From bab4d5bed205fcb9fcdbf9ac19d1a94a53c7565e Mon Sep 17 00:00:00 2001
From: kev <vimagick@gmail.com>
Date: Mon, 27 May 2024 11:56:02 +0800
Subject: [PATCH] update nanomq

---
 nanomq/data/etc/acl.conf    | 10 ++++++++++
 nanomq/data/etc/nanomq.conf |  4 ++--
 nanomq/data/etc/pwd.conf    |  1 +
 3 files changed, 13 insertions(+), 2 deletions(-)
 create mode 100644 nanomq/data/etc/acl.conf
 create mode 100644 nanomq/data/etc/pwd.conf

diff --git a/nanomq/data/etc/acl.conf b/nanomq/data/etc/acl.conf
new file mode 100644
index 0000000..2f4a471
--- /dev/null
+++ b/nanomq/data/etc/acl.conf
@@ -0,0 +1,10 @@
+rules = [
+  ## Allow MQTT client using username "dashboard"  to subscribe to "$SYS/#" topics
+  {"permit": "allow", "username": "dashboard", "action": "subscribe", "topics": ["$SYS/#"]}
+
+  ## Deny "All Users" subscribe to "$SYS/#" "#" Topics
+  {"permit": "deny", "username": "#", "action": "subscribe", "topics": ["$SYS/#", "#"]}
+
+  ## Allow any other publish/subscribe operation
+  {"permit": "allow"}
+]
diff --git a/nanomq/data/etc/nanomq.conf b/nanomq/data/etc/nanomq.conf
index 8dac3b7..0468f34 100644
--- a/nanomq/data/etc/nanomq.conf
+++ b/nanomq/data/etc/nanomq.conf
@@ -57,8 +57,8 @@ auth {
         max_size = 32
         ttl = 1m
     }
-    # password = {include "/etc/nanomq_pwd.conf"}
-    # acl = {include "/etc/nanomq_acl.conf"}
+    password = {include "/etc/nanomq/pwd.conf"}
+    acl = {include "/etc/nanomq/acl.conf"}
 }
 
 sqlite {
diff --git a/nanomq/data/etc/pwd.conf b/nanomq/data/etc/pwd.conf
new file mode 100644
index 0000000..9b3cde9
--- /dev/null
+++ b/nanomq/data/etc/pwd.conf
@@ -0,0 +1 @@
+username:password