1
0
mirror of https://github.com/vimagick/dockerfiles.git synced 2024-11-28 09:08:50 +02:00
dockerfiles/mosquitto
2017-06-07 18:05:55 +08:00
..
arm fix mosquitto persistence_location 2017-06-07 17:57:25 +08:00
data fix mosquitto persistence_location 2017-06-07 17:57:25 +08:00
docker-compose.yml update mosquitto 2017-05-06 12:59:40 +08:00
Dockerfile update mosquitto tls 2017-05-22 14:48:55 +08:00
README.md update mosquitto 2017-06-07 18:05:55 +08:00

mosquitto

Mosquitto is an open source (BSD licensed) message broker that implements the MQ Telemetry Transport protocol versions 3.1 and 3.1.1.

docker-compose.yml

mosquitto:
  image: vimagick/mosquitto
  ports:
    - "1883:1883"
    - "8080:8080"
    - "8883:8883"
  volumes:
    - ./data/mosquitto.conf:/etc/mosquitto/mosquitto.conf
    - ./data/pwfile:/etc/mosquitto/pwfile
    - ./data:/var/lib/mosquitto
  restart: always

mosquitto.conf

port 1883
log_dest stdout
allow_anonymous false
password_file /etc/mosquitto/pwfile
persistence true
persistence_location /var/lib/mosquitto

###### ENABLE TLS ######
listener 8883
protocol mqtt
capath /etc/ssl/certs
certfile /var/lib/mosquitto/fullchain.pem
keyfile /var/lib/mosquitto/privkey.pem
require_certificate false
  • pwfile is managed by mosquitto_passwd.
  • Two methods to support TLS:
    • You can get free TLS certificates from letsencrypt, capath is needed.
    • Self-signed TLS keys can be generated by openssl, cafile is needed.

It is important to use different certificate subject parameters for your self-signed CA, server and clients.

server

$ mkdir -m 777 data
$ touch data/mosquitto.conf data/pwfile
$ vi data/mosquitto.conf
$ docker-compose up -d
$ docker-compose exec mosquitto sh
>>> cd /etc/mosquitto
>>> mosquitto_passwd -b pwfile username password
>>> cat pwfile
username:$6$IuF7JUzS1k/QoF3y$YpiClom7/==
>>> exit
$ docker-compose restart
$ docker-compose logs -f
Attaching to mosquitto_mosquitto_1
mosquitto_1  | 1478107412: mosquitto version 1.4.8 (build date 2016-05-16 14:17:19+0000) starting
mosquitto_1  | 1478107412: Config loaded from /etc/mosquitto/mosquitto.conf.
mosquitto_1  | 1478107412: Opening ipv4 listen socket on port 8883.
mosquitto_1  | 1478107412: Opening ipv6 listen socket on port 8883.
mosquitto_1  | 1478107437: New connection from 192.168.31.102 on port 8883.
mosquitto_1  | 1478107437: New client connected from 192.168.31.102 as mosqsub/38158-Kevins-Ma (c1, k60).
mosquitto_1  | 1478107585: New client connected from 192.168.31.102 as mosqpub/38324-Kevins-Ma (c1, k60).
mosquitto_1  | 1478107585: Client mosqpub/38324-Kevins-Ma disconnected.

client

$ mosquitto_sub -d -h 192.168.31.231 -p 8883 --cafile ca.crt --insecure -u username -P password -t hello
Client mosqsub/38158-Kevins-Ma sending CONNECT
Client mosqsub/38158-Kevins-Ma received CONNACK
Client mosqsub/38158-Kevins-Ma sending SUBSCRIBE (Mid: 1, Topic: hello, QoS: 0)
Client mosqsub/38158-Kevins-Ma received SUBACK
Subscribed (mid: 1): 0
Client mosqsub/38158-Kevins-Ma sending PINGREQ
Client mosqsub/38158-Kevins-Ma received PINGRESP
received PUBLISH (d0, q0, r0, m0, 'hello', ... (5 bytes))
world
Client mosqsub/38158-Kevins-Ma sending PINGREQ
Client mosqsub/38158-Kevins-Ma received PINGRESP
$ mosquitto_pub -d -h 192.168.31.231 -p 8883 --cafile ca.crt --insecure -u username -P password -t hello -m world
Client mosqpub/38324-Kevins-Ma sending CONNECT
Client mosqpub/38324-Kevins-Ma received CONNACK
Client mosqpub/38324-Kevins-Ma sending PUBLISH (d0, q0, r0, m1, 'hello', ... (5 bytes))
Client mosqpub/38324-Kevins-Ma sending DISCONNECT