can be udp, tcp, or unix. If left blank, the default unix endpoints will be used.
 ;network =
 ;address =
 # Syslog facility. user, daemon and local0 through local7 are valid.
 ;facility =
 # Syslog tag. By default, the process' argv[0] is used.
 ;tag =
 #################################### Alerting ############################
 [alerting]
 # Disable alerting engine & UI features
 ;enabled = true
 # Makes it possible to turn off alert rule execution but alerting UI is visible
 ;execute_alerts = true
 # Default setting for new alert rules. Defaults to categorize error and timeouts as alerting. (alerting, keep_state)
 ;error_or_timeout = alerting
 # Default setting for how Grafana handles nodata or null values in alerting. (alerting, no_data, keep_state, ok)
 ;nodata_or_nullvalues = no_data
 # Alert notifications can include images, but rendering many images at the same time can overload the server
 # This limit will protect the server from render overloading and make sure notifications are sent out quickly
 ;concurrent_render_limit = 5
 #################################### Explore #############################
 [explore]
 # Enable the Explore section
 ;enabled = false
 #################################### Internal Grafana Metrics ##########################
 # Metrics available at HTTP API Url /metrics
 [metrics]
 # Disable / Enable internal metrics
 ;enabled           = true
 # Publish interval
 ;interval_seconds  = 10
 # Send internal metrics to Graphite
 [metrics.graphite]
 # Enable by setting the address setting (ex localhost:2003)
 ;address =
 ;prefix = prod.grafana.%(instance_name)s.
 #################################### Distributed tracing ############
 [tracing.jaeger]
 # Enable by setting the address sending traces to jaeger (ex localhost:6831)
 ;address = localhost:6831
 # Tag that will always be included in when creating new spans. ex (tag1:value1,tag2:value2)
 ;always_included_tag = tag1:value1
 # Type specifies the type of the sampler: const, probabilistic, rateLimiting, or remote
 ;sampler_type = const
 # jaeger samplerconfig param
 # for "const" sampler, 0 or 1 for always false/true respectively
 # for "probabilistic" sampler, a probability between 0 and 1
 # for "rateLimiting" sampler, the number of spans per second
 # for "remote" sampler, param is the same as for "probabilistic"
 # and indicates the initial sampling rate before the actual one
 # is received from the mothership
 ;sampler_param = 1
 #################################### Grafana.com integration  ##########################
 # Url used to import dashboards directly from Grafana.com
 [grafana_com]
 ;url = https://grafana.com
 #################################### External image storage ##########################
 [external_image_storage]
 # Used for uploading images to public servers so they can be included in slack/email messages.
 # you can choose between (s3, webdav, gcs, azure_blob, local)
 ;provider =
 [external_image_storage.s3]
 ;bucket =
 ;region =
 ;path =
 ;access_key =
 ;secret_key =
 [external_image_storage.webdav]
 ;url =
 ;public_url =
 ;username =
 ;password =
 [external_image_storage.gcs]
 ;key_file =
 ;bucket =
 ;path =
 [external_image_storage.azure_blob]
 ;account_name =
 ;account_key =
 ;container_name =
 [external_image_storage.local]
 # does not require any configuration
 [rendering]
 # Options to configure external image rendering server like https://github.com/grafana/grafana-image-renderer
 ;server_url =
 ;callback_url =
 [enterprise]
 # Path to a valid Grafana Enterprise license.jwt file
 ;license_path =
--- a/configs/traefik.toml
+++ b/configs/traefik.toml
@@ -0,0 +1,86 @@
 debug = false
 logLevel = "ERROR"
 defaultEntryPoints = ["https","http"]
 [entryPoints]
  [entryPoints.http]
  address = ":80"
    [entryPoints.http.redirect]
    entryPoint = "https"
  [entryPoints.https]
  address = ":443"
  [entryPoints.https.tls]
  [entryPoints.traefik]
  address = ":8080"
 [retry]
