MQTT服务器的搭建

通过yum安装mosquitto(读音:[məˈskiːtoʊ])
[root@localhost ~]# yum install -y mosquitto
 
 
 
配置mosquitto,主要是禁止匿名连接(默认允许)以及指定密码文件,顺便开启websocket(服务端口为3881)
[root@localhost ~]# vim /etc/mosquitto/mosquitto.conf
…………(此处省略内容若干)…………
 
# =================================================================
# Default listener
# =================================================================
 
# IP address/hostname to bind the default listener to. If not
# given, the default listener will not be bound to a specific
# address and so will be accessible to all network interfaces.
# bind_address ip-address/host name
#bind_address
 
# Port to use for the default listener.
port 1883
 
# Bind the listener to a specific interface. This is similar to
# bind_address above but is useful when an interface has multiple addresses or
# the address may change. It is valid to use this with the bind_address option,
# but take care that the interface you are binding to contains the address you
# are binding to, otherwise you will not be able to connect.
# Example: bind_interface eth0
#bind_interface
 
# When a listener is using the websockets protocol, it is possible to serve
# http data as well. Set http_dir to a directory which contains the files you
# wish to serve. If this option is not specified, then no normal http
# connections will be possible.
#http_dir
 
# The maximum number of client connections to allow. This is
# a per listener setting.
# Default is -1, which means unlimited connections.
# Note that other process limits mean that unlimited connections
# are not really possible. Typically the default maximum number of
# connections possible is around 1024.
#max_connections -1
 
# Choose the protocol to use when listening.
# This can be either mqtt or websockets.
# Websockets support is currently disabled by default at compile time.
# Certificate based TLS may be used with websockets, except that
# only the cafile, certfile, keyfile and ciphers options are supported.
protocol mqtt
 
…………(此处省略内容若干)…………
 
# =================================================================
# Extra listeners
# =================================================================
 
# Listen on a port/ip address combination. By using this variable
# multiple times, mosquitto can listen on more than one port. If
# this variable is used and neither bind_address nor port given,
# then the default listener will not be started.
# The port number to listen on must be given. Optionally, an ip
# address or host name may be supplied as a second argument. In
# this case, mosquitto will attempt to bind the listener to that
# address and so restrict access to the associated network and
# interface. By default, mosquitto will listen on all interfaces.
# Note that for a websockets listener it is not possible to bind to a host
# name.
# listener port-number [ip address/host name]
listener 3881
 
# Bind the listener to a specific interface. This is similar to
# the [ip address/host name] part of the listener definition, but is useful
# when an interface has multiple addresses or the address may change. It is
# valid to use this with the [ip address/host name] part of the listener
# definition, but take care that the interface you are binding to contains the
# address you are binding to, otherwise you will not be able to connect.
# Only available on Linux and requires elevated privileges.
#
# Example: bind_interface eth0
#bind_interface
 
# When a listener is using the websockets protocol, it is possible to serve
# http data as well. Set http_dir to a directory which contains the files you
# wish to serve. If this option is not specified, then no normal http
# connections will be possible.
#http_dir
 
# The maximum number of client connections to allow. This is
# a per listener setting.
# Default is -1, which means unlimited connections.
# Note that other process limits mean that unlimited connections
# are not really possible. Typically the default maximum number of
# connections possible is around 1024.
#max_connections -1
 
# The listener can be restricted to operating within a topic hierarchy using
# the mount_point option. This is achieved be prefixing the mount_point string
# to all topics for any clients connected to this listener. This prefixing only
# happens internally to the broker; the client will not see the prefix.
#mount_point
 
# Choose the protocol to use when listening.
# This can be either mqtt or websockets.
# Certificate based TLS may be used with websockets, except that only the
# cafile, certfile, keyfile and ciphers options are supported.
protocol websockets
 
…………(此处省略内容若干)…………
 
# =================================================================
# Security
# =================================================================
 
# If set, only clients that have a matching prefix on their
# clientid will be allowed to connect to the broker. By default,
# all clients may connect.
# For example, setting "secure-" here would mean a client "secure-
# client" could connect but another with clientid "mqtt" couldn't.
#clientid_prefixes
 
# Boolean value that determines whether clients that connect
# without providing a username are allowed to connect. If set to
# false then a password file should be created (see the
# password_file option) to control authenticated client access.
#
# Defaults to true if no other security options are set. If `password_file` or
# `psk_file` is set, or if an authentication plugin is loaded which implements
# username/password or TLS-PSK checks, then `allow_anonymous` defaults to
# false.
#
allow_anonymous false
 
# -----------------------------------------------------------------
# Default authentication and topic access control
# -----------------------------------------------------------------
 
# Control access to the broker using a password file. This file can be
# generated using the mosquitto_passwd utility. If TLS support is not compiled
# into mosquitto (it is recommended that TLS support should be included) then
# plain text passwords are used, in which case the file should be a text file
# with lines in the format:
# username:password
# The password (and colon) may be omitted if desired, although this
# offers very little in the way of security.
#
# See the TLS client require_certificate and use_identity_as_username options
# for alternative authentication options. If an auth_plugin is used as well as
# password_file, the auth_plugin check will be made first.
password_file /etc/mosquitto/pwfile
 
…………(此处省略内容若干)…………
[root@localhost ~]#
 
 
 
创建用户
[root@localhost ~]# cp /etc/mosquitto/pwfile.example /etc/mosquitto/pwfile
[root@localhost ~]# mosquitto_passwd -c /etc/mosquitto/pwfile 用户名
Password: **********
Reenter password: **********
[root@localhost ~]# systemctl restart mosquitto
 
 
 
mosquitto服务管理命令
[root@localhost ~]# systemctl status mosquitto
[root@localhost ~]# systemctl restart mosquitto
[root@localhost ~]# systemctl enable mosquitto

Copyright © 2024 码农人生. All Rights Reserved