MyTetra Share
Делитесь знаниями!
mosquitto_setting
Время создания: 03.12.2024 20:49
Автор: alensav
Текстовые метки: mosquitto_setting
Раздел: MOSQUITT_SETTING
Запись: alensav/MyTetra2/main/base/1733248147ceox7xnyya/text.html на raw.githubusercontent.com

# be used locally to aid authentication. The hint is a free form string that

# doesn't have much meaning in itself, so feel free to be creative.

# If this option is provided, see psk_file to define the pre-shared keys to be

# used or create a security plugin to handle them.

#psk_hint


# When using PSK, the encryption ciphers used will be chosen from the list of

# available PSK ciphers. If you want to control which ciphers are available,

# use the "ciphers" option. The list of available ciphers can be optained

# using the "openssl ciphers" command and should be provided in the same format

# as the output of that command.

#ciphers


# Set use_identity_as_username to have the psk identity sent by the client used

# as its username. Authentication will be carried out using the PSK rather than

# the MQTT username/password and so password_file will not be used for this

# listener.

#use_identity_as_username false



# =================================================================

# Persistence

# =================================================================


# If persistence is enabled, save the in-memory database to disk

# every autosave_interval seconds. If set to 0, the persistence

# database will only be written when mosquitto exits. See also

# autosave_on_changes.

# Note that writing of the persistence database can be forced by

# sending mosquitto a SIGUSR1 signal.

#autosave_interval 1800


# If true, mosquitto will count the number of subscription changes, retained

# messages received and queued messages and if the total exceeds

# autosave_interval then the in-memory database will be saved to disk.

# If false, mosquitto will save the in-memory database to disk by treating

# autosave_interval as a time in seconds.

#autosave_on_changes false


# Save persistent message data to disk (true/false).

# This saves information about all messages, including

# subscriptions, currently in-flight messages and retained

# messages.

# retained_persistence is a synonym for this option.

#persistence false


# The filename to use for the persistent database, not including

# the path.

#persistence_file mosquitto.db


# Location for persistent database.

# Default is an empty string (current directory).

# Set to e.g. /var/lib/mosquitto if running as a proper service on Linux or

# similar.

#persistence_location



# =================================================================

# Logging

# =================================================================


# Places to log to. Use multiple log_dest lines for multiple

# logging destinations.

# Possible destinations are: stdout stderr syslog topic file dlt

#

# stdout and stderr log to the console on the named output.

#

# syslog uses the userspace syslog facility which usually ends up

# in /var/log/messages or similar.

#

# topic logs to the broker topic '$SYS/broker/log/<severity>',

# where severity is one of D, E, W, N, I, M which are debug, error,

# warning, notice, information and message. Message type severity is used by

# the subscribe/unsubscribe log_types and publishes log messages to

# $SYS/broker/log/M/susbcribe or $SYS/broker/log/M/unsubscribe.

#

# The file destination requires an additional parameter which is the file to be

# logged to, e.g. "log_dest file /var/log/mosquitto.log". The file will be

# closed and reopened when the broker receives a HUP signal. Only a single file

# destination may be configured.

#

# The dlt destination is for the automotive `Diagnostic Log and Trace` tool.

# This requires that Mosquitto has been compiled with DLT support.

#

# Note that if the broker is running as a Windows service it will default to

# "log_dest none" and neither stdout nor stderr logging is available.

# Use "log_dest none" if you wish to disable logging.

#log_dest stderr


