Create your own TAK Server in the Cloud or at Home
Why are we talking about TAK on an amateur radio blog?
One of the big uses for amateur radio is disaster preparedness. Disaster relief efforts require a degree of communciation and coordination between different individuals and different groups to be successful. TAK (Tactical Awareness Kit) allows us to do just that. I also have some big plans for TAK and getting it in the amateur radio universe, so this will be the first blog in the series.
Requirements:
- Ubuntu 22.04 Server or Debian 12 (At home OR in the Cloud)
- 8G RAM
- Download the TAK Docker Server Zip
A DoD employee can get the latest version at TAK.gov
Anyone can grab the opensource version from GitHub – TAK-Product-Center/Server: TAK Server
A Note on Cloud VPS Providers
I recommend using HostHatch, which can be found here: Create new server — HostHatch LLC. The minimum required ram for TAK is 8GB, and an 8GB monthly server there will only run about 9$ a month. Linode will cost you $48 for that much ram. DigitalOcean may also be an option. DigitalOcean will also run you $48 a month for this much ram.
Installation
This assumes you have a working Ubuntu 22.04 or Debian 12 install at this point, and have sudo installed. (apt-get install sufo) as root if needed.
Prerequsites
First, we will do updates, and install the tools we will need. We will get everthing we need to do as root over with first.
sudo apt-get update -y
export PATH=$PATH:/sbin
sudo apt install sudo openssh-server git unzip zip net-tools python3 wget -y
sudo apt -y install apt-transport-https ca-certificates curl gnupg2 software-properties-common
sudo service ssh start
sudo service ssh enableCreate / Setup User
Create a non root user and add it to the sudo group to work with. I will be calling this user “takusr”, but you may call it whatever you wish. Assign a password when asked. We will also add this new user to the sudo group.
sudo adduser takusr
sudo adduser takusr sudoNext we will create a docker group, and add our new user to it. Remember to replace “takusr” with your user.
sudo groupadd docker
sudo usermod -aG docker takusrInstall Docker
Now we will use a docker install script, and enable docker
sudo curl -fsSL https://get.docker.com -o get-docker.sh
sudo sh get-docker.sh
sudo systemctl enable --now dockerOpen needed ports
Now we will open the ports that TAK uses. As I’m unsure if anyone reading is using iptables or ufw as their OS firewall, I will put both. You may run all of this, but just know the one you don’t have will just return errors. Keep in mind, if you are doing this from home, you will need to port forward on the router side to allow external access via the itnernet.
sudo ufw allow 5432/tcp
sudo ufw allow 80/tcp
sudo ufw allow 8089/tcp
sudo ufw allow 8443/tcp
sudo ufw allow 8446/tcp
sudo ufw allow 9000/tcp
sudo ufw allow 9001/tcp
sudo iptables -I INPUT -p tcp --dport 5432 -j ACCEPT
sudo iptables -I INPUT -p tcp --dport 80 -j ACCEPT
sudo iptables -I INPUT -p tcp --dport 8089 -j ACCEPT
sudo iptables -I INPUT -p tcp --dport 8443 -j ACCEPT
sudo iptables -I INPUT -p tcp --dport 8446 -j ACCEPT
sudo iptables -I INPUT -p tcp --dport 9000 -j ACCEPT
sudo iptables -I INPUT -p tcp --dport 9001 -j ACCEPTInstalling TAK
Now that the legwork is done, we can get to business. We will swap over to our new user, and proceed from there. Again, make sure to use your user we created above. We will also add a path (because I had probelms with the install script when I didn’t)
su - takusr
export PATH=$PATH:/sbinNow we will grab the script from GitHub – Cloud-RF/tak-server: TAK Server docker setup, which is a “mostly” turn key solution. (So long as you did everything correctly above), and make ir executable.
git clone https://github.com/Cloud-RF/tak-server.git
cd tak-server
sudo chmod +x scripts/setup.shNow, we need to transfer the takserver docker bundle zip to your ubuntu/debian server into the fodder path: /home/yourtakuser/tak-server.
An Example of doing this from windows with SCP is as follows: (Executed form a comamnd prompt in the same directory as your TAK server ZIP)
scp takserver-docker-4.9-RELEASE-46.zip takusr@192.168.1.105:~/tak-serverThe “takserver-docker-x.x-RELEASE-xx.zip” file most go into /home/YOURUSER/tak-server BEFORE the next part. Otherwise, the entire process is basically scrapped, and you might as well start from a fresh OS. (Yes, it’s that finicky.)
We can now launch the Cloud-RF Tak installer, when prompted hit yes on the checksum warnings, answer the State/City Questios for certificate generation.
./scripts/setup.shGetting your Credentials / Certificates
After the stall is finished, the admin username and password will be displayed ONCE, make sure to write these down!
You can now access the certificates built during the install, you must download these off the server to use them. You can use FTP, SCP, or however you like, but that’s out of the scope of this guide.
The certificates are located in:
/home/YOURTAKUSER/tak-server/tak/certs/files/*
The installer also made 2 data packages for ATAK/WINTAK located here:
/home/YOURTAKUSER/tak-server/tak/certs/files/user1-185.213.26.23.dp.zip
Accessing your new Server
You should now be able to log into the web version of tak at: https://YOUR_SERVER_IP:8446/.
You can use your certificates to reach the server via SSL on port 8089.
Where do I find the admin.p12 certificate password??
oh default admin.p12 password is = atakatak