Running The Things Stack

Now that all configuration is done, you are ready to initialize The Things Stack and start it!

Begin by opening a terminal prompt in the same directory as your docker-compose.yml file.

Initialization

The first time The Things Stack is started, it requires some initialization. Start by pulling the Docker images:

docker compose pull

Next, you need to initialize the database of the Identity Server:

docker compose run --rm stack is-db migrate

If you receive a permissions error, ensure you have correctly configured permissions for Docker Engine.

If you receive an error running The Things Stack, make sure a The Things Stack container isn’t already running. Use docker ps to see running containers.

For the Storage Integration available in The Things Stack Enterprise, the database of the Application Server needs to be initialized as well:

docker compose run --rm stack storage-db init

Network Operations Center, available in The Things Stack Enterprise, needs to be initialized with:

docker compose run --rm stack noc-db init

The Things Stack Enterprise requires a tenant to be present, even if multi-tenancy is not included in the license. You create a tenant with:

docker compose run --rm stack is-db create-tenant

This will take the tenancy.default-id Tenant ID from the configuration in ttn-lw-stack-docker.yml. To specify another Tenant ID, use the --id parameter.

Next, an initial admin user has to be created. Make sure the user ID is in lowercase and give it a good password.

docker compose run --rm stack is-db create-admin-user \
  --id admin \
  --email your@email.com

Note that for multi-tenant deployments you can create admin users for each tenant using the --tenant-id flag.

Then the command-line interface needs to be registered as an OAuth client:

docker compose run --rm stack is-db create-oauth-client \
  --id cli \
  --name "Command Line Interface" \
  --owner admin \
  --no-secret \
  --redirect-uri "local-callback" \
  --redirect-uri "code"

OAuth clients for the Console and Network Operations Center also need to be created in Identity Server so they can use the login functionality.

Create an OAuth client for the console (replace with your SERVER_ADDRESS and Console CLIENT_SECRET):

SERVER_ADDRESS=https://thethings.example.com
ID=console
NAME=Console
CLIENT_SECRET=console
REDIRECT_URI=${SERVER_ADDRESS}/console/oauth/callback
REDIRECT_PATH=/console/oauth/callback
LOGOUT_REDIRECT_URI=${SERVER_ADDRESS}/console
LOGOUT_REDIRECT_PATH=/console
docker compose run --rm stack is-db create-oauth-client \
  --id ${ID} \
  --name "${NAME}" \
  --owner admin \
  --secret "${CLIENT_SECRET}" \
  --redirect-uri "${REDIRECT_URI}" \
  --redirect-uri "${REDIRECT_PATH}" \
  --logout-redirect-uri "${LOGOUT_REDIRECT_URI}" \
  --logout-redirect-uri "${LOGOUT_REDIRECT_PATH}"

And then for the NOC (replace with your SERVER_ADDRESS and NOC CLIENT_SECRET):

SERVER_ADDRESS=https://thethings.example.com
ID=noc
NAME="Network Operations Center"
CLIENT_SECRET=noc
REDIRECT_URI=${SERVER_ADDRESS}/noc/oauth/callback
REDIRECT_PATH=/noc/oauth/callback
LOGOUT_REDIRECT_URI=${SERVER_ADDRESS}/noc
LOGOUT_REDIRECT_PATH=/noc
docker compose run --rm stack is-db create-oauth-client \
  --id ${ID} \
  --name "${NAME}" \
  --owner admin \
  --secret "${CLIENT_SECRET}" \
  --redirect-uri "${REDIRECT_URI}" \
  --redirect-uri "${REDIRECT_PATH}" \
  --logout-redirect-uri "${LOGOUT_REDIRECT_URI}" \
  --logout-redirect-uri "${LOGOUT_REDIRECT_PATH}"

The variables for the Console and NOC OAuth clients are repeated here:

Running The Things Stack

Start The Things Stack with:

docker compose up

This starts the stack, so you will see the stack logs being printed to your terminal. You can also start the stack in detached mode by adding -d to the command above. In that case you can get logs with docker compose logs.

With The Things Stack up and running, follow Console or Command-line Interface to proceed with the login, then continue with connecting gateways, creating devices and working with streaming data.