# Types of messages to log. Use multiple log_type lines for logging

# multiple types of messages.

# Possible types are: debug, error, warning, notice, information,

# none, subscribe, unsubscribe, websockets, all.

# Note that debug type messages are for decoding the incoming/outgoing

# network packets. They are not logged in "topics".

#log_type error

#log_type warning

#log_type notice

#log_type information



# If set to true, client connection and disconnection messages will be included

# in the log.

#connection_messages true


# If using syslog logging (not on Windows), messages will be logged to the

# "daemon" facility by default. Use the log_facility option to choose which of

# local0 to local7 to log to instead. The option value should be an integer

# value, e.g. "log_facility 5" to use local5.

#log_facility


# If set to true, add a timestamp value to each log message.

#log_timestamp true


# Set the format of the log timestamp. If left unset, this is the number of

# seconds since the Unix epoch.

# This is a free text string which will be passed to the strftime function. To

# get an ISO 8601 datetime, for example:

# log_timestamp_format %Y-%m-%dT%H:%M:%S

#log_timestamp_format


# Change the websockets logging level. This is a global option, it is not

# possible to set per listener. This is an integer that is interpreted by

# libwebsockets as a bit mask for its lws_log_levels enum. See the

# libwebsockets documentation for more details. "log_type websockets" must also

# be enabled.

#websockets_log_level 0



# =================================================================

# Security

# =================================================================


# If set, only clients that have a matching prefix on their

# clientid will be allowed to connect to the broker. By default,

# all clients may connect.

# For example, setting "secure-" here would mean a client "secure-

# client" could connect but another with clientid "mqtt" couldn't.

#clientid_prefixes


# Boolean value that determines whether clients that connect

# without providing a username are allowed to connect. If set to

# false then a password file should be created (see the

# password_file option) to control authenticated client access.

#

# Defaults to false, unless there are no listeners defined in the configuration

# file, in which case it is set to true, but connections are only allowed from

# the local machine.

#allow_anonymous false


# -----------------------------------------------------------------

# Default authentication and topic access control

# -----------------------------------------------------------------


# Control access to the broker using a password file. This file can be

# generated using the mosquitto_passwd utility. If TLS support is not compiled

# into mosquitto (it is recommended that TLS support should be included) then

# plain text passwords are used, in which case the file should be a text file

# with lines in the format:

# username:password

# The password (and colon) may be omitted if desired, although this

# offers very little in the way of security.

#

# See the TLS client require_certificate and use_identity_as_username options

# for alternative authentication options. If an auth_plugin is used as well as

# password_file, the auth_plugin check will be made first.

#password_file


# Access may also be controlled using a pre-shared-key file. This requires

# TLS-PSK support and a listener configured to use it. The file should be text

# lines in the format:

# identity:key

# The key should be in hexadecimal format without a leading "0x".

# If an auth_plugin is used as well, the auth_plugin check will be made first.

#psk_file


# Control access to topics on the broker using an access control list

# file. If this parameter is defined then only the topics listed will

# have access.

# If the first character of a line of the ACL file is a # it is treated as a

# comment.

# Topic access is added with lines of the format:

#

# topic [read|write|readwrite|deny] <topic>

#

# The access type is controlled using "read", "write", "readwrite" or "deny".

# This parameter is optional (unless <topic> contains a space character) - if

# not given then the access is read/write. <topic> can contain the + or #

# wildcards as in subscriptions.