 # Traefik logs
 # Enabled by default and log to stdout
 #
 # Optional
 #
 # [traefikLog]
 # Sets the filepath for the traefik log. If not specified, stdout will be used.
 # Intermediate directories are created if necessary.
 #
 # Optional
 # Default: os.Stdout
 #
 # filePath = "log/traefik.log"
 # Format is either "json" or "common".
 #
 # Optional
 # Default: "common"
 #
 # format = "common"
 # Enable access logs
 # By default it will write to stdout and produce logs in the textual
 # Common Log Format (CLF), extended with additional fields.
 #
 # Optional
 #
 # [accessLog]
 # Sets the file path for the access log. If not specified, stdout will be used.
 # Intermediate directories are created if necessary.
 #
 # Optional
 # Default: os.Stdout
 #
 # filePath = "/path/to/log/log.txt"
 # Format is either "json" or "common".
 #
 # Optional
 # Default: "common"
 #
 # format = "common"
 ################################################################
 # Web configuration backend
 ################################################################
 # Enable web configuration backend
 # https://docs.traefik.io/configuration/api/
 [api]
 entryPoint = "traefik"
 dashboard = true
 [docker]
 endpoint = "unix:///var/run/docker.sock" 
 domain = "yoursubdomain.duckdns.org"
 watch = true
 exposedbydefault = false
 [acme]
 email = "you@youremail.com"
 storage = "/etc/traefik/acme/acme.json"
 entryPoint = "https"
 OnHostRule = true
 [acme.dnsChallenge]
 provider = "duckdns"
--- a/docker-compose.yaml
+++ b/docker-compose.yaml
@@ -0,0 +1,133 @@
 version: '3.7' #specifies the version of the compose-file specification to use.  Refer to the compose-file reference for more info https://docs.docker.com/compose/compose-file/
 #this section specifies the various services that comprise the project
 services:
  #this service will be the mysql database that detections will be logged to
  gatecounter-db: #how this service will be referenced in this file
    image: yobasystems/alpine-mariadb:armhf
    container_name: gatecounter-db #how docker itself will refer to this service and the hostname it will be accessible from other services, defaults to the service name
    environment: #set environment variables for this service.  These will initialize a database
    #these environment variables will specify how the gate counter script will connect to the db to record data
      MYSQL_DATABASE: ${MYSQL_DB_NAME:-gatecounter}
      MYSQL_USER: ${MYSQL_USER:-gatecounter}
      MYSQL_PASSWORD: ${MYSQL_USER_PW:?a non-admin database password is requred.  Please edit .env with this value}
      MYSQL_ROOT_PASSWORD: ${MYSQL_ROOT_PW:?an admin database password is requred.  Please edit .env with this value}
      TZ: ${TZ:-America/New_York}
    volumes: #specify where data to be peristed will be stored on host and where it resides within the service
      - gatecounter-db:/config #left of the : is the name of a docker volume to store data in, right of it is where it is located in the service
      - ./sql:/docker-entrypoint-initdb.d
    restart: unless-stopped #keep this service running unless told explicitly to stop
    networks: #virtual network for services to connect to each other through. necessary to resolve their container_name to their virtual ip address
      - gatecounter
    labels: #can be used to communicate info about this service to other services
      - traefik.enable=false #tells traefik reverse proxy to ignore this container, do not proxy requests to it
    healthcheck: #this command is run periodically so docker can know whether or not this service is actually accessible.  Completely optional.
      test: ["CMD-SHELL", "mysqladmin -u ${MYSQL_USER:-gatecounter} -h 127.0.0.1 --password=${MYSQL_USER_PW:?a non-admin database password is requred.  Please edit .env with this value} ping || exit 1"]
      interval: 30s
      timeout: 10s
      retries: 5
    ports:
      - "3306:3306" #connects port 3306 of the host (left) to 3306 of this container (right) making it accessible to things outside of our docker virtual network
    expose:
      - "3306"
  grafana:
    image: grafana/grafana-arm32v7-linux
    container_name: grafana #redundant, would have defaulted to the service name anyway
    volumes:
      - ./configs/grafana.ini:/etc/grafana/grafana.ini #maps grafana.ini in this directory into the container
      - grafana_data:/var/lib/grafana
      - grafana_home:/usr/share/grafana
      - grafana_logs:/var/log/grafana
      - grafana_plugins:/var/lib/grafana/plugins
      - grafana_provisioning:/etc/grafana/provisioning
    labels:
      - traefik.enable=true #enable forwarding of http requests to this container
      - traefik.frontend.rule=Host:${GRAFANA_DOMAIN_NAME} #when a request is received for this domain...
      - traefik.backend=grafana #forward the request to this container...
      - traefik.port=3000 #on this port...
