31 lines
820 B
Plaintext
31 lines
820 B
Plaintext
log_dest stdout
|
|
|
|
persistence true
|
|
persistence_location /opt/data/
|
|
|
|
listener 1883
|
|
protocol mqtt
|
|
#allow_anonymous true
|
|
allow_anonymous false
|
|
|
|
listener 8883
|
|
protocol mqtt
|
|
#allow_anonymous true
|
|
allow_anonymous false
|
|
certfile /etc/letsencrypt/live/DOMAIN/fullchain.pem
|
|
keyfile /etc/letsencrypt/live/DOMAIN/privkey.pem
|
|
dhparamfile /opt/etc/mosquitto/dh.pem
|
|
tls_version tlsv1.2
|
|
|
|
auth_plugin /opt/lib/go-auth.so
|
|
auth_opt_log_dest stdout
|
|
auth_opt_log_level debug
|
|
auth_opt_backends mysql
|
|
auth_opt_mysql_host mariadb
|
|
auth_opt_mysql_port 3306
|
|
auth_opt_mysql_dbname mosquittoauth
|
|
auth_opt_mysql_user mosquittoauth
|
|
auth_opt_mysql_password xxx
|
|
auth_opt_mysql_allow_native_passwords true
|
|
auth_opt_mysql_userquery SELECT pw FROM users WHERE username = ?
|
|
auth_opt_mysql_aclquery SELECT topic FROM acls WHERE username = ? AND (rw & ?) != 0 |