#

# The "deny" option can used to explicity deny access to a topic that would

# otherwise be granted by a broader read/write/readwrite statement. Any "deny"

# topics are handled before topics that grant read/write access.

#

# The first set of topics are applied to anonymous clients, assuming

# allow_anonymous is true. User specific topic ACLs are added after a

# user line as follows:

#

# user <username>

#

# The username referred to here is the same as in password_file. It is

# not the clientid.

#

#

# If is also possible to define ACLs based on pattern substitution within the

# topic. The patterns available for substition are:

#

# %c to match the client id of the client

# %u to match the username of the client

#

# The substitution pattern must be the only text for that level of hierarchy.

#

# The form is the same as for the topic keyword, but using pattern as the

# keyword.

# Pattern ACLs apply to all users even if the "user" keyword has previously

# been given.

#

# If using bridges with usernames and ACLs, connection messages can be allowed

# with the following pattern:

# pattern write $SYS/broker/connection/%c/state

#

# pattern [read|write|readwrite] <topic>

#

# Example:

#

# pattern write sensor/%u/data

#

# If an auth_plugin is used as well as acl_file, the auth_plugin check will be

# made first.

#acl_file


# -----------------------------------------------------------------

# External authentication and topic access plugin options

# -----------------------------------------------------------------


# External authentication and access control can be supported with the

# auth_plugin option. This is a path to a loadable plugin. See also the

# auth_opt_* options described below.

#

# The auth_plugin option can be specified multiple times to load multiple

# plugins. The plugins will be processed in the order that they are specified

# here. If the auth_plugin option is specified alongside either of

# password_file or acl_file then the plugin checks will be made first.

#

#auth_plugin


# If the auth_plugin option above is used, define options to pass to the

# plugin here as described by the plugin instructions. All options named

# using the format auth_opt_* will be passed to the plugin, for example:

#

# auth_opt_db_host

# auth_opt_db_port

# auth_opt_db_username

# auth_opt_db_password



# =================================================================

# Bridges

# =================================================================


# A bridge is a way of connecting multiple MQTT brokers together.

# Create a new bridge using the "connection" option as described below. Set

# options for the bridges using the remaining parameters. You must specify the

# address and at least one topic to subscribe to.

#

# Each connection must have a unique name.

#

# The address line may have multiple host address and ports specified. See

# below in the round_robin description for more details on bridge behaviour if

# multiple addresses are used. Note that if you use an IPv6 address, then you

# are required to specify a port.

#

# The direction that the topic will be shared can be chosen by

# specifying out, in or both, where the default value is out.

# The QoS level of the bridged communication can be specified with the next

# topic option. The default QoS level is 0, to change the QoS the topic

# direction must also be given.

#

# The local and remote prefix options allow a topic to be remapped when it is

# bridged to/from the remote broker. This provides the ability to place a topic

# tree in an appropriate location.

#

# For more details see the mosquitto.conf man page.

#

# Multiple topics can be specified per connection, but be careful

# not to create any loops.

#

# If you are using bridges with cleansession set to false (the default), then

# you may get unexpected behaviour from incoming topics if you change what

# topics you are subscribing to. This is because the remote broker keeps the

# subscription for the old topic. If you have this problem, connect your bridge

# with cleansession set to true, then reconnect with cleansession set to false

# as normal.

#connection <name>

#address <host>[:<port>] [<host>[:<port>]]

#topic <topic> [[[out | in | both] qos-level] local-prefix remote-prefix]


