Versions Compared

Old Version 1

changes.mady.by.user Jared Diamond

Saved on

compared with

New Version Current

changes.mady.by.user Jared Diamond

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Once the container starts, wait approximately 60 seconds for Chariot to initialize, then open http://localhost:8080 in your browser. Log in with:
  • Username: admin
  • Password: the value you set for ADMIN_PASSWORD

...

Code Block
docker compose up -d

 

...

Port reference

PortProtocolPurpose
8080HTTPWeb UI and REST API
8443HTTPSSecure Web UI and REST API
1883MQTTStandard MQTT listener
8883MQTTSMQTT over TLS
8090WSMQTT over WebSocket
8091WSSMQTT over Secure WebSocket

You only need to expose the ports relevant to your deployment. If you are not using WebSocket clients, for example, omit ports 8090 and 8091.

...

Environment variable reference

General

VariableRequiredDefaultDescription
ACCEPT_EULAYesMust be true if configuration is desired. No configuration is applied if unset or set to any other value.
ADMIN_PASSWORDRecommendedpasswordPassword for the admin account.

MQTT users

Use MQTT_USERS to provision MQTT client accounts on first run. You can provide user definitions inline as a JSON array, or as a path to a JSON file mounted into the container.

...

The acl object controls which MQTT topics each user can publish to and subscribe from. Use ["#"] to grant access to all topics, or restrict access using standard MQTT wildcard patterns (+ for single level, # for multi-level).

Licensing

VariableRequiredDescription
LICENSE_TYPENoonline or floating. Omit to skip license activation.
LICENSE_KEYIf LICENSE_TYPE=onlineLicense key for online activation. Requires outbound internet access.
LICENSE_SERVERIf LICENSE_TYPE=floatingAddress of the floating license server.
LICENSE_PRODUCTIf LICENSE_TYPE=floatingProduct identifier for the floating license, either mqtt-server-ibsnow , mqtt-server , or `ibsnow`

Choosing a license type:

  • Online — Contacts Cirrus Link's license server at startup. Simplest option when outbound internet access is available.
  • Floating — Connects to a dedicated license server. Use this when managing multiple Chariot instances that share a license pool, or when you want centralized license control regardless of where your instances are deployed.

...

Code Block
SERVER_CONFIG='{"allowAnonymous":false,"port":1883,"securePort":8883}'

System configuration

VariableRequiredDefaultDescription
CHARIOT_SERVER_NAMENoDisplay name shown in the Web UI.
HTTP_PORTNo8080HTTP listener port for the Web UI and REST API.
HTTPS_PORTNo8443HTTPS listener port.
HTTPS_ENABLEDNoSet to true to enable HTTPS.

TLS / SSL setup

To enable TLS, mount your certificate files into the container and reference them by their container paths.

...

Code Block
environment:
  SETUP_SSL: "true"
  TLS_PRIVATE_KEY: /certs/privkey.pem
  TLS_CERTIFICATE: /certs/cert.pem
  TLS_CA_CHAIN: /certs/chain.pem


VariableRequired whenDescription
SETUP_SSLSet to true to enable TLS configuration.
TLS_PRIVATE_KEYSETUP_SSL=trueContainer path to the private key file (.pem).
TLS_CERTIFICATESETUP_SSL=trueContainer path to the certificate file (.pem).
TLS_CA_CHAINSETUP_SSL=trueContainer path to the CA chain file (.pem).


Info

All three TLS variables must be set together. If any are missing, the SSL step will log an error and skip. Once TLS is configured, HTTPS is available on port 8443 and MQTT over TLS on port 8883.

...

IBSnow connects Chariot to Snowflake for IoT data streaming. The variables below configure the integration on first run.

VariableDescription
IBSNOW_CONFIGJSON object merged onto the current IBSnow configuration. Include only the fields you want to override.
IBSNOW_SERVERSJSON array of MQTT server connections to create, or an absolute path to a JSON file.
IBSNOW_CERTSJSON array of absolute container paths to certificate files to upload (e.g. .p8, .pem).


Configuration example (common fields only — a full field reference will be available in the Chariot REST API documentation):

...

The sentinel key names and their corresponding environment variables are:

Sentinel keyTriggered by
backupBACKUP_FILE
adminPasswordADMIN_PASSWORD
licenseLICENSE_TYPE and related variables
serverConfigSERVER_CONFIG
ibsnowCertsIBSNOW_CERTS
ibsnowServersIBSNOW_SERVERS
ibsnowConfigIBSNOW_CONFIG
mqttUsersMQTT_USERS
sslSETUP_SSL and TLS_* variables
systemConfigCHARIOT_SERVER_NAME, HTTP_PORT, HTTPS_PORT, HTTPS_ENABLED

Health check

The image includes a built-in health check that polls the /eula REST endpoint every 30 seconds, with a 60-second grace period on startup and a 10-second timeout. After three consecutive failures, Docker marks the container as unhealthy.

...