Mosquitto: Difference between revisions
imported>Onny mNo edit summary |
imported>Onny m Fix password authentication example |
||
| Line 27: | Line 27: | ||
=== Password authentication === | === Password authentication === | ||
The following command will generate a hashed | The following command will generate a hashed password for the user <code>root</code> into the file <code>/tmp/passwd</code>. | ||
<syntaxHighlight lang="bash"> | <syntaxHighlight lang="bash"> | ||
nix shell nixpkgs#mosquitto --command mosquitto_passwd -c /tmp/passwd root | |||
cat /tmp/passwd | |||
# root:$7$101$KIGAc4K4Pj2zfump$a1s19bL++vN7RlUqJne869JZepEditIOTDPrmaRG2Jlg37/uNJcLzxjk6n5adwbc7COd3eyXuJ7T+CEI+wwxvQ== | |||
</syntaxHighlight> | </syntaxHighlight> | ||
Change the Mosquitto listeners configuration by addming a user, in this example called <code>root</code> with the hased password | Use the hash after <code>root:</code> for the following configuration. | ||
Change the Mosquitto listeners configuration by addming a user, in this example called <code>root</code> with the hased password. | |||
<syntaxHighlight lang="nix"> | <syntaxHighlight lang="nix"> | ||
| Line 53: | Line 57: | ||
== Usage == | == Usage == | ||
Testing the server is possible by running a listening comand | Testing the server is possible by running a listening comand. We also supply username <code>root</code> and password <code>mypasswd</code> from above. | ||
<syntaxHighlight lang="bash"> | <syntaxHighlight lang="bash"> | ||
nix shell nixpkgs#mosquitto --command mosquitto_sub -h localhost -t test | nix shell nixpkgs#mosquitto --command mosquitto_sub -h localhost -t test -u root -p mypasswd | ||
</syntaxHighlight> | </syntaxHighlight> | ||
| Line 62: | Line 66: | ||
<syntaxHighlight lang="bash"> | <syntaxHighlight lang="bash"> | ||
nix shell nixpkgs#mosquitto --command mosquitto_pub -h localhost -t test -m "Hello" | nix shell nixpkgs#mosquitto --command mosquitto_pub -h localhost -t test -m "Hello" -u root -p mypasswd | ||
</syntaxHighlight> | </syntaxHighlight> | ||
[[Category:Applications]] | [[Category:Applications]] | ||
Revision as of 11:21, 1 April 2023
Mosquitto is an open source message broker that implements the MQTT protocol, a lightweight and popular communication method for the Internet of Things (IoT). Mosquitto supports MQTT versions 5.0, 3.1.1 and 3.1, and can run on various devices, from low power single board computers to full servers.
Setup
The following setup enables a local Mosquitto server listening on port 1883, allowing anonymous access for demonstration purpose.
mosquitto = {
enable = true;
listeners = [
{
acl = [ "pattern readwrite #" ];
omitPasswordAuth = true;
settings.allow_anonymous = true;
}
];
};
networking.firewall = {
enable = true;
allowedTCPPorts = [ 1883 ];
};
Configuration
Password authentication
The following command will generate a hashed password for the user root into the file /tmp/passwd.
nix shell nixpkgs#mosquitto --command mosquitto_passwd -c /tmp/passwd root
cat /tmp/passwd
# root:$7$101$KIGAc4K4Pj2zfump$a1s19bL++vN7RlUqJne869JZepEditIOTDPrmaRG2Jlg37/uNJcLzxjk6n5adwbc7COd3eyXuJ7T+CEI+wwxvQ==
Use the hash after root: for the following configuration.
Change the Mosquitto listeners configuration by addming a user, in this example called root with the hased password.
mosquitto = {
enable = true;
listeners = [
{
users.root = {
acl = [
"readwrite #"
];
hashedPassword = "$6$arZ0Sf.HKZGgSBRR$/cAB1gB4P9JQzZ6cEnIWbPNlit.PYQsbRTaRmfUsBePOtPN6P/L7TWNMaeFc2YTT904loeC3Xq3Qpdzxgen9Y/==";
};
}
];
};
Usage
Testing the server is possible by running a listening comand. We also supply username root and password mypasswd from above.
nix shell nixpkgs#mosquitto --command mosquitto_sub -h localhost -t test -u root -p mypasswd
and sending on a different shell a message which should be received by the command above
nix shell nixpkgs#mosquitto --command mosquitto_pub -h localhost -t test -m "Hello" -u root -p mypasswd