# If you need to have the bridge connect over a particular network interface,

# use bridge_bind_address to tell the bridge which local IP address the socket

# should bind to, e.g. `bridge_bind_address 192.168.1.10`

#bridge_bind_address


# If a bridge has topics that have "out" direction, the default behaviour is to

# send an unsubscribe request to the remote broker on that topic. This means

# that changing a topic direction from "in" to "out" will not keep receiving

# incoming messages. Sending these unsubscribe requests is not always

# desirable, setting bridge_attempt_unsubscribe to false will disable sending

# the unsubscribe request.

#bridge_attempt_unsubscribe true


# Set the version of the MQTT protocol to use with for this bridge. Can be one

# of mqttv50, mqttv311 or mqttv31. Defaults to mqttv311.

#bridge_protocol_version mqttv311


# Set the clean session variable for this bridge.

# When set to true, when the bridge disconnects for any reason, all

# messages and subscriptions will be cleaned up on the remote

# broker. Note that with cleansession set to true, there may be a

# significant amount of retained messages sent when the bridge

# reconnects after losing its connection.

# When set to false, the subscriptions and messages are kept on the

# remote broker, and delivered when the bridge reconnects.

#cleansession false


# Set the amount of time a bridge using the lazy start type must be idle before

# it will be stopped. Defaults to 60 seconds.

#idle_timeout 60


# Set the keepalive interval for this bridge connection, in

# seconds.

#keepalive_interval 60


# Set the clientid to use on the local broker. If not defined, this defaults to

# 'local.<clientid>'. If you are bridging a broker to itself, it is important

# that local_clientid and clientid do not match.

#local_clientid


# If set to true, publish notification messages to the local and remote brokers

# giving information about the state of the bridge connection. Retained

# messages are published to the topic $SYS/broker/connection/<clientid>/state

# unless the notification_topic option is used.

# If the message is 1 then the connection is active, or 0 if the connection has

# failed.

# This uses the last will and testament feature.

#notifications true


# Choose the topic on which notification messages for this bridge are

# published. If not set, messages are published on the topic

# $SYS/broker/connection/<clientid>/state

#notification_topic


# Set the client id to use on the remote end of this bridge connection. If not

# defined, this defaults to 'name.hostname' where name is the connection name

# and hostname is the hostname of this computer.

# This replaces the old "clientid" option to avoid confusion. "clientid"

# remains valid for the time being.

#remote_clientid


# Set the password to use when connecting to a broker that requires

# authentication. This option is only used if remote_username is also set.

# This replaces the old "password" option to avoid confusion. "password"

# remains valid for the time being.

#remote_password


# Set the username to use when connecting to a broker that requires

# authentication.

# This replaces the old "username" option to avoid confusion. "username"

# remains valid for the time being.

#remote_username


# Set the amount of time a bridge using the automatic start type will wait

# until attempting to reconnect.

# This option can be configured to use a constant delay time in seconds, or to

# use a backoff mechanism based on "Decorrelated Jitter", which adds a degree

# of randomness to when the restart occurs.

#

# Set a constant timeout of 20 seconds:

# restart_timeout 20

#

# Set backoff with a base (start value) of 10 seconds and a cap (upper limit) of

# 60 seconds:

# restart_timeout 10 30

#

# Defaults to jitter with a base of 5 and cap of 30

#restart_timeout 5 30


# If the bridge has more than one address given in the address/addresses

# configuration, the round_robin option defines the behaviour of the bridge on

# a failure of the bridge connection. If round_robin is false, the default

# value, then the first address is treated as the main bridge connection. If

# the connection fails, the other secondary addresses will be attempted in

# turn. Whilst connected to a secondary bridge, the bridge will periodically

# attempt to reconnect to the main bridge until successful.

# If round_robin is true, then all addresses are treated as equals. If a

# connection fails, the next address will be tried and if successful will

# remain connected until it fails

#round_robin false


# Set the start type of the bridge. This controls how the bridge starts and

# can be one of three types: automatic, lazy and once. Note that RSMB provides

# a fourth start type "manual" which isn't currently supported by mosquitto.

#

# "automatic" is the default start type and means that the bridge connection

# will be started automatically when the broker starts and also restarted

# after a short delay (30 seconds) if the connection fails.

#

# Bridges using the "lazy" start type will be started automatically when the

# number of queued messages exceeds the number set with the "threshold"

# parameter. It will be stopped automatically after the time set by the

# "idle_timeout" parameter. Use this start type if you wish the connection to

# only be active when it is needed.

#

# A bridge using the "once" start type will be started automatically when the

# broker starts but will not be restarted if the connection fails.

#start_type automatic


