CentOS7 内网安装mosquitto
目录
说明:
依赖需求:
安装mosquitto
新增用户
设置用户权限
说明:
mosquitto是一款实现了消息推送协议 MQTT v3.1 的开源消息代理软件,Mosquitto轻量,适用于低功耗单板计算机到完整服务器的所有设备。Mosquitto项目还提供了用于实现MQTT客户端的C库以及非常受欢迎的mosquitto_pub和mosquitto_sub命令行MQTT客户端。
最近有IOT方向开发的需求,MQTT就选用了mosquitto:
下载地址:Download | Eclipse Mosquitto
依赖需求:
1 gcc gcc-c++ libstdc++-devel
2 openssl-devel
3 c-ares-devel
4 uuid-devel
5 libuuid-devel
6 cJSON
具体的依赖可以从RPM resource readline-devel 上查找对应的版本然后上传到堡垒机
通过
cat /proc/version
此命令可以查看正在运行的内核版本信息。,然后根据信息选择对应的版本
因为涉及到make的指令,所以g++也需要安装。
RPM resource上下载的都是rpm包,使用 rpm -i(-ivh) 进行安装,过程中出现循环依赖可参考:CentOS离线安装gcc(循环依赖、冲突解决) - 知乎
安装mosquitto:
下载源码包:
https://mosquitto.org/files/source/mosquitto-2.0.15.tar.gz.asc
解压包:
tar -zxvf mosquitto-2.0.15.tar.gz进入包中make:
cd mosquitto-2.0.15
make && make install
cd /etc/mosquitto复制mosquitto的配置文件:
cp mosquitto.conf.example mosquitto.conf
启动测试:
# 测试启动服务 mosquitto -c /etc/mosquitto/mosquitto.conf #测试pub mosquitto_pub --help
新增用户:
修改mosquitto.conf 配置文件
3 # into mosquitto (it is recommended that TLS support should be included) then
4 # plain text passwords are used, in which case the file should be a text file
5 # with lines in the format:
6 # username:password
7 # The password (and colon) may be omitted if desired, although this
8 # offers very little in the way of security.
9 #
10 # See the TLS client require_certificate and use_identity_as_username options
11 # for alternative authentication options. If an auth_plugin is used as well as
12 # password_file, the auth_plugin check will be made first.
13 #打开password_file
password_file /etc/mosquitto/pwfile 创建用户密码
1 mosquitto_passwd -c /etc/mosquitto/pwfile testa
2
3 mosquitto_passwd -c /etc/mosquitto/pwfile testb 重启生效。
设置用户权限:
testa只能订阅/req/#主题、发布/res/#主题,testb正好相反
修改mosquitto.conf:
# The form is the same as for the topic keyword, but using pattern as the
# keyword.
# Pattern ACLs apply to all users even if the "user" keyword has previously
# been given.
#
# If using bridges with usernames and ACLs, connection messages can be allowed
# with the following pattern:
# pattern write $SYS/broker/connection/%c/state
#
# pattern [read|write|readwrite] <topic>
#
# Example:
#
# pattern write sensor/%u/data
#
# If an auth_plugin is used as well as acl_file, the auth_plugin check will be
# made first.
acl_file /etc/mosquitto/aclfile修改aclfile:
cd /etc/mosquitto
cp aclfile.example aclfile
vi aclfile 1 # This affects access control for clients with no username.
2 topic read $SYS/#
3
4 # This only affects clients with username "roger".
5 user roger
6 topic foo/bar
7
8
9 # This affects all clients.
10 pattern write $SYS/broker/connection/%c/state
11
12
13 user testa
14 topic write /req/#
15 topic read /res/#
16
17 user testb
18 topic read /req/#
19 topic write /res/#
重启生效。