gortium/infra
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
master
infra/.planning/phases/05-tak-research/05-01-RESEARCH.md
Thierry Pouplier 58f7dd65f1 feat(05-01): OpenTAKServer selected for TAK server implementation 
- Comprehensive research of TAK-compatible open-source implementations
- Comparison of FreeTAKServer, OpenTAKServer, and TAK Product Center Server
- Selected OpenTAKServer for feature richness and Docker deployment support
- Documented research findings and implementation plan
2026-01-01 18:25:30 -05:00

265 lines
9.4 KiB
Markdown
Raw Permalink Blame History

# Phase 5: TAK Server Research & Selection - Research Report
## Executive Summary
This research report evaluates open-source TAK-compatible server implementations for deployment in the NixOS infrastructure. Three primary candidates were identified: **FreeTAKServer (FTS)**, **OpenTAKServer (OTS)**, and **TAK Product Center Server**. Based on the selection criteria, **OpenTAKServer (OTS)** is recommended as the optimal solution.
## Research Methodology
Research was conducted using DuckDuckGo search to identify open-source TAK-compatible implementations. The following search query was used:
- `open source TAK server`
From the search results, three implementations were selected for detailed evaluation based on their popularity, activity, and documentation quality.
## Implementation Comparison
### 1. FreeTAKServer (FTS)
**GitHub Repository**: https://github.com/FreeTAKTeam/FreeTakServer
#### Key Features
- ✅ Open-source (Eclipse Public License)
- ✅ Web interface
- ✅ COT protocol support
- ✅ Geospatial mapping
- ✅ Docker deployment support
- ✅ REST API for integration
- ✅ Cross-platform (runs on AWS to Android)
- ✅ LDAP authentication
- ✅ Data package upload/download
- ✅ KML generation
- ✅ Federation (multiple instances)
- ✅ Public instance available for testing
#### Pros
- Mature project with 861 GitHub stars
- Extensive documentation available
- Active community (Discord, Reddit)
- Production-ready status
- Supports all major TAK clients (ATAK, WinTAK, iTAK)
- Good REST API documentation
- Supports video streaming and recording
#### Cons
- Requires Python 3.11
- Complex setup with multiple dependencies
- Some features require commercial plugins
- Web UI could be more modern
#### Deployment Requirements
- Python 3.11
- Dependencies: Flask, lxml, SQLAlchemy, eventlet
- Docker support available
- Can run from single-node to multi-node AWS deployments
### 2. OpenTAKServer (OTS)
**GitHub Repository**: https://github.com/brian7704/OpenTAKServer
#### Key Features
- ✅ Open-source (GPL-3.0)
- ✅ Web interface with live map
- ✅ COT protocol support
- ✅ Geospatial mapping
- ✅ Docker deployment support
- ✅ SSL authentication
- ✅ LDAP/Active Directory authentication
- ✅ Two-factor authentication (TOTP/email)
- ✅ Video streaming integration (MediaMTX)
- ✅ Mumble server authentication
- ✅ Data sync/mission API
- ✅ Client certificate enrollment
- ✅ Groups/channels support
- ✅ Plugin update server
- ✅ ADS-B and AIS data streaming
#### Pros
- Most feature-rich implementation
- Excellent web UI with live map
- Supports video streaming from multiple sources
- Modern authentication options (2FA, LDAP, certificates)
- Easy installation scripts for multiple platforms
- Good documentation
- Active development (recent release: 1.7.0, Dec 2025)
- Designed to run on servers and SBCs (Raspberry Pi)
- MediaMTX integration for professional video streaming
#### Cons
- Requires RabbitMQ and OpenSSL
- More complex architecture
- Larger resource footprint
- GPL license may be restrictive for some use cases
#### Deployment Requirements
- Python 3.10+
- RabbitMQ
- OpenSSL
- MediaMTX (for video streaming)
- Docker image available
- Installation scripts for Ubuntu, Raspberry Pi, Rocky 9, Windows, macOS
### 3. TAK Product Center Server
**GitHub Repository**: https://github.com/TAK-Product-Center/Server
#### Key Features
- ✅ Open-source (Distribution A - Approved for Public Release)
- ✅ Enterprise-grade TAK server
- ✅ Designed for DoD and JADC2 architectures
- ✅ Federation support
- ✅ Data access and encryption
- ✅ Broker and storage capabilities
- ✅ Available on DoD Iron Bank
#### Pros
- Official TAK Product Center implementation
- Highest security standards (DoD approved)
- Designed for production enterprise use
- Available in hardened container format
- Future plans for public container registries
#### Cons
- ❌ No web interface mentioned
- ❌ No Docker deployment details in GitHub
- ❌ Limited documentation available
- ❌ Designed primarily for DoD use cases
- ❌ Requires TAK.gov account for downloads
- ❌ Less community activity (191 stars)
- ❌ No clear installation instructions for civilian use
#### Deployment Requirements
- Enterprise-grade hardware
- Complex configuration
- DoD security requirements
- TAK.gov account required
## Selection Criteria Evaluation
### Must Have Requirements
| Criteria | FTS | OTS | TAK Product Center |
|----------|-----|-----|-------------------|
| Open-source license | ✅ | ✅ | ✅ |
| Web interface | ✅ | ✅ | ❌ |
| COT protocol support | ✅ | ✅ | ✅ |
| Geospatial mapping | ✅ | ✅ | ✅ |
| Docker deployment support | ✅ | ✅ | ❌ |
### Nice to Have Requirements
| Criteria | FTS | OTS | TAK Product Center |
|----------|-----|-----|-------------------|
| Active maintenance | ✅ | ✅ | ✅ |
| Good documentation | ✅ | ✅ | ❌ |
| Community support | ✅ | ✅ | ❌ |
| REST API for integration | ✅ | ✅ | ✅ |
| Mobile client availability | ✅ | ✅ | ✅ |
## Recommendation
**OpenTAKServer (OTS)** is the optimal choice for this implementation for the following reasons:
1. **Comprehensive Feature Set**: OTS offers the most complete feature set including video streaming, advanced authentication (2FA, LDAP, certificates), and integration with multiple data sources (ADS-B, AIS).