      - traefik.protocol=http #forwarding the request in plain http on the internal virtual network
    expose:
      - "3000" #makes this port accessible to other containers on the same network, but not availble directly on the host system
    depends_on: #specifies which containers must be up and running before this one can be started
      #- reverse-proxy
      - gatecounter-db
    environment: 
      GF_SERVER_ROOT_URL: https://${GRAFANA_DOMAIN_NAME}
      GF_SECURITY_ADMIN_PASSWORD: ${GRAFANA_ADMIN_PW:?an admin password is requred for Grafana.  Please edit .env with this value}
      GF_INSTALL_PLUGINS: ${GRAFANA_PLUGINS}
    networks:
      - gatecounter
  grafana-db: #how this service will be referenced in this file
    image: yobasystems/alpine-mariadb:armhf
    container_name: grafana-db #how docker itself will refer to this service and the hostname it will be accessible from other services, defaults to the service name
    environment: #set environment variables for this service.  These will initialize a database    #these environment variables will specify how the gate counter script will connect to the db to record data
      MYSQL_DATABASE: ${GRAFANA_DB_NAME:-grafana}
      MYSQL_ROOT_PASSWORD: ${GRAFANA_DB_ROOT_PW:?an admin database password is requred for grafana database.  Please edit .env with this value}
      TZ: ${TZ:-America/New_York}
    volumes: #specify where data to be peristed will be stored on host and where it resides within the service
      - grafana-db:/config #left of the : is the name of a docker volume to store data in, right of it is where it is located in the service
    restart: unless-stopped #keep this service running unless told explicitly to stop
    networks: #virtual network for services to connect to each other through. necessary to resolve their container_name to their virtual ip address
      - gatecounter
    labels: #can be used to communicate info about this service to other services
      - traefik.enable=false #tells traefik reverse proxy to ignore this container, do not proxy requests to it
    healthcheck: #this command is run periodically so docker can know whether or not this service is actually accessible.  Completely optional.
      test: ["CMD-SHELL", "mysqladmin -u $$MYSQL_USER --password=$$MYSQL_PASSWORD ping || exit 1"]
      interval: 30s
      timeout: 10s
      retries: 5
    expose:
      - "3306" #this database only needs to be accessible internally to grafana
  #this container makes sure a domain you register for free on https://duckdns.org always points to where this is running
  dynamic-dns: 
    image: lsioarmhf/duckdns
    container_name: duckdns
    environment: 
      SUBDOMAINS: ${DUCKDNS_SUBDOMAIN:?Please provide a duckdns subdomain for your project.  Please edit .env with this value} #replace with the domain you registered.
      TOKEN: ${DUCKDNS_TOKEN:?Please provide a duckdns token for your domain.  Please edit .env with this value} #the token duckDNS provides you for domain updates
      TZ: ${TZ:-America/New_York}
    labels:
      - traefik.enable=false #tells traefik reverse proxy to ignore this container, do not proxy requests to it
    restart: always #if this container stops for any reason, docker will restart it automatically
    networks:
      - default #put this service on the built-in docker bridge network
  reverse-proxy:
    image: traefik:latest
    container_name: traefik-gc #referenced in ./configs/traefik.toml by this name in [api] section
    restart: unless-stopped #Docker will automatically restart this container unless you intentionally stopped it
    ports:
      - 80:80
      - 443:443
      - 8080:8080 #admin web UI port
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock  #allows traefik to monitor for changes and to read labels
      - ./configs/traefik.toml:/etc/traefik/traefik.toml #traefik config file
      - traefik-cert-gc:/etc/traefik/acme/ #volume for storing LetsEncrypt cets
    #The following section allows you to deifne services which must be started before this service can start
    depends_on:
      - dynamic-dns
    environment:
      DUCKDNS_TOKEN: ${DUCKDNS_TOKEN:?Please provide a duckdns token for your domain.  Please edit .env with this value} #allows traefik to obtain ssl certs for your domain(s) automatically enabling you to use https for security
    networks:
      - gatecounter
 #this section specifies where data will be persisted between starts/stops/recreates, etc.  I will be using named docker volumes because that is the most portable
 #way to do this (you don't have to know about the directory structure of where you're going to run it), but you can map host system directories into your containers
 #if you so choose.  You can also specify options for them here.  
 volumes:
  gatecounter-db:
  grafana-db:
  traefik-cert-gc:
  grafana_data:
  grafana_home:
  grafana_logs:
  grafana_plugins:
  grafana_provisioning:
 #this section specifies virtual networks that will be used and any options you want to set for them
 networks:
  gatecounter:
--- a/gatecounter-scripts/LDRdbWriteGate.py
+++ b/gatecounter-scripts/LDRdbWriteGate.py
--- a/gatecounter-scripts/PIRdbWriteGate.py
+++ b/gatecounter-scripts/PIRdbWriteGate.py
--- a/gatecounter-scripts/UltraSonicdbWriteGate.py
+++ b/gatecounter-scripts/UltraSonicdbWriteGate.py
--- a/sql/db-init.sql
+++ b/sql/db-init.sql
@@ -0,0 +1,17 @@
 create table if not exists PIRSTATS (
 datetime DATETIME not NULL,
 gatecount INT,
 PRIMARY KEY (datetime)
 );
 create table if not exists ULTRASTATS (
 datetime DATETIME not NULL,
 gatecount INT,
 PRIMARY KEY (datetime)
 );
 create table if not exists LDRSTATS (
 datetime DATETIME not NULL,
 gatecount INT,
 PRIMARY KEY (datetime)
 );