# Set the number of messages that need to be queued for a bridge with lazy

# start type to be restarted. Defaults to 10 messages.

# Must be less than max_queued_messages.

#threshold 10


# If try_private is set to true, the bridge will attempt to indicate to the

# remote broker that it is a bridge not an ordinary client. If successful, this

# means that loop detection will be more effective and that retained messages

# will be propagated correctly. Not all brokers support this feature so it may

# be necessary to set try_private to false if your bridge does not connect

# properly.

#try_private true


# Some MQTT brokers do not allow retained messages. MQTT v5 gives a mechanism

# for brokers to tell clients that they do not support retained messages, but

# this is not possible for MQTT v3.1.1 or v3.1. If you need to bridge to a

# v3.1.1 or v3.1 broker that does not support retained messages, set the

# bridge_outgoing_retain option to false. This will remove the retain bit on

# all outgoing messages to that bridge, regardless of any other setting.

#bridge_outgoing_retain true


# If you wish to restrict the size of messages sent to a remote bridge, use the

# bridge_max_packet_size option. This sets the maximum number of bytes for

# the total message, including headers and payload.

# Note that MQTT v5 brokers may provide their own maximum-packet-size property.

# In this case, the smaller of the two limits will be used.

# Set to 0 for "unlimited".

#bridge_max_packet_size 0



# -----------------------------------------------------------------

# Certificate based SSL/TLS support

# -----------------------------------------------------------------

# Either bridge_cafile or bridge_capath must be defined to enable TLS support

# for this bridge.

# bridge_cafile defines the path to a file containing the

# Certificate Authority certificates that have signed the remote broker

# certificate.

# bridge_capath defines a directory that will be searched for files containing

# the CA certificates. For bridge_capath to work correctly, the certificate

# files must have ".crt" as the file ending and you must run "openssl rehash

# <path to capath>" each time you add/remove a certificate.

#bridge_cafile

#bridge_capath



# If the remote broker has more than one protocol available on its port, e.g.

# MQTT and WebSockets, then use bridge_alpn to configure which protocol is

# requested. Note that WebSockets support for bridges is not yet available.

#bridge_alpn


# When using certificate based encryption, bridge_insecure disables

# verification of the server hostname in the server certificate. This can be

# useful when testing initial server configurations, but makes it possible for

# a malicious third party to impersonate your server through DNS spoofing, for

# example. Use this option in testing only. If you need to resort to using this

# option in a production environment, your setup is at fault and there is no

# point using encryption.

#bridge_insecure false


# Path to the PEM encoded client certificate, if required by the remote broker.

#bridge_certfile


# Path to the PEM encoded client private key, if required by the remote broker.

#bridge_keyfile


# -----------------------------------------------------------------

# PSK based SSL/TLS support

# -----------------------------------------------------------------

# Pre-shared-key encryption provides an alternative to certificate based

# encryption. A bridge can be configured to use PSK with the bridge_identity

# and bridge_psk options. These are the client PSK identity, and pre-shared-key

# in hexadecimal format with no "0x". Only one of certificate and PSK based

# encryption can be used on one

# bridge at once.

#bridge_identity

#bridge_psk



# =================================================================

# External config files

# =================================================================


# External configuration files may be included by using the

# include_dir option. This defines a directory that will be searched

# for config files. All files that end in '.conf' will be loaded as

# a configuration file. It is best to have this as the last option

# in the main file. This option will only be processed from the main

# configuration file. The directory specified must not contain the

# main configuration file.

# Files within include_dir will be loaded sorted in case-sensitive

# alphabetical order, with capital letters ordered first. If this option is

# given multiple times, all of the files from the first instance will be

# processed before the next instance. See the man page for examples.

#include_dir

orangepi@Orangepi:/etc/mosquitto$

=======================================

# может использоваться локально для помощи в аутентификации. Подсказка представляет собой строку свободной формы, которая

сама по себе не имеет особого смысла, поэтому не стесняйтесь проявлять креативность.