2. **Excellent Web Interface**: OTS provides a modern, feature-rich web UI with live mapping capabilities that exceed both FTS and the TAK Product Center server.
3. **Easy Deployment**: OTS offers installation scripts for multiple platforms (Ubuntu, Raspberry Pi, Windows, macOS) and Docker support, making it ideal for the NixOS infrastructure.
4. **Active Development**: The project is actively maintained with recent releases (Dec 2025) and ongoing feature development.
5. **Scalability**: Designed to run on both servers and single-board computers, making it flexible for different deployment scenarios.
6. **Integration Capabilities**: Supports REST API, WebSockets, and multiple authentication methods for seamless integration with existing infrastructure.
### Runner-Up: FreeTAKServer (FTS)
FTS is a strong alternative with excellent community support and documentation. It would be suitable if:
- Simpler deployment is preferred
- Extensive REST API usage is planned
- Production-ready status is a priority
### Not Recommended: TAK Product Center Server
While this is the official implementation, it lacks critical features for this use case:
- No web interface
- Limited documentation
- Complex deployment requirements
- Designed primarily for DoD environments
- No clear Docker deployment path
## Implementation Plan
### Deployment Strategy
1. **Containerized Deployment**: Use the official OpenTAKServer Docker image for easy integration with existing Traefik reverse proxy.
2. **Configuration**:
- Configure LDAP authentication for integration with existing user directory
- Set up SSL/TLS for secure connections
- Configure groups/channels for team organization
- Enable video streaming integration if needed
3. **Integration**:
- Add to docker_manager.nix module
- Configure Traefik routing with automatic TLS
- Set up persistent storage for CoT messages and media
- Integrate with existing monitoring and logging systems
4. **Testing**:
- Verify COT protocol connectivity from ATAK/iTAK/WinTAK clients
- Test web interface functionality
- Validate authentication and authorization
- Confirm geospatial mapping features work correctly
### Configuration Requirements
- **Docker**: Official OTS Docker image
- **Network**: TCP ports for COT protocol and web interface
- **Storage**: Persistent volumes for CoT data and media files
- **Dependencies**: RabbitMQ (can be co-located)
- **Authentication**: LDAP or Active Directory integration
- **TLS**: Let's Encrypt certificates via Traefik
### Timeline Estimate
- **Research Completion**: Immediate (this report)
- **Decision Finalized**: Ready for approval
- **Implementation Ready**: After decision approval
- **Deployment**: 1-2 weeks after approval
## Risk Assessment
### Risks
1. **License Compatibility**: GPL-3.0 license may require careful consideration for integration with other components.
2. **Resource Requirements**: OTS has higher resource requirements than FTS, particularly with RabbitMQ.
3. **Complexity**: More features mean more configuration complexity.
### Mitigation Strategies
1. **License**: Review GPL-3.0 compatibility with existing infrastructure components.
2. **Resources**: Monitor resource usage and scale accordingly. Consider separating RabbitMQ into its own container.
3. **Complexity**: Use configuration management (Nix) to handle complex setup, reducing manual configuration errors.
## Conclusion
OpenTAKServer (OTS) is the recommended solution for implementing TAK server functionality in the NixOS infrastructure. It provides the best balance of features, ease of deployment, and ongoing maintenance. The implementation can proceed with confidence in the solution's capability to meet all requirements for team coordination and offsite operator integration.
## Next Steps
1. Approve the selection of OpenTAKServer
2. Begin Phase 6 implementation planning
3. Create Docker Compose configuration for OTS
4. Set up persistent storage requirements
5. Integrate with docker_manager.nix module
6. Configure Traefik routing and TLS
7. Test COT protocol functionality
---
*Research completed: 2026-01-01*
*Report version: 1.0*
*Recommended solution: OpenTAKServer (OTS)*
Reference in New Issue View Git Blame Copy Permalink