MQTT - mosquitto

1. installation

yum -y install mosquitto

2. configuration

> /etc/mosquitto/mosquitto.conf
vi /etc/mosquitto/mosquitto.conf

#
listener 8083
protocol websockets
listener 1883
protocol mqtt
#
persistent_client_expiration 1d
autosave_interval 60
persistence true
persistence_file mosquitto.db
persistence_location /var/lib/mosquitto/
#
allow_anonymous false
password_file /etc/mosquitto/passwd
#
sys_interval 1
#log_dest file /var/log/mosquitto/mosquitto.log
log_dest syslog
#log_type error
#log_type warning
log_type notice
#log_type information
#log_type all
log_facility 5
log_timestamp true
log_timestamp_format %Y%m%d %H:%M:%S
#
include_dir /etc/mosquitto/conf.d/

mkdir -p /etc/mosquitto/conf.d /var/lib/mosquitto /var/log/mosquitto
chown mosquitto:mosquitto /var/lib/mosquitto/ /var/log/mosquitto/

> /etc/mosquitto/passwd
userid="admin"
passwd="Passw0rd"
echo -en "${passwd}\n${passwd}\n" | mosquitto_passwd /etc/mosquitto/passwd "${userid}"

3. service

systemctl enable --now mosquitto.service

4. testing

mosquitto_sub -h localhost -u admin -P Passw0rd -t '$SYS/#' -d

Client mosq-o1ZMoPCqvNic9do3vS sending CONNECT
Client mosq-o1ZMoPCqvNic9do3vS received CONNACK (0)
Client mosq-o1ZMoPCqvNic9do3vS sending SUBSCRIBE (Mid: 1, Topic: #, QoS: 0, Options: 0x00)
Client mosq-o1ZMoPCqvNic9do3vS received SUBACK
Subscribed (mid: 1): 0
Client mosq-kgdz2cdcK9EnVkzaWC sending PINGREQ
Client mosq-kgdz2cdcK9EnVkzaWC received PINGRESP
Client mosq-kgdz2cdcK9EnVkzaWC sending PINGREQ
Client mosq-kgdz2cdcK9EnVkzaWC received PINGRESP
Client mosq-kgdz2cdcK9EnVkzaWC sending PINGREQ
Client mosq-kgdz2cdcK9EnVkzaWC received PINGRESP
///
<ctrl-c>

5. certificate keys

rm -fr /etc/mosquitto/keys/ /tmp/keys/
mkdir /etc/mosquitto/keys /tmp/keys
curl -ns http://d01cid.ddns.net/sharel/etc/mosquitto/keys/keys-3.0.tgz | tar xz -C /tmp/keys/
mv /tmp/keys/ca.crt /etc/mosquitto/keys/
mv /tmp/keys/dh2048.pem /etc/mosquitto/keys/
mv /tmp/keys/issued/server.crt /etc/mosquitto/keys/
mv /tmp/keys/private/server.key /etc/mosquitto/keys/
rm -fr /tmp/keys/

listener 1883 localhost

listener 8883
cafile /etc/mosquitto/keys/ca.crt
certfile /etc/mosquitto/keys/server.crt
keyfile /etc/mosquitto/keys/server.key

6. from a workstation

mosquitto_sub -h srv122 -p 8883 -u admin -P Passw0rd -t '$SYS/#' -d --cafile etc/mosquitto/ca.crt