# Если эта опция предоставлена, см. psk_file, чтобы определить предварительные общие ключи, которые


# будут использоваться, или создайте плагин безопасности для их обработки.


#psk_hint


# При использовании PSK используемые шифры шифрования будут выбираться из списка

# доступных шифров PSK. Если вы хотите контролировать, какие шифры доступны,

# используйте опцию "ciphers". Список доступных шифров можно получить

# с помощью команды "openssl ciphers" и он должен быть предоставлен в том же формате,

# что и вывод этой команды.


#ciphers


# Установите use_identity_as_username, чтобы идентификатор psk, отправленный клиентом,

# использовался в качестве его имени пользователя. Аутентификация будет выполняться с использованием PSK, а не

# имени пользователя/пароля MQTT, поэтому password_file не будет использоваться для этого

# прослушивателя.


# use_identity_as_username false


# ==========================================================================

# Сохранение

# =================================================================


# Если сохранение включено, сохраняйте базу данных в памяти на диске

# каждые autosave_interval секунд. Если установлено значение 0, база данных сохранения

# будет записана только при выходе из mosquitto. См. также

# autosave_on_changes.

# Обратите внимание, что запись базы данных сохранения может быть принудительно

# отправлена ​​mosquitto сигнала SIGUSR1.#autosave_interval 1800


# Если true, mosquitto будет подсчитывать количество изменений подписки, сохраненных

# полученных сообщений и сообщений в очереди, и если общее количество превысит

# autosave_interval, то база данных в памяти будет сохранена на диске.

# Если false, mosquitto сохранит базу данных в памяти на диске, обрабатывая

# autosave_interval как время в секундах.

#autosave_on_changes false


# Сохраняет данные постоянных сообщений на диске (true/false).

# Это сохраняет информацию обо всех сообщениях, включая

# подписки, текущие сообщения в полете и сохраненные

# сообщения.

# remained_persistence — синоним этого параметра.

#persistence false


# Имя файла для использования для постоянной базы данных, не включая

# путь.

#persistence_file mosquitto.db


# Расположение постоянной базы данных.

# По умолчанию — пустая строка (текущий каталог).


# Установите, например, /var/lib/mosquitto, если запущен как надлежащая служба в Linux или

# подобном.

#persistence_location


# ==========================================================================

# Ведение журнала

# ==================================================================


# Места для ведения журнала. Используйте несколько строк log_dest для нескольких

# мест назначения журналирования.

# Возможные места назначения: stdout stderr syslog topic file dlt

#

# stdout и stderr log на консоль в указанном выводе.

#

# syslog использует средство syslog пользовательского пространства, которое обычно заканчивается

# в /var/log/messages или подобном.

#

# тема регистрируется в теме брокера '$SYS/broker/log/<severity>',

# где серьезность — это одно из значений D, E, W, N, I, M, которые являются отладкой, ошибкой,

# предупреждением, уведомлением, информацией и сообщением.Тип сообщения используется

# log_types подписки/отписки и публикует сообщения журнала в

# $SYS/broker/log/M/susbcribe или $SYS/broker/log/M/unsubscribe.

#

# Для назначения файла требуется дополнительный параметр, который является файлом, в который

# будет вестись журнал, например, "log_dest file /var/log/mosquitto.log". Файл будет

# закрыт и повторно открыт, когда брокер получит сигнал HUP. Можно настроить только одно назначение файла.

#

# Назначение dlt предназначено для автомобильного инструмента `Diagnostic Log and Trace`.

# Для этого требуется, чтобы Mosquitto был скомпилирован с поддержкой DLT.

#

# Обратите внимание, что если брокер работает как служба Windows, то по умолчанию будет

# "log_dest none", и ни stdout, ни stderr не будут доступны.

# Используйте "log_dest none", если хотите отключить ведение журнала.

#log_dest stderr


# Типы сообщений для ведения журнала. Используйте несколько строк log_type для ведения журнала

# нескольких типов сообщений.

# Возможные типы: debug, error, warning, notification, information,

# none, subscribe, unsubscribe, websockets, all.

# Обратите внимание, что сообщения типа debug предназначены для декодирования входящих/исходящих

# сетевых пакетов. Они не регистрируются в "topics".

#log_type error

#log_type warning

#log_type notification

#log_type information


# Если установлено значение true, сообщения о подключении и отключении клиента будут включены

# в журнал.

#connection_messages true


# Если используется ведение журнала syslog (не в Windows), сообщения будут регистрироваться в

# "daemon" по умолчанию. Используйте параметр log_facility, чтобы выбрать,

# в какой из local0-local7 следует вести журнал.

 
MyTetra Share v.0.65
Яндекс индекс цитирования