This example demonstrates how to configure and run the BaSyx AAS Web UI with multiple BaSyx infrastructures using YAML-based configuration.
This setup showcases:
- Infrastructure 1 (Secured BaSyx): A fully secured environment with Keycloak OAuth2 authentication
- Infrastructure 2 (Local BaSyx): A local development environment without authentication
Both infrastructures are preconfigured via the basyx-infra.yml file, allowing users to easily switch between them in the Web UI.
The example includes:
- Infrastructure 1: Complete BaSyx environment with AAS Environment, Registries, Discovery, and Keycloak
- Infrastructure 2: Simple local BaSyx setup (endpoints point to localhost services)
- MongoDB: Shared database for both infrastructures
- AAS Web UI: Single UI instance that can connect to both infrastructures
- Docker and Docker Compose installed
- Available ports: 3000, 27017, and various ports for BaSyx components
- Host entries configured for
*.basyx.localhostdomains
- Start all services:
docker-compose up -d-
Access the Web UI at http://localhost:3000
-
The UI will load with both infrastructures preconfigured:
- Secured BaSyx (default)
- Local BaSyx
-
Switch between infrastructures using the infrastructure selector in the settings menu
The basyx-infra.yml file defines both infrastructures:
infrastructures:
default: infra1 # Secured BaSyx is selected by default
infra1:
name: Secured BaSyx
components:
# Component URLs for Infrastructure 1
...
security:
type: oauth2
config:
flow: auth_code
issuer: "http://keycloak.basyx.localhost/realms/BaSyx"
clientId: "basyx-web-ui"
infra2:
name: Local BaSyx
components:
# Component URLs for Infrastructure 2
...
security:
type: noneThe docker-compose.yml mounts the configuration file into the container:
volumes:
- ./basyx-infra.yml:/basyx-infra.yml:ro
environment:
ENDPOINT_CONFIG_AVAILABLE: "true" # Allow users to edit infrastructures- Open the Web UI at http://localhost:3000
- Click the settings icon (gear) in the navigation bar
- Select "Infrastructure Management"
- Choose the desired infrastructure from the list
Infrastructure 1 uses Keycloak OAuth2 authentication:
- When accessing secured endpoints, you'll be redirected to Keycloak for login
- Use the credentials configured in Infrastructure 1's Keycloak setup
- After successful authentication, you'll be redirected back to the Web UI
Since ENDPOINT_CONFIG_AVAILABLE=true, users can:
- Edit the preconfigured infrastructures
- Add new custom infrastructures via the UI
- Delete infrastructures (custom ones only if configured)
User-added infrastructures are stored in browser localStorage and persist across sessions.
Stop all services:
docker-compose downTo also remove volumes:
docker-compose down -vEdit basyx-infra.yml to add more environments:
infrastructures:
default: infra1
infra1:
# ... existing config
infra2:
# ... existing config
infra3:
name: Staging Environment
components:
# ... staging component URLs
security:
type: basic
config:
username: "admin"
password: "admin123"Then restart the services:
docker-compose restart aas-web-uiTo prevent users from editing the preconfigured infrastructures, set:
environment:
ENDPOINT_CONFIG_AVAILABLE: "false"This makes the infrastructures read-only, and users cannot add custom ones.
Check the Web UI container logs:
docker logs aas-web-uiLook for messages about YAML processing and infrastructure configuration.
For Infrastructure 1 (Keycloak):
- Verify Keycloak is running:
docker ps | grep keycloak - Check Keycloak logs:
docker logs <keycloak-container> - Ensure the client ID "basyx-client" is configured in the BaSyx realm
- Verify redirect URIs include the Web UI URL
If components can't be reached:
- Verify all services are running:
docker-compose ps - Check service logs for errors
- Ensure host entries are configured for
*.basyx.localhost - Test component URLs directly in a browser